Киберпреступления и вымогательства в центре внимания: от судов до атак на пивоварни Translation: Headline: Cybercrime and Extortion in the Spotlight: From Courts to Attacks on Breweries

We have compiled the most significant cybersecurity news from the past week.

A court in the UK has found Chinese national Zhimin Qian guilty of cryptocurrency fraud, as reported by The Guardian.

According to law enforcement agencies, the 45-year-old woman was the mastermind behind a criminal scheme in China from 2014 to 2017, with around 128,000 victims.

With the proceeds from the fraud, Zhimin Qian purchased 61,000 BTC and left China in 2017 using a forged passport. A year later, she attempted to launder the money by purchasing real estate with the help of 43-year-oldshut down the operations of the RAKS exchange service.

Law enforcement reported that the company provided «professional money laundering services» derived from cybercrime and drug trafficking. The service was highly reputed in criminal circles and collaborated with 20 of the largest darknet marketplaces, which collectively had over 5 million users.

According to the AFM, in the past three years, criminal proceeds from over 200 drug shops in the CIS countries—Kazakhstan, Russia, Ukraine, and Moldova—were laundered through RAKS exchange, with a turnover exceeding $224 million.

The investigation analyzed over 4,000 cryptocurrency wallets, blocking 67 addresses with assets amounting to $9.7 million USDT.

On October 3, the Cyber Police of Ukraine announced the dismantling of an international criminal network in Odesa.

The criminals created a false impression of running a lucrative business and attracted investors, whose funds were transferred to cryptocurrency wallets and spent.

According to law enforcement, the perpetrators created fake websites for non-existent companies, periodically changing their names for the sake of secrecy. These sites contained misleading information about fictitious business activities in advertising traffic arbitrage and cryptocurrency.

Potential investors were offered to register personal accounts from which they could choose a specific investment plan, fund their accounts, and «receive dividends.» In reality, the funds were immediately accumulated in cryptocurrency wallets controlled by the scheme’s participants. Once they reached their targets, they severed ties with the victims.

Investigations revealed that the «business» was organized by a 28-year-old resident of Odesa. The group operated both remotely and from specially equipped offices.

Between 2024 and 2025, more than 24 million hryvnias were deposited into the criminals’ cryptocurrency wallet. Eight members of the group were arrested, and one is still wanted.

Preliminary estimates suggest that the number of victims, including foreigners, may exceed 1,500. The total damage is estimated at $92,000.

On October 1, on-chain detective ZachXBT pointed out suspicious activities linked to the mining pool SBI Crypto.

According to him, on September 24, 2025, over $21 million in Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash was withdrawn from addresses belonging to the Japanese SBI Holdings subsidiary. Funds were initially transferred to the addresses of five instant exchange services before being directed to the cryptocurrency mixer Tornado Cash.

ZachXBT believes that some patterns in this incident resonate with attacks attributed to hacker groups from North Korea.

On September 29, Asahi Group Holdings, Japan’s largest beer supplier, reported a system failure. An investigation revealed that the company’s servers had been targeted by ransomware.

Asahi captures about a third of Japan’s domestic market and employs around 30,000 people.

«While the system processes for order fulfillment and shipping remain suspended, ensuring product supply to customers has been our top priority, and we have started partial manual handling of orders and shipping,» stated the latest message from October 3.

Management is preparing to partially resume call center operations, including customer support services starting October 6. As of the time of writing, no hacker group has claimed responsibility for the attack.

Starting October 2, corporate Gmail users can send emails with end-to-end encryption to recipients using any email service or platform. This was announced by Google on October 2 here.

To send a private email, Gmail users need to enable the «Additional Encryption» option while composing their message. This ensures that the email will be automatically decrypted if the recipient is a subscriber of Google Workspace.

If the recipient does not use Gmail, they will receive a link to log in and view the email in a limited version. Upon clicking it, they will have the option to read and respond to the encrypted message using a guest Google Workspace account.