Group 1 - The report by Threat Hunter analyzes the trends of the internet black and gray industry in the first half of 2025, focusing on attack resources, technologies, and scenarios to provide reference for enterprise risk control [1][10] - Daily active risk IPs reached 13.82 million, a 15.02% increase compared to the previous period, with over 50% of attacks coming from "hijacked shared proxy" IPs [9][62] - The emergence of new "link code" methods for money laundering and a 28.6% increase in laundering bank cards were noted, with gambling-related cards accounting for 70.25% of the total [1][9] Group 2 - AI technology is being heavily misused, enabling minute-level face-swapping and 10-second voice cloning for fraud and authentication bypass [1][9] - Marketing fraud intelligence increased to 580 million entries, a 26% rise, with high risks in e-commerce and local life sectors [2][9] - Financial fraud incidents included 770,000 malicious loan-related entries, a 12% increase, while car loan fraud decreased by 10% and housing loan fraud surged by 63% [2][9] Group 3 - The report highlights the adaptability of the black industry, indicating that after being targeted, it quickly shifts to existing or emerging alternative channels [8][10] - API attacks exceeded 1.49 million times, with consumer finance being the primary target, utilizing methods such as account scanning and database collisions [2][9] - Data breaches reached 57,000 incidents, with e-commerce and finance being the focal points, and loan application information leaks increasing fourfold [2][9]