Cyber Threat Intelligence 18 July 2025
-
Healthcare Sector
- Panoramic Corporation Digital Imaging Software
"Successful exploitation of this vulnerability could allow a standard user to obtain NT Authority/SYSTEM privileges."
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-198-01
Industrial Sector
- Leviton AcquiSuite And Energy Monitoring Hub
"Successful exploitation of this vulnerability could allow an attacker to craft a malicious payload in URL parameters that would execute in a client browser when accessed by a user, steal session tokens, and control the service."
https://www.cisa.gov/news-events/ics-advisories/icsa-25-198-01 - What a Mature OT Security Program Looks Like In Practice
"In this Help Net Security interview, Cindy Segond von Banchet CC, Cybersecurity Lead at Yokogawa Europe, shares her insights on what defines a sustainable OT security program. She outlines the key differences between short-term fixes and long-term resilience, and discusses how organizations can embed OT security within broader risk frameworks. From addressing legacy system vulnerabilities to integrating OT into existing SOC operations, she covers topics such as visibility, training, and alignment with global standards like ISA/IEC 62443."
https://www.helpnetsecurity.com/2025/07/17/cindy-segond-von-banchet-cc-yokogawa-how-to-build-ot-security-program/
Vulnerabilities
- Cisco Warns Of Critical ISE Flaw Allowing Unauthenticated Attackers To Execute Root Code
"Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges. Tracked as CVE-2025-20337, the shortcoming carries a CVSS score of 10.0 and is similar to CVE-2025-20281, which was patched by the networking equipment major late last month. "Multiple vulnerabilities in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit these vulnerabilities," the company said in an updated advisory."
https://thehackernews.com/2025/07/cisco-warns-of-critical-ise-flaw.html
https://www.bleepingcomputer.com/news/security/max-severity-cisco-ise-bug-allows-pre-auth-command-execution-patch-now/
https://www.darkreading.com/application-security/cisco-cvss-10-flaw-ise-ise-pic-patch-now
https://www.securityweek.com/cisco-patches-another-critical-ise-vulnerability/
https://securityaffairs.com/180044/security/cisco-patches-critical-cve-2025-20337-bug-in-identity-services-engine-with-cvss-10-severity.html
https://www.theregister.com/2025/07/17/critical_cisco_bug/ - Oracle Patches 200 Vulnerabilities With July 2025 CPU
"Oracle has released 309 new security patches as part of its July 2025 Critical Patch Update (CPU), including 127 fixes for vulnerabilities that are remotely exploitable without authentication. SecurityWeek has identified roughly 200 unique CVEs in Oracle’s July 2025 CPU and counted nine patches that address critical-severity flaws. The same as in April, Oracle Communications received the largest number of security fixes. This month, Oracle released 84 patches for it, including 50 that resolve defects exploitable remotely without authentication. While none of these issues has a critical severity rating, 51 are high severity."
https://www.securityweek.com/oracle-patches-200-vulnerabilities-with-july-2025-cpu/ - Faults In Digital Avionics Systems Threaten Flight Safety
"Like many other industries, civil aviation is undergoing a digital transformation. This transformation involves enhancing the information connectivity between aircraft and ground-based digital infrastructure, which introduces new cybersecurity risks. These issues are specifically mentioned in the International Civil Aviation Organization (ICAO) Aviation Security Manual1."
https://ics-cert.kaspersky.com/publications/reports/2025/07/17/faults-in-digital-avionics-systems-threaten-flight-safety/ - VMware Flaws That Earned Hackers $340,000 At Pwn2Own Patched
"Broadcom informed customers this week that several VMware product vulnerabilities disclosed earlier this year at the Pwn2Own hacking competition have been patched. Participants earned more than $1 million at the Pwn2Own Berlin 2025 competition organized by Trend Micro’s Zero Day Initiative (ZDI). More than $340,000 was paid out for exploits targeting VMware products. The STARLabs SG team earned $150,000 for exploiting a single integer overflow bug to hack VMware ESXi. According to Broadcom’s advisory, this critical bug impacts the VMXNET3 virtual network adapter and it can allow an attacker with local admin privileges on a VM that uses the adapter to execute arbitrary code on the host. The security hole is tracked as CVE-2025-41236."
https://www.securityweek.com/vmware-flaws-that-earned-hackers-340000-at-pwn2own-patched/
https://www.bleepingcomputer.com/news/security/vmware-fixes-four-esxi-zero-day-bugs-exploited-at-pwn2own-berlin/ - Meta Fixes Bug That Could Leak Users’ AI Prompts And Generated Content
"Meta has fixed a security bug that allowed Meta AI chatbot users to access and view the private prompts and AI-generated responses of other users. Sandeep Hodkasia, the founder of security testing firm AppSecure, exclusively told TechCrunch that Meta paid him $10,000 in a bug bounty reward for privately disclosing the bug he filed on December 26, 2024. Meta deployed a fix on January 24, 2025, said Hodkasia, and found no evidence that the bug was maliciously exploited."
https://techcrunch.com/2025/07/15/meta-fixes-bug-that-could-leak-users-ai-prompts-and-generated-content/
https://www.malwarebytes.com/blog/news/2025/07/meta-ai-chatbot-bug-could-have-allowed-anyone-to-see-private-conversations
Malware
- Fake Receipts Generators: The Rising Threat To Major Retail Brands
"This report examines a growing scam technique involving fake receipt generators – tools that enable fraudsters to create counterfeit receipts from well-known brands. This research was brought to our attention by our partners at Sorint.SEC, whose collaborative input helped uncover the depth and ecosystem of this emerging threat. At the center of this ecosystem is MaisonReceipts, one of the most prominent services in the space. This investigation explores not only the functionalities of the service itself but also how these tools are promoted, sold, and used by both fraudsters and buyers."
https://www.group-ib.com/blog/fake-receipts-generators/ - GhostContainer Backdoor: Malware Compromising Exchange Servers Of High-Value Organizations In Asia
"In a recent incident response (IR) case, we discovered highly customized malware targeting Exchange infrastructure within government environments. Analysis of detection logs and clues within the sample suggests that the Exchange server was likely compromised via a known N-day vulnerability. Our in-depth analysis of the malware revealed a sophisticated, multi-functional backdoor that can be dynamically extended with arbitrary functionality through the download of additional modules. Notably, the attackers leveraged several open-source projects to build this backdoor. Once loaded, the backdoor grants the attackers full control over the Exchange server, allowing them to execute a range of malicious activities. To evade detection by security products, the malware employs various evasion techniques and disguises itself as a common server component to blend in with normal operations. Furthermore, it can function as a proxy or tunnel, potentially exposing the internal network to external threats or facilitating the exfiltration of sensitive data from internal devices."
https://securelist.com/ghostcontainer/116953/ - Phish And Chips: China-Aligned Espionage Actors Ramp Up Taiwan Semiconductor Industry Targeting
"China-aligned threat actors have routinely targeted the semiconductor industry for many years. This activity likely aligns with China’s internal strategic economic priorities, which have increasingly emphasized the importance of semiconductor technologies in successive national economic development initiatives, including the Five-Year Plans. A growing focus on ensuring strategic self-reliance for semiconductor technologies, accelerated by external pressures from export controls, has likely reinforced the priority of intelligence collection operations directed at this industry. This is reflected in China-aligned espionage activity tracked by the Proofpoint Threat Research team, where we are currently observing an elevated level of targeting of the industry by China-aligned groups compared to historical activity."
https://www.proofpoint.com/us/blog/threat-insight/phish-china-aligned-espionage-actors-ramp-up-taiwan-semiconductor-targeting
https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html
https://www.darkreading.com/cyberattacks-data-breaches/4-chinese-apts-taiwan-semiconductor-industry
https://www.bankinfosecurity.com/china-backed-hackers-intensify-attacks-on-taiwan-chipmakers-a-29004 - LameHug Malware Uses AI LLM To Craft Windows Data-Theft Commands In Real-Time
"A novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems. LameHug was discovered by Ukraine’s national cyber incident response team (CERT-UA) and attributed the attacks to Russian state-backed threat group APT28 (a.k.a. Sednit, Sofacy, Pawn Storm, Fancy Bear, STRONTIUM, Tsar Team, Forest Blizzard). The malware is written in Python and relies on the Hugging Face API to interact with the Qwen 2.5-Coder-32B-Instruct LLM, which can generate commands according to the given prompts."
https://www.bleepingcomputer.com/news/security/lamehug-malware-uses-ai-llm-to-craft-windows-data-theft-commands-in-real-time/ - Exploitation Of CitrixBleed 2 (CVE-2025-5777) Began Before PoC Was Public
"GreyNoise has observed active exploitation attempts against CVE-2025-5777 (CitrixBleed 2), a memory overread vulnerability in Citrix NetScaler. Exploitation began on June 23 — nearly two weeks before a public proof-of-concept (PoC) was released on July 4. We created a tag on July 7 to track this activity. Because GreyNoise retroactively associates pre-tag traffic with new tags, prior exploitation attempts are now visible in the GreyNoise Visualizer."
https://www.greynoise.io/blog/exploitation-citrixbleed-2-cve-2025-5777-before-public-poc
https://www.bleepingcomputer.com/news/security/citrix-bleed-2-exploited-weeks-before-pocs-as-citrix-denied-attacks/ - Google Sues To Disrupt BadBox 2.0 Botnet Infecting 10 Million Devices
"Google has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company's advertising platforms. The BadBox 2.0 malware botnet is a cybercrime operation that utilizes infected Android Open Source Project (AOSP) devices, including smart TVs, streaming boxes, and other connected devices that lack security protections, such as Google Play Protect. These devices become infected either by threat actors purchasing low-cost AOSP devices, modifying the operating system to include the BadBox 2 malware, and then reselling them online, or by tricking users into downloading and installing malicious apps on their devices that contain the malware."
https://www.bleepingcomputer.com/news/security/google-sues-to-disrupt-badbox-20-botnet-infecting-10-million-devices/
https://www.theregister.com/2025/07/17/google_sues_25_unnamed_chinese/ - MaaS Operation Using Emmenhtal And Amadey Linked To Threats Against Ukrainian Entities
"In early February 2025, Talos observed a cluster of invoice payment and billing-themed phishing emails that appeared to target Ukrainian entities. These emails included compressed archive attachments (e.g., ZIP, 7Zip or RAR) containing at least one JavaScript file that used several layers of obfuscation to disguise a PowerShell downloader. The execution of the JavaScript and PowerShell script resulted in the download and execution of SmokeLoader on the victim system. Talos assessed the JavaScript downloaders to be the Emmenthal loader, based on notable similarities between the obfuscation methods observed in the collected samples and those described by Orange Cyberdefense."
https://blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/
https://thehackernews.com/2025/07/hackers-use-github-repositories-to-host.html
https://hackread.com/github-abused-amadey-lumma-redline-infostealers-ukraine/
https://www.infosecurity-magazine.com/news/maas-campaign-github-payloads/ - Scanception: A QRiosity-Driven Phishing Campaign
"CRIL has been closely tracking a widespread and ongoing quishing campaign, which we have dubbed “Scanception”. This campaign leverages QR code-based delivery mechanisms to distribute credential-harvesting URLs. The attack chain typically begins with a phishing email containing a PDF lure that urges recipients to scan an embedded QR code. This technique effectively bypasses traditional email security and endpoint protection controls by shifting the attack surface to unmanaged personal mobile devices that typically fall outside the organization’s security perimeter."
https://cyble.com/blog/scanception-a-qriosity-driven-phishing-campaign/ - AI Cloaking Tools Enable Harder-To-Detect Cyber-Attacks
"Cybercriminals have been observed adopting AI-powered cloaking tools to bypass traditional security measures and keep phishing and malware sites hidden from detection. According to new research from SlashNext, Platforms like Hoax Tech and JS Click Cloaker are offering “cloaking-as-a-service” (CaaS), allowing threat actors to disguise malicious content behind seemingly benign websites. Using advanced fingerprinting, machine learning and behavioral targeting, these tools selectively show scam pages only to real users while feeding safe content to automated scanners. “I think that this is a clear example of a technology and set of tools being used in a bad way,” said Andy Bennett, CISO at Apollo Information Systems."
https://www.infosecurity-magazine.com/news/ai-cloaking-tools-enable-complex/ - Protecting Customers From Octo Tempest Attacks Across Multiple Industries
"In recent weeks, Microsoft has observed Octo Tempest, also known as Scattered Spider, impacting the airlines sector, following previous activity impacting retail, food services, hospitality organizations, and insurance between April and July 2025. This aligns with Octo Tempest’s typical patterns of concentrating on one industry for several weeks or months before moving on to new targets. Microsoft Security products continue to update protection coverage as these shifts occur. To help protect and inform customers, this blog highlights the protection coverage across the Microsoft Defender and Microsoft Sentinel security ecosystem and provides security posture hardening recommendations to protect against threat actors like Octo Tempest."
https://www.microsoft.com/en-us/security/blog/2025/07/16/protecting-customers-from-octo-tempest-attacks-across-multiple-industries/
https://www.infosecurity-magazine.com/news/microsoft-exposes-scattered/ - Lookout Discovers Massistant Chinese Mobile Forensic Tooling
"Researchers at the Lookout Threat Lab have discovered a mobile forensics application named Massistant, used by law enforcement in China to collect extensive information from mobile devices. This application is believed to be the successor to a previously reported forensics tool named “MFSocket” used by state police and reported by various media outlets in 2019. These samples require physical access to the device to install, and were not distributed through the Google Play store. Forensics tools are used by law enforcement personnel to collect sensitive data from a device confiscated by customs officials, at local or provincial border checkpoints or when stopped by law enforcement officers."
https://www.lookout.com/threat-intelligence/article/massistant-chinese-mobile-forensics
https://www.securityweek.com/mobile-forensics-tool-used-by-chinese-law-enforcement-dissected/ - The Linuxsys Cryptominer
"VulnCheck observed exploitation of CVE-2021-41773 in the wild. This, in itself, is hardly noteworthy. The vulnerability was an inaugural member of both the CISA KEV and VulnCheck KEV. Our friends over at GreyNoise still see exploit attempts for this vulnerability a couple of dozen times each day. The noteworthy part is who was doing the exploiting. To understand that, let’s look at how the attacks were carried out."
https://www.vulncheck.com/blog/linuxsys-cryptominer
https://thehackernews.com/2025/07/hackers-exploit-apache-http-server-flaw.html - APT Profile – Fancy Bear
"Fancy Bear, also known as APT28, is a notorious Russian cyberespionage group with a long history of targeting governments, military entities, and other high-value organizations worldwide. Active since 2007, they are infamous for their stealthy and well-coordinated cyberattacks. Fancy Bear has been implicated in attempts to influence election processes in countries like the U.S., France, and Germany."
https://www.cyfirma.com/research/apt-profile-fancy-bear-2/
Breaches/Hacks/Leaks
- Hacker Steals $27 Million In BigONE Exchange Crypto Breach
"Cryptocurrency exchange BigONE disclosed that hackers stole various digital assets valued at $27 million in an attack yesterday. The platform announced that private keys and user data remain unaffected by the intrusion and any customers that incurred losses will be reimbursed from available reserves. “In the early hours of July 16, BigONE detected abnormal movements involving a portion of the platform’s assets,” reads the announcement. “Upon investigation, it was confirmed to be the result of a third-party attack targeting our hot wallet.”"
https://www.bleepingcomputer.com/news/security/hacker-steals-27-million-in-bigone-exchange-crypto-breach/
https://bigone.zendesk.com/hc/en-us/articles/48916067512345-BigONE-Security-Incident-Disclosure-and-Progress-Update-July-16 - Dermatology, Imaging Hacks Expose 3.3 Million Patients' PHI
"A Maryland-based dermatology practice and a Virginia-based medical imaging and radiology entity have each reported to federal regulators separate hacking incidents that affected the protected health information of more than 3.3 million patients. As of Thursday, each of the hacks - reported by Anne Arundel Dermatology and Radiology Associates of Richmond - ranked among the five largest health data breaches posted so far in 2025 on the U.S. of Department of Health and Human Services' HIPAA Breach Reporting Tool website listing health data breaches affecting 500 or more individuals."
https://www.bankinfosecurity.com/dermatology-imaging-hacks-expose-33-million-patients-phi-a-29001 - Over One Million Records Exposed In Data Breach Involving Adoption Agency
"Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about an unencrypted and non-password-protected database that contained 1,115,061 records. The database was associated with a well-known adoption agency, holding the names of children, birth parents, adopted parents, employees, leads, and other internal potentially sensitive information."
https://www.websiteplanet.com/news/gladney-breach-report/
https://hackread.com/massive-data-leak-texas-adoption-agency-million-records/
https://www.malwarebytes.com/blog/news/2025/07/adoption-agency-leaks-over-a-million-records - Russian Vodka Producer Reports Disruptions After Ransomware Attack
"More than 2,000 WineLab liquor stores across Russia have remained shut for three days following a ransomware attack on their parent company, one of Russia’s largest alcohol producers. Signs on WineLab doors said the stores were closed due to “technical issues.” The attack crippled parts of the Novabev Group’s infrastructure, affecting WineLab’s point-of-sale systems and online services. The company confirmed that the attackers had demanded a ransom but said it refused to negotiate."
https://therecord.media/novabev-russia-vodka-maker-ransomware-attack - Thai Officials Restore Ministry Of Labor Website After Hack, Defacement
"The website for Thailand’s Ministry of Labor has been restored after hackers defaced the site and allegedly stole government data. Boonsong Tapchaiyut, permanent secretary of the Ministry of Labor, confirmed the incident on Thursday and ordered officials to conduct an investigation. Tapchaiyut claimed the hackers only defaced the website and did not penetrate servers that stored any data. Tapchaiyut said the ministry briefly shut down the site, deleted the words written by the hackers and returned it to its original state. Ministry officials have changed passwords and taken other measures to limit potential sources of access for the hackers."
https://therecord.media/thai-officials-restore-labor-website-after-hack - Stormous Ransomware Gang Targets North Country HealthCare, Claims 600K Patient Data Stolen
"The Stormous ransomware gang claims it has stolen personal and health data belonging to 600,000 patients from health provider North Country HealthCare. North Country HealthCare is a nonprofit, federally qualified health center (FQHC) based in northern Arizona. It provides primary healthcare services to people of all ages across 14 locations in 11 communities. Their services include family medicine, pediatrics, prenatal care, behavioral health, dental care, telemedicine, physical therapy, and more. They accept most insurance plans and offer income-based sliding fee discounts for uninsured patients."
https://securityaffairs.com/180057/data-breach/180057stormous-ransomware-gang-targets-north-country-healthcare-claims-600k-patient-data-stolen.html
General News
- June 2025 APT Group Trends
"The North Korean APT group utilized Github PAT to attack private repositories. The group is also engaging in activities to disguise themselves as remote IT workers to be employed by companies, through which they steal information and make profits. The U.S. government has also indicted North Korean IT personnel and their accomplices."
https://asec.ahnlab.com/en/89067/ - Machine Unlearning Gets a Practical Privacy Upgrade
"Machine learning models are everywhere now, from chatbots to credit scoring tools, and they carry traces of the data they were trained on. When someone asks to have their personal data erased under laws like the GDPR, their data also needs to be wiped from the machine learning models that learned from it. Retraining a model from scratch every time a deletion request comes in isn’t feasible in most production settings. Machine unlearning, which refers to strategies for removing the influence of specific training data from a model, has emerged to fill the gap. But until now, most approaches have either been slow and costly or fast but lacking formal guarantees."
https://www.helpnetsecurity.com/2025/07/17/machine-unlearning-privacy-upgrade/ - What Fortune 100s Are Getting Wrong About Cybersecurity Hiring
"Many companies say they can’t find enough cybersecurity professionals. But a new report suggests the real problem isn’t a lack of talent, but how those jobs are structured and advertised. Expel’s 2025 Enterprise Cybersecurity Talent Index looked at more than 5,000 cybersecurity-related job postings from Fortune 100 companies. The findings point to hiring practices that may be turning qualified candidates away, not drawing them in."
https://www.helpnetsecurity.com/2025/07/17/cybersecurity-hiring-trends-2025/ - US Data Breaches Head For Another Record Year After 11% Surge
"The number of publicly reported data compromises increased around 11% annually to reach 1732 for the first half of 2025, putting it on track to be a record-breaking year, according to the Identity Theft Resource Center (ITRC). The non-profit tracked publicly reported breaches from across the country to compile its 2025 H1 Data Breach Report. However, despite the headline rise in leaks and breaches from H1 2024, when the figure was 1567, the number of victims caught in these incidents was significantly lower."
https://www.infosecurity-magazine.com/news/us-data-breaches-record-year/
https://www.idtheftcenter.org/publication/itrc-h1-2025-data-breach-report/
https://www.bankinfosecurity.com/topsy-turvy-data-breach-reality-incidents-up-victims-down-a-28995 - Cambodia Makes 1,000 Arrests In Latest Crackdown On Cybercrime
"Cambodia on Wednesday said that an order by Prime Minister Hun Manet for government bodies to crackdown on criminal cybercrime operations being run in the country had resulted in the arrest of more than 1,000 suspects so far this week. Hun Manet issued the order authorizing state action for “maintaining and protecting security, public order, and social safety.” “The government has observed that online scams are currently causing threats and insecurity in the world and the region. In Cambodia, foreign criminal groups have also infiltrated to engage in online scams,” Hun Manet’s statement, dated Tuesday, said."
https://www.securityweek.com/cambodia-makes-1000-arrests-in-latest-crackdown-on-cybercrime/ - Global Cyber Attacks Surge 21% In Q2 2025 — Europe Experiences The Highest Increase Of All Regions
"Every quarter, Check Point Research publishes the threats of the past three months, gathering intelligence from our ThreatCloud AI platform, which analyzes millions of indicators of compromise (IoCs) daily. Powered by over 50 AI-driven engines and sourced from more than 150,000 networks and millions of endpoints, this data provides a real-time view into the threats organizations face globally. In Q2 2025, that view revealed an accelerating wave of cyber attacks targeting almost every sector and region around the world."
https://blog.checkpoint.com/research/global-cyber-attacks-surge-21-in-q2-2025-europe-experiences-the-highest-increase-of-all-regions/ - Printer Security Gaps: A Broad, Leafy Avenue To Compromise
"When it comes to managing cybersecurity profiles for office printers, just 36% of IT teams are patching their firmware promptly — leaving a glaring gap in defenses that attackers could exploit to devastating effect. That's according to HP Wolf Security, which found evidence of widespread failures across every stage of the printer life cycle in a global survey of 800+ IT and security decision-makers. "Failure to promptly apply firmware updates to printers unnecessarily exposes organizations to threats that could lead to damaging impacts, such as cybercriminals exfiltrating critical data or hijacking devices," according to the report, released today."
https://www.darkreading.com/endpoint-security/printer-security-gaps-compromise - AI Driving The Adoption Of Confidential Computing
"Artificial intelligence (AI) is leading the way for mass adoption of confidential computing. Top AI providers Google and Anthropic have recently put more weight behind the technology to protect AI models and confidential data from being exposed. But there are challenges ahead. AI companies are relying on hardware vendors for the base technology, and each chipmaker has its own implementation. AI models are in production after years of experimentation, and confidential computing is important in addressing data security and cybersecurity concerns, says Steven Dickens, principal analyst at HyperFrame Research."
https://www.darkreading.com/cyber-risk/ai-driving-adoption-confidential-computing - Chainalysis: $2.17 Billion In Crypto Stolen In First Half Of 2025, Driven By North Korean Hacks
"More than $2 billion in cryptocurrency was stolen by hackers in the first half of 2025, according to the blockchain security firm Chainalysis. Most of the total comes from the $1.5 billion stolen from Dubai-based crypto platform Bybit in February by hackers connected to North Korea. The $2.17 billion stolen so far this year already surpasses the losses seen in all of 2024, and is the highest number seen in the first six months of a year since the company began tracking the figures in 2022. Chainalysis estimates that up to $4 billion worth of cryptocurrency may be stolen by the end of the year."
https://therecord.media/chainalysis-crypto-stolen-billions
อ้างอิง
Electronic Transactions Development Agency(ETDA) - Panoramic Corporation Digital Imaging Software