BBC Bitcoin mining report used in crypto-scam

Chiranjeevi lives in Hyderabad, India, with his young family.

He is a smiley, glass-half-full kind of guy – naturally positive and full of energy.

He’s smart, too, and works in an Indian tech company.

He’s the least likely person, you’d think, to fall victim to an online scam.

Yet in October he was defrauded out of his life’s savings – $4,000 (£3,000).

He couldn’t believe it.

“I was so stressed. I was just lost. I told my wife and she said, ‘I thought you were intelligent. How did you lose so much money?'”

He messaged me in late October out of the blue, telling me what had happened.

He wasn’t just telling me about the deception, though. He was warning me.

Because central to the scam was a distorted version of my reporting.

Earlier this year I was given access to a Bitcoin mine in New York state. I made a report about it – focused on how mining Bitcoin produces carbon emissions.

However, that is not the report that Chiranjeevi saw.

On 18 October he joined a Telegram channel called B2C Mining.

Telegram is an encrypted messaging service, like WhatsApp, but with “channels”, which can feel more like a Facebook group.

The B2C Mining channel claimed to be part of a company that owned and operated a Bitcoin mine in Russia.

At the top of the group, pinned to the channel, was my report… only it wasn’t quite my report.

It had been altered, cutting out anything to do with climate change, and suggesting that the mine I had reported on was in fact the channel’s.

“I thought it was very genuine,” Chiranjeevi says. “That is what allured me”.

“I thought that you had visited the mining company,” he told me. “I’ve been seeing the BBC since I was a kid, and it has a reputation all over the world.”

There were other videos, too – of happy customers who had made money. People had also posted the gains they had made.

Chiranjeevi was intrigued.

The company claimed to mine crypto-currencies by request – with amazing profits.

“They said they would mine them for 24 hours, and they could make you around 20-to-40%, depending on the type of crypto-coin,” Chiranjeevi said.

The group had nearly 3,000 members. Surely so many people couldn’t be wrong? He decided to give it a whirl.

He began speaking to the channel admin privately – someone who claimed to be the chief executive of B2C Mining – Vadmir Peavsky.

Vadmir Peavsky is not a real person, but we’ll get on to that.

Peavsky told Chiranjeevi that if he were to send him over $160 they would mine a type of crypto-currency for 24 hours.

Twenty-four hours later, his investment was returned with interest. Chiranjeevi had made about $40. He couldn’t believe how simple it was.

“It was easy money,” he says.

Chiranjeevi lives in a flat. He’s comfortable enough. However, he has bigger dreams. He wants to live in a house, and he wants to put his children through university.

Those dreams suddenly seemed attainable. He now had a side hustle, a second income, almost, investing in crypto-mining.

He decided to raise the stakes.

This time he decided to give Peavsky $250 in a crypto-currency called Tron. In five days he was hoping for some hefty returns.

However, as the mining started, Peavsky began to message with bad news. The mining had run into problems. Peavsky needed more money to fix them.

And if Chiranjeevi didn’t pay, he might lose his investment.

“I fell into his trap” he says.

It wasn’t the last request. The problems kept coming. More money was needed to keep the mining going, to save his initial investment. There’s a point in the exchange where you think Chiranjeevi has worked it out…

Chiranjeevi was starting to panic.

But he was in too far. He’d run through his entire savings and was now borrowing money from his family. But even then, he made one last payment, hoping, praying, it was real.

It wasn’t.

“The fallacy of sunk costs, time pressure, good cop/bad cop… It’s a classic scam,” says Jessica Barker, author of Confident Cyber Security.

Barker says Telegram’s end-to-end encryption, combined with a growth in users, has attracted more and more scammers to the platform.

As part of my research into the group I found another man who had been deceived. It took a bit of time for him to speak to me, and he did so on condition of anonymity.

The student, who is 19 and also from India, told me he lost his and his family’s savings.

He wanted to mine at a lower scale, initially with $15.

Peavsky began to pressure him to invest more. “Can’t you borrow money from family and friends?” he said.

Eventually the student did. He promised the people he loved he could give them big returns in exchange for their rupees.

But to his horror, the “just one more” payment requests started coming. If he didn’t pay within a certain time frame, his entire investment was to be forfeited.

He borrowed more money, eventually giving Peavsky $400 – a huge amount to him.

The student began to realise that it was a scam. Terrified, he began to beg Peavsky to give him his money back.

Finally, Peavsky asked him, as if it were a ransom video, to upload a clip of him saying how pleased he was with the service.

It helps to explain why there were so many positive videos on the group channel: some had been made under duress.

The student told me he felt suicidal after that final exchange.

I had many questions about the scam, but the most obvious was: who is Vadmir Peavsky?

I first started with the company that Mr Peavsky claimed to run – B2C Mining. This is a real company, based in Almaty, Kazakhstan. But it’s not run by Vadmir Peavksy.

The company builds Bitcoin mines for clients, and repairs machinery. Some of their pictures and branding had been used on the Telegram channel.

“We don’t have any Telegram channels and we don’t sell any crypto-currency,” Vladimir Ligai, who works at the company, told me.

The scammers used this picture, taken from social media, claiming it was part of their mine. They also used the B2C logo and name.

He says he’d never heard of Vadmir Peavsky.

That may well be because Vadmir Peavsky is not a real name.

We know that, because the pictures of Mr Peavsky used on the Telegram channel actually belong to a man called Vladimir Paevskiy – a subtle but important difference in spelling.

Vladimir Paevskiy is real. He’s 34 and from Moscow. He is a crypto-investor and has more than one million followers on Instagram. He regularly shares pictures of himself standing in front of crypto-mining equipment.

I eventually managed to speak to him.

Vladimir Peavskiy told the BBC his identity had also been taken by the scammers.

“The scammers have taken my pictures from Instagram,” he says.

So who took Vladimir Paevskiy’s identity?

Both of the scam victims I spoke to paid Peavsky using different crypto-currencies.

To do this, they needed to send the money into the scammer’s digital wallet, which has a specific ID number.

“Frank” works for Whale Alert, an organisation that monitors crypto-transactions. He’s an expert at monitoring and analysing crypto-scams. He’s asked us not to use his surname.

“These are not pros,” says Frank.

They had used the same wallet over and over again, some 60 payments being made into one account alone.

In total, he found $25,000 had been scammed by the group. There’s likely to be more that Frank could not find, too.

The scammers were making money but they had been sloppy.

The group redirected the crypto they had convinced people to pay them into several crypto-exchanges, where the currencies can be swapped for cash.

Two of the exchanges were based in India – bitbns.com and wazirx.com.

“Why would anybody from Russia transfer to an Indian exchange to trade crypto for rupees?” Frank says. “My guess is that these scammers are not from Russia, but from India.”

“Peavsky is almost certainly not one person. It is an organised criminal gang,” he says.

Chiranjeevi always thought he was talking to a Russian. The scam was so convincing that even now when you tell him that Peavsky isn’t a real person, he can’t quite believe it.

That the scammers are likely to be from India is good news for the victims.

“In theory, there is no reason that the Indian authorities can’t find these people and the money be returned,” says Frank.

The information Frank collected has been handed over to the national cyber-crime department of the Indian Ministry of Home Affairs.

These kinds of scams can have devastating impacts on victims and families. And the scale at which they operate is vast.

The day I interviewed Frank, he had personally seen $58,000 being sent to suspect crypto-wallets. It is fraud on an industrial scale.

Chiranjeevi still can’t believe he was scammed. Such was the stress he was under during the five-day mining process, he says he was almost relieved when he finally worked out it was a scam.

“My wife forgave me,” he says.

Not all families and friends are so understanding.

As for the student, he says he is no longer suicidal, but he hasn’t told the people he borrowed from that he’s lost their money.

He’s now working evenings to try to earn the money to pay them back. He says it’s affecting his studies, but what can he do? He has no choice.

Anti-5G necklaces found to be radioactive

Necklaces and accessories claiming to “protect” people from 5G mobile networks have been found to be radioactive.

The Dutch authority for nuclear safety and radiation protection (ANVS) issued a warned about ten products it found gave off harmful ionising radiation.

It urged people not to use the products, which could cause harm with long-term wear.

There is no evidence that 5G networks are harmful to health.

The World Health Organization says 5G mobile networks are safe, and not fundamentally different from existing 3G and 4G signals.

Mobile networks use non-ionising radio waves that do not damage DNA.

Despite this, there have been attacks on transmitters by people who believe they are harmful.

The products identified included an “Energy Armor” sleeping mask, bracelet and necklace.

A bracelet for children, branded Magnetix Wellness, was also found to be emitting radiation.

“Don’t wear it any more, put it away safely and wait for the return instructions,” the ANVS said in a statement.

“The sellers in the Netherlands known to the ANVS have been told that the sale is prohibited and must be stopped immediately, and that they must inform their customers about this.”

Conspiracy theories have fuelled a market of “anti-5G” devices that are typically found to have no effect.

In May 2020, the UK’s Trading Standards sought to halt sales of a £339 USB stick that claimed to offer “protection” from 5G.

So-called “anti-radiation stickers” have also been sold on Amazon.

The ANVS has published a full list of the products it identified as radioactive on its website.

Sainsbury’s payroll hit by Kronos attack

Sainsbury’s is among major businesses in the UK and US affected by a cyber-attack on a payroll system provider.

On Saturday, Kronos confirmed it was dealing with a ransomware attack on its computer systems.

Many companies such as Sainsbury’s rely on Kronos to log, store and process the hours employees have worked.

The supermarket chain is understood to have lost a week’s worth of data for its 150,000 UK employees. But it said they would be paid before Christmas.

Valuable data
Multiple departments, including payroll, human resources (HR) and accounting are now using historical data and working patterns to make sure employees are paid the correct amount on time.

A ransomware attack is when hackers gain access to a computer network and encrypt valuable data, asking for a ransom to make it useable again.

A Sainsbury’s spokeswoman said: “We’re in close contact with Kronos while they investigate a systems issue.

“In the meantime, we have contingencies in place to make sure our colleagues continue to receive their pay.”

Kronos, run by the UKG company, from Massachusetts, supplies a range of cloud payroll services, including an automated payment system.

Some services would be offline for several weeks, it said, and customers should “evaluate and implement alternative business continuity protocols”.

US supermarket chain Wholefoods and carmaker Honda North America use Kronos and were among those affected, NBC news reported.

Honda UK told BBC News it was unaffected.

A UKG official told BBC News: “UKG recently became aware of a ransomware incident that has disrupted the Kronos Private Cloud, which houses solutions used by a limited number of our customers.”

It had taken immediate action to investigate and mitigate the issue, alerted affected customers and informed the authorities

“We recognise the seriousness of the issue and have mobilised all available resources to support our customers and are working diligently to restore the affected services,” UKG added.

Reddit: Social media platform files to go public

Social media platform Reddit has announced that it has started the process to sell its shares on the stock market.

In a confidential filing, it did not reveal how many shares it planned to sell or the price of the shares.

In August, the company said it had raised $700m (£528m) in new funding, valuing it at more than $10bn.

Reddit was at the centre of the so-called “meme stock” phenomenon earlier this year.

“The initial public offering is expected to occur after the SEC completes its review process, subject to market and other conditions,” Reddit said in a filing with the US Securities and Exchange Commission.

Earlier this year, investors flocked to the San Francisco-based firm’s messaging board for tips on trading stocks like US video game retailer GameStop and the AMC cinema chain – known as “meme stocks”, those that gain popularity through sites like Reddit.

Stocks that often became popular were ones that had been heavily bet against by professional investors, such as hedge funds.

As a result some of these shares saw their prices rise and fall sharply in hugely volatile trade.

In August, co-founder and chief executive Steve Huffman told the New York Times that Reddit was “still planning on going public” but didn’t have a firm timeline, adding, “All good companies should go public when they can.”

The following month the company was looking at a valuation of more than $15bn, according to the Reuters newswire.

Reddit, which was founded in 2005, had around 52 million daily users as of August this year.

Earlier this year, the firm said it planned to double its workforce by the end of 2021 to about 1,400 staff.

Reddit’s biggest financial backers include Chinese technology Tencent, Fidelity Investments and venture capital firm Sequoia Capital.

Apple launches Android app to address AirTags tracker fears

Apple has launched an app for competitor Android’s smartphones, which will inform users if there is a tracking device nearby.

Apple’s AirTags are small location trackers that can be attached to items such as keys or bags in case they are lost.

But they could also be used with malicious intent, such as being planted on people without their knowledge.

The new app allows Android users to detect nearby trackers they do not own.

AirTags work by leveraging millions of Apple devices, each of which can detect nearby tags, to create a powerful tracking network.

“These small inexpensive tags can potentially make it very easy for a stalker to hide one in the victim’s car or personal possessions and then be able to track their victim’s whereabouts,” Rachel Horman-Brown, who chairs anti-stalking advocacy service Paladin, told BBC News:

Two months after their release, amid concerns over abuse, Apple introduced a feature where iPhones would notify users if an “unknown AirTag” or other compatible third-party device was detected “moving with you over time”.

And the new Android Tracker Detect app attempts to give Android users some of the safety features Apple has built into its own devices.

The app “looks for item trackers within Bluetooth range that are separated from their owner”, Apple says in its support documentation.

“If you think someone is using an AirTag or another item tracker to track your location, you can scan to try to find it,” it says.

The app also allows users to play a sound on an AirTag to help locate it, if it has been nearby for at least 10 minutes.

AirTags are also made to beep if they are away from the iPhone they are registered to – at a random interval between eight and 24 hours – which can help unaware victims find any intrusive trackers.

The new app also contains instructions on how to remove the battery and disable an AirTag if one is found.

Early reviews for the Android app are mixed, with some users criticising the fact scans have to be initiated manually, rather than automatically detecting nearby tags, so victims have to already suspect they are being tracked.

Others, however, applauded Apple for introducing privacy tools on a rival platform.

Flaw prompts 100 hack attacks a minute, security company says

A flaw in widely used computer code is prompting 100 new hacking attempts every minute, a security company says.

Check Point said it had seen attempts to exploit the vulnerability on over 40% of corporate networks globally.

One US official said the security flaw, Log4shell, posed a “severe risk”, with companies warning it was being actively used by criminal groups.

Fixes have been issued but need to be implemented. Popular applications and cloud services have been affected.

‘Specific address’
Written in the programming language Java, Log4J, the code containing the flaw, is used by millions of computers running online services.

In the last four months it had been downloaded 84 million times from the largest public repository of open-source Java components, Brian Fox of security company Sonatype, said.

And the ease with which hackers could exploit the vulnerability was, “akin to someone figuring out that mailing a letter into your postbox, with a specific address written on it, allows them to open all your doors in your house”.

Words such as “critical” and “emergency” are often bandied around by cyber-security people when a major flaw is discovered.

But in this crisis, another word has stuck out – “trivial”.

According to Crowdstrike, the weakness everyone is trying to fix is “trivial” to exploit.

Often when a vulnerability is found in a computer system, there is a little bit of time to fix it.

The cyber-criminals have to work out a way to attack and usually only the smartest crews can do so in the first few hours.

But in this case, it is, apparently, very easy.

We do not yet know how many of these attempted attacks are successful – but this incident has the potential to be extremely costly for corporations that become victims.

For the average person, there is not a lot we can do.

Make sure your apps and software are up to date – and send thoughts, prayers and hugs to the IT teams around the world trying to fix this problem.

2px presentational grey line
Researchers at Chinese technology company Alibaba discovered the flaw last month.

But it gained widespread public attention after being found affecting some sites hosting versions of Minecraft using Java.

Before the flaw was made public, the Apache Software Foundation, which oversees the Log4j code, issued a fix for the problem, rating the problem a “10” – the highest level of seriousness.

Cloudflare chief technology officer John Graham-Cumming told the Verge he had seen two only two other issues of similar severity in the past 10 years.

‘Urgent challenge’
US Cybersecurity and Infrastructure Security Agency director Jen Easterly also stressed the urgency of the situation.

“To be clear, this vulnerability poses a severe risk,” she wrote.

It was being widely exploited by hackers and “presents an urgent challenge to network defenders given its broad use”.

Microsoft researchers said they had seen hackers using Log4shell to:

install malicious software that mined crypto-currency
steal passwords and log-ins
extract data from compromised systems

Alibaba fires woman who claimed sexual assault

Chinese e-commerce firm Alibaba has fired a woman who said a colleague and a client had sexually assaulted her.

The dismissal letter said she had spread falsehoods that had damaged the company’s reputation.

The employee went public with her allegations in August because she said Alibaba had failed to take action. She said the assaults took place during a business trip.

The colleague was then sacked, but a criminal case against him was dropped.

The client is still thought to be under police investigation.

The well-publicised case has highlighted the harassment faced by women in the workplace in China.

The employee told government-backed newspaper Dahe Daily that she was fired late last month. It published a copy of what she said was her termination letter.

The letter said she had spread false information about the assault and about the company not handling the case.

It added this “caused strong social concern and had a bad impact on the company”.

The employee was quoted as saying: “I have not made any mistakes, and certainly will not accept this result, and in the future will use legal means to protect my rights and interests.”

The woman’s lawyer confirmed her dismissal to the New York Times.

Alibaba, China’s largest e-commerce firm, did not immediately respond to a request for comment from the BBC.

What are the allegations?
The woman’s account of the incident was published in an eleven-page document, in which she said the colleague raped her in a hotel room while she was unconscious after a “drunken night”.

It prompted a social media storm on China’s Twitter-like platform, Weibo.

The woman alleged that the colleague, who held a more senior managerial position in the company, coerced her into travelling to the city of Jinan, which is around 900km (560 miles) from Alibaba’s head office in Hangzhou, for a meeting with a client.

She accused her superiors of ordering her to drink alcohol with co-workers during dinner.

She said that on the evening of 27 July the client kissed her. She then recalls waking up in her hotel room the next day without her clothes on and with no memory of the night before.

The woman said she obtained surveillance camera footage that showed the co-worker had gone into her room four times during the evening.

After returning to Hangzhou, the woman said the incident was reported to Alibaba’s human resources (HR) department and senior management and that she had requested the co-worker be fired.

She said that human resources initially agreed to the request but took no further action.

What has the response been?
Alibaba faced fierce public backlash, later firing the co-worker, identified only as Mr Wang. The company said two executives who failed to act on the allegation also resigned.

A memo was issued saying Alibaba was “staunchly opposed to forced drinking culture”.

Alibaba had earlier said the man accused of rape had admitted that “there were intimate acts” while the woman was “inebriated”.

Although Mr Wang’s case will not progress, prosecutors of the court have approved the arrest of the client who allegedly assaulted the victim. He has been identified by his surname Zhang.

Mr Zhang has also reportedly been fired by his company.

The case has divided opinion online. Some social media users posted that the co-worker got away too lightly while others say there wasn’t enough evidence against him.

This latest development is likely to spark similar debates in China, which is grappling with its #MeToo movement.

Meta releases social VR space Horizon Worlds

Meta has released its social virtual reality space, Horizon Worlds, after more than a year in private test mode.

It is the first major such release since Facebook renamed itself Meta and announced its plans to “build the metaverse” of connected digital worlds.

The app lets users build their own mini-games and activities on top of Meta’s base game – similar to Roblox or other creator-focused apps.

There is no way for creators to make money directly from their worlds.

Instead, Meta has put $10m (£7.6m) into a “creator fund” to reward community creators who win competitions. That is different from apps such as Roblox, where creators can sell their games for in-app currency.

Horizon Worlds is, however, free to players using an Oculus Quest 2 headset sold by Meta.

Anyone aged 18 and over can create a legless, floating VR avatar – the same style as Meta is using in its workplace-focused meeting system – and get started.

“Our vision for Horizon Worlds is to bring to life a creator-friendly VR space with best-in-class social world-building tools,” Meta said in its announcement. “And we’ve spent the past year developing those tools and improving them based on creator feedback.”

The creation tools are built directly into the virtual reality game, so players can access them directly without any extra downloads or steps.

Players can fly around their world and place items such as trees or shapes to use as “building blocks” to make a custom digital environment. Then, they can use “scripts” – pre-made snippets of code that affect the world around the player – to set the rules of the game.

Similar ideas have already been implemented by other VR developers – such as Rec Room, which allows players to create their own “rooms” with games to play, or VR Chat, which allows the community to create avatar skins and social environments.

Meta says its take on the format has “thousands of worlds built already” during the invite-only beta.

They include shooting games, river cruises, a magic flying broomstick world, and platforming games, among many other ideas.

The US release of Horizon Worlds comes the day after the announcement that smash hit Among Us is being ported to virtual reality, as well as the surprise release on Friday of a Lady Gaga expansion pack for fan favourite Beat Saber – both announced at the Game Awards on Thursday.

At the same awards ceremony, the VR version of horror-action game Resident Evil 4 – which is exclusive to Meta’s Oculus platform – picked up the accolade for best VR game.

Canadian man charged over ransomware attacks

A Canadian man has been accused of co-ordinating ransomware and other cyber-attacks on individuals, businesses and government agencies.

The Ontario Provincial Police (OPP) announced that 31-year-old Matthew Philbert had been charged with fraud and unauthorised use of computers.

The US State of Alaska has also brought charges against Mr Philbert.

He was arrested on 30 November and remains in police custody awaiting a court date.

The OPP said the arrest was made following a 23-month investigation which involved the Royal Canadian Mounted Police, the US FBI and Europol.

At present, the alleged targets of the cyber-attacks have not been disclosed. The OPP said this was to avoid compromising court proceedings.

However, it is alleged that Mr Philbert co-ordinated cyber-attacks using malicious emails with virus-infected attachments.

Another Canadian man was charged in January for allegedly carrying out ransomware attacks linked to the Netwalker gang.

This is the second significant arrest of an alleged ransomware hacker in Canada this year.

Does this mean that Canada is a hotbed for these ransomware groups? No.

But it does highlight that the fight against this pervasive cyber-threat is a global issue.

Many of these crews are run completely remotely, so you never really know who is ultimately pressing the buttons and where they are from.

While evidence points to Russia being the headquarters for many ransomware gangs, it is clear that the lure of riches is not overlooked by criminals in other parts of the world.

Of course, suspects in Canada are investigated, arrested and face a trial to find out if they are guilty.

In Russia, the authorities refuse to acknowledge they have a role to play, and suspected Russian hackers avoid facing prosecution or justice.

UK to phase out 2G and 3G by 2033

The UK will phase out 2G and 3G mobile services by 2033, the government says.

The switch-off date has been agreed with mobile-network operators Vodafone, EE, Virgin Media, O2, and Three.

In July, EE owner BT revealed plans to phase out 3G by 2023, and 2G later in the decade. And many other companies have already begun phasing out technology that support the services.

Culture Secretary Nadine Dorries said the move would help the UK make a smoother transition to faster networks.

Anti-5G campaigners fight on after legal setback
EE aims for 5G coverage everywhere in UK by 2028
She said: “5G technology is already revolutionising people’s lives and businesses – connecting people across the UK with faster mobile data and making businesses more productive.”

The government also promised a funding boost to help future-proof the UK’s mobile networks, ending the country’s over-reliance on a small number of suppliers and making it easier for new equipment-makers to enter the market.

“Today, we are announcing a further £50m to put the UK at the forefront of mobile connectivity and to make sure our telecoms networks are safe and secure now and in the future,” Ms Dorries said.

‘Consumer-protection dimension’
Assembly Research founder Matthew Howett told BBC News the change would probably come sooner than the government’s 2033 deadline.

The switch-off will affect all sorts of older devices, such as 3G-only smartphones.

And it would be crucial for the government to act on behalf of consumers who may be slow to adjusting, Mr Howett said.

“There is an important consumer-protection dimension to all this,” he said.

“You will of course have some people who may still rely on a 2G/3G-enabled handset to make calls in emergencies but also because devices such as smart meters run off the 2G network.

“Involving these stakeholders will be crucial to avoid disruption.”

5G coverage
In July, Amazon warned users some of its older Kindle models would soon be unable to connect to the internet.

“Starting in 2021, some prior generation Kindle e-readers will not be able to connect to the internet using cellular connection through 2G or 3G networks,” the technology giant told its US customers.

Meanwhile, 5G coverage is being expanded across the UK.

In July, EE announced customers would be able to receive 5G “anywhere” in the country by 2028.