大家好，我是小程程。 本文是「这很刑啊」系列。其实这个案子的前情， 在 25 年 3 月初我们公号发过（戳这里） ，当时外媒预估 Davis Lu（以下称他卢哥）可能要蹲 10 年大牢。 8 月 21 日，美国司法部官网公开了最终判决结果， 4 年牢饭 + 3 年监外监管 。 埋雷报复，取名鬼才 55 岁的卢哥现居休斯顿，今年 3 月因"故意损坏受保护计算机"罪名成立。 卢哥曾在伊顿公司（Eaton Corp.）工作约 11 年。2018 年公司"架构调整"期间，他的工作职责突然被缩减。 由于预料到自己即将被解雇，于是开始植入多种恶意代码。 卢哥给部分恶意代码命名，分别采用日语中表示"破坏"的"Hakai"和中文中表示"混沌"的"HunShui"。 恶意代码会制造"无限循环"，删除同事的个人资料文件、阻止合法登录，并导致系统崩溃。 公司顺藤摸瓜，还找到了一台服务器（只有卢哥有权访问 ），所有其他恶意代码也都在这台服务器上被找 到。 此外，在卢哥被要求上交公司笔记本电脑的当天，他还删除了加密数据。他的互联网搜索历史显示，他曾研究 过如何提升权限、隐藏进程和快速删除文件之类的。 美国司法部刑事部门代理助理总检察长 ...

（原标题：美国财政部对俄、吉多家实体和个人实施制裁） Grinex交易所被认定为Garantex员工为规避制裁创建的新平台，利用俄罗斯卢布锚定稳定币A7A5转 移客户资产并延续核心业务。注册在吉的实体Old Vector被指定为A7A5稳定币名义发行方，俄企A7、 A71、A7 Agent及摩尔多瓦商人伊兰·肖尔（Ilan Shor）关联的PSB银行实际参与项目运作。InDeFi银行 与Exved交易所被指控协助俄罗斯通过加密货币规避制裁进行跨境结算。所有受制裁方在美资产立即冻 结，严禁美国公民和实体与其交易，违者将面临民事或刑事追责。 此外，Garantex交易所联合创始人谢尔盖·门捷列夫等核心成员被美方悬赏通缉。 Garantex交易所被控自2019年起为勒索软件运营商等犯罪团伙提供服务，处理非法交易超1亿美 元，2022年被吊销爱沙尼亚牌照后，转以莫斯科、圣彼得堡为基地运营，2025年3月6日遭美国、德国、 芬兰三国联合执法，服务器被查封，域名被没收，超2600万美元加密资产被冻结。 据吉尔吉斯斯坦经济学人网8月15日报道，美国财政部海外资产控制办公室（OFAC）宣布对加密 货币交易所Garantex ...

Core Viewpoint - The article emphasizes the role of technology investigation officers in enhancing the efficiency and quality of legal proceedings in Shanghai's Jing'an District, showcasing a model for modernizing judicial practices and improving the business environment [1][2][3]. Group 1: Technological Integration in Legal Proceedings - Jing'an District has established inspection service stations in key commercial areas to create a first-class business environment and support new productivity [2]. - The introduction of technology investigation officers aims to address the increasing technical complexity of cases, particularly in areas like cybercrime and intellectual property [3][4]. - The first batch of 60 technology investigation officers was appointed to assist in resolving specialized technical issues within the judicial process [3]. Group 2: Case Studies and Practical Applications - A notable case involved the prosecution of an individual for unauthorized video distribution, where technology investigation officers helped identify over 4,000 instances of copyright infringement [3]. - In another case, technology investigation officers assisted in analyzing a self-developed program used for illegal account registration in online gaming, leading to a conviction [5]. - The involvement of technology investigation officers has significantly improved the confidence of prosecutors in handling complex cases involving computer programs and electronic evidence [5]. Group 3: Public Interest Litigation and Environmental Issues - The article discusses how technology investigation officers have been utilized in public interest litigation, particularly in addressing light pollution issues in residential areas [6][7]. - They employed scientific equipment to gather data on light pollution, which helped in establishing core evidence and facilitating multi-department collaboration for urban governance [7]. - The Jing'an District Prosecutor's Office has engaged technology investigation officers in various public interest cases, leading to over 200 instances of technical opinion issuance [7]. Group 4: Urban Governance and Safety - The article highlights the importance of integrating legal and technical expertise to enhance urban governance, particularly in traffic safety [8][9]. - Technology investigation officers have been involved in assessing traffic signal timing and road safety, leading to adjustments in traffic management across multiple intersections [8]. - The collaboration between prosecutors and technology investigation officers aims to create a more effective governance model that addresses urban challenges [9].

Core Insights - ASEAN urgently needs to enhance cooperation and take effective actions to address the increasing cybercrime, which includes financial fraud and ransomware attacks [1] Group 1 - The Malaysian Minister of Home Affairs, Saifuddin, emphasized the necessity for ASEAN to strengthen collaboration against cybercrime [1] - New technological measures, including the responsible use of artificial intelligence, are required to improve the identification, prevention, and enforcement capabilities against criminal activities [1]

5月21日，微软发布官方博文表示，微软数字犯罪部门已于5月13日对Lumma Stealer（以下简称"lumma"）提起诉讼。 该博客称，微软的DCU（数字犯罪调查组）根据一项法院命令查封并协助关闭、暂停和屏蔽了约2300个构成Lumma基础设施网络的恶意域名。与此同时， 美国司法部（DOJ）查封了Lumma的中央指挥结构，并捣毁了向其他网络犯罪分子兜售工具的地下交易市场。欧洲刑警组织的欧洲网络犯罪中心（EC3）和 日本网络犯罪控制中心（JC3）协助暂停了位于当地的Lumma基础设施运行。 自2022年以来，Lumma就通过地下论坛进行营销和销售，多年来，其开发者不断推出新版本以持续增强功能。 据博客，Lumma易于传播、难以检测，且可被编程绕过某些安全防御措施，因此成为网络犯罪分子和在线威胁行为体的首选工具，会伪装成微软等受信任 的品牌，通过鱼叉式钓鱼邮件、恶意广告等多种渠道进行传播。例如，在2025年3月，微软威胁情报团队发现了一场冒充在线旅游平台Booking.com的网络钓 鱼活动。该活动利用包括Lumma在内的多种凭证窃取恶意软件实施金融欺诈和盗窃。 此外，Lumma还被用于针对游戏社区和教育系统 ...

Core Viewpoint - SBI Securities has halted all new buy orders for Chinese stocks due to increased risks from cybercriminal groups engaging in illegal stock trading [1] Group 1: Company Actions - SBI Securities operates approximately 1,300 Chinese stocks and has stopped accepting new buy orders while still allowing sell orders for stocks already held [1] - Since January, SBI Securities has already ceased new buy orders for certain low liquidity stocks that are prone to price manipulation, and this action has now been expanded [1] Group 2: Cybercrime Concerns - Cybercriminal groups are suspected of illegally acquiring securities accounts to buy large quantities of stocks, artificially inflating prices before selling for profit [1] - These groups may be using phishing websites or malicious software to steal personal information from individuals [1]