Dubai: The 21st Century Crypto “Silicon Valley”
January 7, 2025
Information from the FOGINT research team.
How prescient was Telegram when it selected Dubai as headquarters of a decentralized, distributed company? After Pavel Durov bounced from Moscow to Berlin, to Singapore to San Francisco, and ended up in Dubai, United Arab Emirates, his judgment seems good. FOGINT’s view is that he listened to UAE government officials and determined that that country wanted to become the financial hub for crypto currency. The goal of both UEA and Telegram aligned: Both wanted to exploit a desire of many countries and financial entrepreneurs from the US-centric financial system to one based on crypto currency, largely unregulated crypto currency cut loose from the shackles of the US financial system. A standard other than and competitive with the US dollar promised a shift of finance from Wall Street to Sheikh Zayed Road.
The plan is not a secret. “UAE to Attract Crypto Ventures Amid EU’s Stringent MiCA Regulation: Experts” reports that regulations in Western Europe are adding a kick in the pants for some crypto-centric innovators. The regulation is Markets in Crypto-Assets Regulation (MiCA). Its purpose is to establish a legal framework — that is, uniform rules for crypto assets — across the EU. MiCA might be the booster that the United Arab Emirates and other Middle Eastern states want. A more supportive regulatory environment and a thriving crypto community exist in the United Arab Emirates.
According to the Crypto News’ report:
The MiCA regulation introduces a pan-European licensing and supervisory regime for crypto-assets, exchanges, and service providers… Among its stringent requirements, small stablecoin issuers must hold 30% of their reserves in low-risk EU-based commercial banks, while major players like Tether face a mandate to maintain 60% or more in similar institutions. While aimed at ensuring market stability, these rules are seen as increasing operational costs, potentially undermining the financial viability of many firms.
The FOGINT team wants to point out that the UAE provides a “crucible” for crypto innovation; specifically:
- A regulatory environment different from that in the US and Western Europe; for example, a Virtual Assets Regulatory Authority (VARA) in Dubai oversees the regulation, licensing, and governance of virtual assets
- Tax benefits because there is currently no direct taxation on cryptocurrencies in the UAE
- Infrastructure provides a “Silicon Valley”-type of magnetic pull situated almost equidistant from Asian financial hubs and Western European money centers
- The UAE supports the crypto industry via the Dubai Multi Commodities Centre and the Dubai International Financial Centre
The UAE has cultivated a robust ecosystem for crypto and blockchain innovation with more than 500 crypto startups are now based in Dubai’s free zones. One poster child for Dubai’s flexibility is Telegram’s choice of the city as the location for its “headquarters.” (Keep in mind that Telegram is a distributed and decentralized organization, so the “staff” in Dubai is modest in size for the company’s size.) Plus, the UAE has implemented measures to ensure investor protection and market stability with Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements. Also, the Central Bank of the UAE approved a custodial insurance product to protect financial institutions and their clients from potential losses due to hacks or internal fraud.
One key question: Are there technical professionals with crypto experience in Dubai? The answer, in part, can be approached via the attendance at the November 2024 TON Foundation Gateway Conference. The conference attracted about 400 people in 2023. In November 2024, more than 2000 crypto savvy professionals participated in two day program held in Dubai. The UAE may be on the path to becoming the hot spot for crypto innovation.
Stephen E Arnold, January 7, 2025
Love Phishing? New Angling Gear to Try
January 6, 2025
Registrars have long run out of TLDs (top-level domains) aka the endings at the end of websites. TLDs like .com, .net, .org, etc. are hot commodities, but in order to expand their offerings registrars added new endings that are unfortunately a new tool for bad actors says Krebs On Security: “Why Phishers Love New TLDs Like .shop, .top and .xyz“. Phishing attacks increased 40% in 2024, mostly on Web sites that end with .shop, .top., xyz, and other generic TLDs (gTLDs).
Interisle Consulting conducted a study on new gTLDs sponsored y many anti-spam organizations. Interisle discovered that gTLDs accounted for only 11% of the new domain market, but 37% of all cybercrime domains from September 2023 to August 2024.
The golds domains are very inexpensive to purchase. They can then be used on Web sites used for phishing scams and more:
“Spammers and scammers gravitate toward domains in the new gTLDs because these registrars tend to offer cheap or free registration with little to no account or identity verification requirements. For example, among the gTLDs with the highest cybercrime domain scores in this year’s study, nine offered registration fees for less than $1, and nearly two dozen offered fees of less than $2.00. By comparison, the cheapest price identified for a .com domain was $5.91.”
Scammers are very excited because the Internet Corporation for Assigned Names and Numbers (ICANN) is about to drop a boatload of new gTLDs sometime in 2026. Despite all the information about bad actors using the gTlDs, ICANN will press forward. Interisle also found that phishers can avoid paying for gTlDs with subdomain providers like weekly.com, pages.dev, and blogspot.com.
Registrars don’t care as along as they get paid. They don’t ask any questions, slap on anonymity; and collect referral fees until someone shuts the bad actors down.
Whitney Grace, January 6, 2025
Russian Drug Trade Likes That Cryptocurrency
January 3, 2025
No smart software involved. Just a dinobaby’s work.
High tech innovation meets traditional thuggery in Russia’s expanding drug trade. The Global Initiative Against Transnational Organized Crime summarizes its recent report in, “Breaking Klad: Russia’s Dead Drop Drug Revolution.” The write-up includes links to download the report and a related press release. First up, the innovation:
“There has been a groundbreaking shift in the global drug trade, pioneered in Russia and now spreading globally. Unlike traditional drug trafficking models, this system leverages darknet markets and cryptocurrency for anonymous transactions, allowing buyers to retrieve drugs from hidden physical locations, or ‘dead drops,’ rather than direct exchanges. Driven by large platforms such as Kraken, Mega, and Blacksprut [sic], Russian darknet markets control 93% of the global share, generating approximately $1.5 billion in revenue in 2023 alone. This dominance marks a new era for organized crime, with Russia’s digital drug economy vastly surpassing traditional Western darknet markets in scope and influence.”
We are told this digital shift was prompted by several factors. Increasingly restrictive anti-drug policies and strained trade relations with the West contribute. Also, drug dealers now have the technology to give their clients (and themselves) the convenience and anonymity they desire. Wonderful. The writeup mentions that, within Russia, trade in cheap-to-make synthetic drugs like mephedrone is overtaking traditional imports like cocaine and heroin. Which leads us to the thuggery:
“Youth are drawn into this high-tech drug economy, often working as couriers or ‘kladmen’ for online shops—a job that comes with high risks, including violence, criminal charges, and addiction. Violence has become endemic in the system, with enforcers, known as ‘sportsmen,’ meting out harsh punishments for couriers suspected of theft or negligence. This pervasive violence, combined with the easy availability of highly addictive synthetic drugs, is fueling a public health crisis and contributing to rising incarceration rates among young Russians.”
These young people may find miserable company in a growing number of countries; the report warns this model is spreading beyond Russia’s borders. Authorities must adapt to the new reality. Understanding Russia’s darknet markets will help, advises the report.
Cynthia Murrell, January 3 , 2025
FOGINT: What Do the Most Recent Telegram Function Enhancements Portend for 2025?
January 2, 2025
This is a report from the FOGINT research team.
For a company without a permanent office with staff who show up everyday, Telegram has been busy in December 2024. One good example is Telegram’s chopping up the video stream from its Gateway Conference held in early November 2024. The individual talks with their unique Telegram / TON Foundation quirkiness are available on YouTube at this link. One can mostly parse some speakers’ content using the Google caption function.
Also, a “real” news service has collected several other Telegram and its ecosystem announcement in “Telegram Rolls Out Third-Party Account Verification, Filters.” For those unfamiliar with Telegram, the service offered a verification process. That service remains, and “has now launched a new project to let already-verified third-party authorities, such as food quality regulators or educational consortiums, verify an account.” The article also points out that Telegram has added “filters” to the baked in search and retrieval service. FOGINT wants to point out that the search service is not very good. Retrieval remains spotty. The only way to find certain content is to monitor specific public and private groups. The content from these groups can then be downloaded or sucked from the service with a well-crafted script tuned to observe Telegram’s quite specific blocks on bulk downloading. According to the cited article, Telegram has added:
- Emoji reactions
- Sending gifts (this is a money generating angle)
- Search filters for private chats, group chats, and channels.
The write up does not ask the question, “What is the direction these features suggest Telegram and its associated entities are heading in 2025?”
Here’s FOGINT’s take on the path Telegram is likely to follow:
- Freeing Pavel will be a top priority
- Amping up Telegram and the TON Foundation’s crypto activities. (Telegram is the platform for TON Foundation; the Foundation is the marketing and developer magnet for the TONcoin.)
- Provide functions and services like third party verification to show the French judiciary and others that Telegram does have “real” users and can provide investigators with some useful information maybe.
But the big priority after the “Free Pavel” action is crypto; specifically, making the Telegram platform the hub for crypto gaming and possibly some allied services like automating the movement of crypto from one coin and wallet to other wallets and coins. Tie ups with the Ku Group and other organizations providing crypto alternatives to traditional and regulated financial systems are on board and rolling out integrated services at this time.
Stephen E Arnold, January 2, 2025
FReE tHoSe smaRT SoFtWarEs!
December 25, 2024
No smart software involved. Just a dinobaby’s work.
Do you have the list of stop words you use in your NLP prompts? (If not, click here.) You are not happy when words on the list like “b*mb,” “terr*r funding,” and others do not return exactly what you are seeking? If you say, “Yes”, you will want to read “BEST-OF-N JAILBREAKING” by a Frisbee team complement of wizards; namely, John Hughes, Sara Price, Aengus Lynch, Rylan Schaeffer, Fazl Barez, Sanmi Koyejo, Henry Sleight, Erik Jones, Ethan Perez, and Mrinank Sharma. The people doing the heavy lifting were John Hughes (a consultant who does work for Speechmatics and Anthropic) and Mrinank Sharma (an Anthropic engineer involved in — wait for it — adversarial robustness).
The main point is that Anthropic linked wizards have figured out how to knock down the guard rails for smart software. And those stop words? Just whip up a snappy prompt, mix up the capital and lower case letters, and keep sending the query to a smart software. At some point, those capitalization and other fixes will cause the LLM to go your way. Want to whip up a surprise in your bathtub? LLMs will definitely help you out.
The paper has nifty charts and lots of academic hoo-hah. The key insight is what the many, many authors call “attack composition.” You will be able to get the how-to by reading the 73 page paper, probably a result of each author writing 10 pages in the hopes of landing an even more high paying, in demand gig.
Several observations:
- The idea that guard rails work is now called into question
- The disclosure of the method means that smart software will do whatever a clever bad actor wants
- The rush to AI is about market lock up, not the social benefit of the technology.
The new year will be interesting. The paper’s information is quite the holiday gift.
Stephen E Arnold, December 25, 2024
FOGINT: Telegram Gets Some Lipstick to Put on a Very Dangerous Pig
December 23, 2024
Information from the FOGINT research team.
We noted the New York Times article “Under Pressure, Telegram Turns a Profit for the First Time.” The write up reported on December 23, 2024:
Now Telegram is out to show it has found its financial footing so it can move past its legal and regulatory woes, stay independent and eventually hold an initial public offering. It has expanded its content moderation efforts, with more than 750 contractors who police content. It has introduced advertising, subscriptions and video services. And it has used cryptocurrency to pay down its debt and shore up its finances. The result: Telegram is set to be profitable this year for the first time, according to a person with knowledge of the finances who declined to be identified discussing internal figures. Revenue is on track to surpass $1 billion, up from nearly $350 million last year, the person said. Telegram also has about $500 million in cash reserves, not including crypto assets.
The FOGINT’s team viewpoint is different.
- Telegram took profit on its crypto holdings and pumped that money into its financials. Like magic, Telegram will be profitable.
- The arrest of Mr. Durov has forced the company’s hand, and it is moving forward at warp speed to become the hub for a specific category of crypto transactions.
- The French have thrown a monkey wrench into Telegram’s and its associated organizations’ plans for 2025. The manic push to train developers to create click-to-earn games, use the Telegram smart contracts, and ink deals with some very interesting partners illustrates that 2025 may be a turning point in the organizations’ business practices.
The French are moving at the speed of a finely tuned bureaucracy, and it is unlikely that Mr. Durov will shake free of the pressure to deliver names, mobile numbers, and messages of individuals and groups of interest to French authorities.
The New York Times write up references profitability. There are more gears engaging than putting lipstick on a financial report. A cornered Pavel Durov can be a dangerous 40 year old with money, links to interesting countries, and a desire to create an alternative to the traditional and regulated financial system.
Stephen E Arnold, December 23, 2024
FOGINT: Big Takedown Coincident with Durov Detainment. Coincidence?
December 19, 2024
This blog post is the work of an authentic dinobaby. No smart software was used.
In recent years, global authorities have taken down several encrypted communication channels. Exclu and Ghost, for example. Will a more fragmented approach keep the authorities away? Apparently not. A Europol press release announces, “International Operation Takes Down Another Encrypted Messaging Service Used by Criminals.” The write-up notes:
“Criminals, in response to the disruptions of their messaging services, have been turning to a variety of less-established or custom-built communication tools that offer varying degrees of security and anonymity. While the new fragmented landscape poses challenges for law enforcement, the takedown of established communication channels shows that authorities are on top of the latest technologies that criminals use.”
Case in point: After a three-year investigation, a multi-national law enforcement team just took down MATRIX. The service, “by criminals for criminals,” was discovered in 2021 on a convicted murderer’s phone. It was a sophisticated tool bad actors must be sad to lose. We learn:
“It was soon clear that the infrastructure of this platform was technically more complex than previous platforms such as Sky ECC and EncroChat. The founders were convinced that the service was superior and more secure than previous applications used by criminals. Users were only able to join the service if they received an invitation. The infrastructure to run MATRIX consisted of more than 40 servers in several countries with important servers found in France and Germany. Cooperation between the Dutch and French authorities started through a JIT set up at Eurojust. By using innovative technology, the authorities were able to intercept the messaging service and monitor the activity on the service for three months. More than 2.3 million messages in 33 languages were intercepted and deciphered during the investigation. The messages that were intercepted are linked to serious crimes such as international drug trafficking, arms trafficking, and money laundering. Actions to take down the service and pursue serious criminals happened on 3 December in four countries.”
Those four countries are France, Spain, Lithuania, and Germany, with an assist by the Netherlands. Interpol highlights the importance of international cooperation in fighting organized crime. Is this the key to pulling ahead in the encryption arms race?
Cynthia Murrell, December 19, 2024
FOGINT: The Telegram – Visa Tie Up
December 18, 2024
This blog post is the work of an authentic dinobaby. No smart software was used.
This is Stephen E Arnold. Since the detainment of the Pavel Durov by French authorities, Telegram has ramped up its public disclosures about its crypto ambitions. In November 2024, Telegram linked itself publicly with Holders (a crypto services firm) and Visa, Inc. More information is available in a video is available on YouTube. Its title is “Visa: Building a Bridge between TON and Real World Use Cases.” It is at this url: https://www.youtube.com/watch?v=YhdXeybiG0I. The presenter is Nikola Plecas, who is identified as the senior director, global head of GTM & Product Commercialization, Visa Crypto. The “GTM” means “go to market.” In our lecture yesterday (December 11, 2024) for the CyberSocial Conference, we mentioned this tie up with crypto. By coincidence, the video was posted. We anticipate that this deal will ripen in 2025. Thank you.
Stephen E Arnold, December 18, 2024, 716 am US
FOGINT: Telegram Steps Up Its Cooperation with Law Enforcement
December 12, 2024
This short item is the work of the dinobaby. The “fog” is from Gifr.com.
Engadget, an online news service, reported “Telegram Finally Takes Action to Remove CSAM from Its Platform.” France picks up Telegram founder Pavel Durov and explains via his attorney how the prison system works in the country. Mr. Durov, not yet in prison, posted an alleged Euro 5 million with the understanding he could not leave the country. According to Engadget, Mr. Durov is further modifying his attitude toward “free speech” and “freedom.”
The article states:
Telegram is taking a significant step to reduce child sexual abuse material (CSAM), partnering with the International Watch Foundation (IWF) four months after the former’s founder and CEO Pavel Durov was arrested. The French authorities issued 12 charges against Durov in August, including complicity in “distributing, offering or making available pornographic images of minors, in an organized group” and “possessing pornographic images of minors.”
For those not familiar with the International Watch Foundation, the organization serves as a “hub” for law enforcement and companies acting as intermediaries for those engaged in buying, leasing, selling, or exchanging illicit images or videos of children. Since 2013, Telegram has mostly been obstinate when asked to cooperate with investigators. The company has waved its hands and insisted that it is not into curtailing free speech.
After the French snagged Mr. Durov, he showed a sudden interest in cooperating with authorities. The Engadget report says:
Telegram has taken other steps since Durov’s arrest, announcing in September that it would hand over IP addresses and phone numbers in legal requests — something it fought in the past. Durov must remain in France for the foreseeable future.
What’s Telegram going to do after releasing handles, phone numbers, and possibly some of that log data allegedly held in servers available to the company? The answer is, “Telegram is pursuing its next big thing.” Engadget does not ask, “What’s Telegram’s next act?” Surprisingly a preview of Telegram’s future is unfolding in TON Foundation training sessions in Vancouver, Istanbul, and numerous other locations.
But taking that “real” work next step is not in the cards for most Telegram watchers. The “finally” is simply bringing down the curtain of Telegram’s first act. More acts are already on stage.
Stephen E Arnold, December 12, 2024
Telegram: Edging Forward in Crypto
December 12, 2024
This blog post flowed from the sluggish and infertile mind of a real live dinobaby. If there is art, smart software of some type was probably involved.
Telegram wants to be the one stop app for anonymous crypto tasks. While we applaud those efforts when they related to freedom fighting or undermining bad actors, the latter also uses them and we can’t abide by that. Telegram, however, plans to become the API for crypto communication says Cryptologia in, “DWF Labs’ Listing Bot Goes Live On Telegram.”
DWF Labs is a crypto enterprise capital firm and it is launching an itemizing Bot on Telegram. The Bot turns Telegram into a bitcoin feed, because it notifies users of changes in the ten main crypto exchanges: Binance, HTX, Gate.io, Bybit, OKX, KuCoin, MEXC, Coinbase Alternate, UpBit, and Bithumb. Users can also watch foreign money pairs, launchpad bulletins, and spot and/or futures listings.
DWF Labs is on the forefront of alternative currency and financial options. It is a lucrative market:
“In a latest interview, Lingling Jiang, a Associate at DWF Labs, mentioned DWF Labs’ place on the forefront of delivering liquidity providers and forging alliances with conventional finance. By offering market-making assist and funding, Jiang stated, DWF Labs provides tasks the infrastructure needed to grasp of tokenized belongings. With the launch of the brand new Itemizing Bot, DWF Labs brings market information nearer to the retail consumer, particularly these on the Telegram (TON) community. Following the introduction of HOT, a non-custodial pockets on TON powered by Chain Signature, DWF Labs’ Itemizing Bot is one other welcome addition to the ecosystem, particularly within the mild of the latest announcement of HOT Labs, HERE Pockets and HAPI’s new joint crypto platform.”
What’s Telegram’s game for 2025? Spring Durov? Join hands with BRICS? Become the new Morgan Stanley? Father more babies?
Whitney Grace, December 12, 2024
-
- Subscribe to Beyond Search
Feature archive
News archive
-
