YunoBlog

Blog

  • U.K. Lifts Sanctions on British Financier Tied to Russia’s Shadow Fleet

    The U.K. government this week lifted sanctions against a British financier who purchased ships that later became part of Russia’s so-called shadow fleet, following his public warning that others should avoid any business dealings that could support Moscow.

    John Michael Ormerod, 75, was added to the U.K. sanctions list in May 2025 after acquiring dozens of second-hand tankers that Lukoil, Russia’s second-largest oil producer, used to transport billions of dollars’ worth of oil. In a February statement, Ormerod said the designation — a rare case of a Western government sanctioning one of its own citizens — had a “devastating impact” on him and his family while reaffirming his opposition to Russia’s war in Ukraine.

    “I encourage others to learn from my experience and avoid any actions that may support the Russian energy sector or other sectors of strategic significance,” he said.

    The sanctions, which froze Ormerod’s U.K. bank accounts and other assets, were part of Britain’s broader effort to disrupt Russia’s military capabilities, global trade operations, and shadow fleet of “ghost ships” — vessels with hidden ownership that rely on fraudulent insurance, switch off tracking systems at sea, and conduct illicit ship-to-ship transfers to conceal the origin of their cargo.

    Investigations by the OCCRP and Follow the Money last year revealed that Western shipowners earned at least $6.3 billion selling aging tankers to shell companies, which eventually entered Russia’s shadow fleet.

    Ormerod’s role came to light in an October 2024 report by the Financial Times, which found he acquired at least 25 tankers between December 2022 and August 2023 for more than $700 million. Each ship was purchased through a separate special purpose company in the Marshall Islands, with funding advanced by Lukoil’s Dubai-based Eiger Shipping DMCC. Shipping data later showed the vessels transported over 120 million barrels of Russian oil after Ormerod’s acquisition.

    After the delisting on Monday, Ormerod welcomed the decision but cautioned that even experienced financiers could become unintentionally entangled in sanctions. “To be clear, I wholeheartedly condemn the Russian invasion of Ukraine,” he said. “I urge others to be watchful. It is easy to be caught up unwittingly in the sanctions regime as I was.”

  • Taiwan and Singapore Add to Growing Action Against Alleged Cambodian Crime Group

    The Taipei District Prosecutors Office announced Wednesday that it has indicted 62 individuals and 13 companies and seized more than $170 million in assets linked to Prince Group, heightening global action against the Cambodia-based conglomerate accused of running extensive online fraud operations.

    Included among the three principal defendants in the Taiwanese charges is Chen Zhi, the chairman of Prince Group who was extradited from Cambodia to Beijing earlier this year

    Chen Zhi’s legal representatives did not respond to a request for comment before publication. The Prince Group has said allegations made by U.S. and U.K. authorities are “baseless and appear aimed at justifying the unlawful seizure of assets worth billions of dollars.” 

    All three principal defendants in the Taiwan case were among dozens sanctioned by the U.S. Department of the Treasury in October 2025 for involvement in the Prince Group’s alleged online fraud and human trafficking. The Treasury Department characterized the Prince Group as a major “transnational criminal organization.”

    The trio are charged with presiding over an organized crime group, money laundering, falsifying documents and accounting, and profiting from illegal gambling.

    Also indicted is Hu Xiaowei, an individual previously identified by Taiwanese authorities as a “second in command” at Prince Group, and whom OCCRP has revealed goes by at least three additional names, one of which has also been sanctioned by the U.S. Treasury. 

    Taipei prosecutors indicted Hu Xiaowei for serious money laundering offences, participating in a criminal organization and involvement in organized gambling. He did not respond to a request for comment about the Taiwanese indictment before publication. His assistant previously declined to answer a question about Hu Xiaowei’s multiple identities.

    Multiple Taiwanese nationals allegedly involved in facilitating and enabling criminal activity on behalf of Prince Group were among the others indicted.

    Separately, the Singapore Police Force (SPF) announced Tuesday that it had arrested three Singaporean nationals previously identified in connection with Prince Group for their alleged involvement in serious crime and corruption offences.

    The SPF also announced an arrest warrant against a defendant in the Taiwan indictment for allegedly falsifying accounts, and noted that she had left Singapore and was residing in Cambodia.

    The SPF said it had seized three properties, eight cars, cash and multiple luxury items linked to the group with a combined value of over $270 million, bringing the total value of Prince Group assets seized or frozen to date to over $390 million.

    The police action came as authorities in different countries work to dismantle the operations of Prince Group. In addition to the U.S., the U.K. and South Korea have announced sanctions against alleged members of the organization.

    After extraditing Prince Group chairman Chen Zhi from Cambodia, China issued a February 15 deadline for suspects in the organization’s alleged crimes to surrender and confess to police in exchange for light or mitigated punishments.

  • Georgia Tightens Control Over Foreign Funding for NGOs and Media

    Georgia’s parliament has approved sweeping legislation that gives the government direct oversight of nearly all foreign funding for civil society groups, independent media, and politically active organizations, while criminalizing violations with sentences of up to six years in prison.

    The bill, backed by the ruling Georgian Dream party, passed with a large majority; fewer than a dozen lawmakers opposed it. It has now been sent to the President for signature, after which it will come into force.

    Under the new law, the government gains broad authority to define what constitutes a “grant.” Any foreign support deemed intended to “exert influence” over public policy—including routine journalism, advocacy, or research—could fall under the legislation’s reach, putting ordinary operations at immediate legal risk.

    The law also requires foreign organizations with Georgian branches to obtain government approval before accepting international funding. Entities that bypass the vetting process face fines and other penalties, though commercial transactions are exempt. Organizations with preexisting grants will have one month to apply for government approval, which the authorities must consider within the following month.

    Oversight of the law will fall to Georgia’s Audit Office, which recently absorbed the Anti-Corruption Bureau.

    The ruling party has defended the measure as a necessary step to close what it calls loopholes allowing foreign influence over domestic politics. “At this stage, financing unrest, violence, or revolutionary processes in Georgia from abroad has become significantly more difficult,” Georgian Dream lawmaker Irakli Kirtskhalia said in January. “However, in practice, we still see certain mechanisms and ways to bypass existing laws.”

    Critics say the legislation could stifle independent media and civil society, giving the government unprecedented power to monitor and control funding.

    “Today, Parliament adopted amendments that effectively banned not only the activities of organized civil society, but even the most basic forms of civic activism, as the broad and unpredictable norms in the law make any civic activity a potential offense,” said Levan Natroshvili, Executive Director of the International Society for Free Elections and Democracy, ISFED, in his Facebook post.

  • Tunisia Jails Ex Prime Minister and Billionaire in Major Corruption Ruling

    A Tunisian court has handed prison sentences to former Prime Minister Youssef Chahed, businessman Marouan Mabrouk—the son-in-law of former President Zine El Abidine Ben Ali—and several other former ministers on corruption charges.

    Chahed, who served as prime minister between 2016 and 2020, was sentenced Monday to six years in prison, along with former ministers including the foreign minister, finance minister, state property minister, human rights minister, and information and communications technology minister, the state-run TAP news agency reported Tuesday, citing a judicial source. The court also ordered each defendant to pay a fine of 800 million dinars (about $276 million).

    Mabrouk, considered Tunisia’s wealthiest businessman, was handed a 20-year prison sentence on charges of money laundering, embezzlement, and receiving unlawful benefits from Chahed’s government.The ruling stems from a case concerning the lifting of the freeze on Mabrouk’s funds by the Ministerial Council in January 2018. He is the son-in-law of the late Ben Ali, the dictator who ruled Tunisia for 23 years before being forced to flee during the 2011 revolution that toppled his regime and sparked the Arab Spring.

    Former Minister of State Property and Real Estate Affairs Mabrouk Korchid, who was sentenced to six years in prison, denounced the ruling as “bizarre” and “unjust.” He pointed to the acquittal of four other defendants while seven were convicted in the same proceedings.

    “Why didn’t the other ministers [receive the same ruling]? There is no logic behind it,” Korchid said in a video posted to social media. In a separate post, he congratulated those acquitted in what he described as a “major injustice,” saying that the case is politically motivated. Korchid held ministerial post from September 2017 to November 2018.

    In 2022, Tunisian President Kais Saied established a “criminal reconciliation” commission, adopting a penal settlement for businessmen involved in corruption cases predating the 2011 revolution, in exchange for the recovery of funds. In 2021, Saied estimated the money looted from the country at roughly 13.5 billion dinars (at least $4.6 billion).

    However, a year later, Saied dismissed the head of the commission, saying nothing notable had been achieved. To date, the commission has failed to collect any substantial sums.

  • Latest Science on Origins of SARS-CoV-2

    Six years after the COVID-19 pandemic, which had claimed over 7 million lives worldwide by April 2024 (figures are no longer being tracked), we are still debating the origins of this novel virus. The intelligence community is divided between the zoonotic hypothesis (the virus evolved in animal reservoirs and then crossed over to humans) and the lab leak hypothesis. Essentially the consensus […]

    The post Latest Science on Origins of SARS-CoV-2 first appeared on Science-Based Medicine.

  • Satellite Imagery Reveals Strikes on Iranian Police Stations

    Satellite Imagery Reveals Strikes on Iranian Police Stations

    US President Donald Trump said on January 2 that the US was “locked and loaded and ready to go”. Trump was talking aloud about intervening in Iran if it continued a violent crackdown on demonstrators who had taken to the streets over spiralling inflation and ongoing repression

    Thousands of Iranian’s were reported to have been killed by state security forces in just under a month. According to Amnesty International, the Islamic Revolutionary Guard Corps (IRGC), the Basij plainclothes militia, police forces and other plain-clothed agents carried out the deadliest violence against protesters in decades.

    On Saturday, February 28, the United States and Israel launched a large-scale attack against Iran, killing Supreme Leader Ayatollah Ali Khamenei and targeting military infrastructure throughout the country. President Trump initially told Iranians they should seize control of the government but on Tuesday this week said: “If you’re going to go out and protest, don’t do it yet. It’s very dangerous out there. A lot of bombs are being dropped.” Almost 800 Iranians have been killed in US and Israeli strikes so far, according to the Iranian Red Crescent. 

    While the US has released a list of military targets, including IRGC headquarters and missile systems, Bellingcat has reviewed strikes against another type of target inside the Islamic Republic — police stations.

    Experts told the New York Times that strikes against these facilities may be part of an effort to motivate Iranians to challenge the regime, although satellite analysis alone doesn’t allow us to tell if it is the US, Israel or both nations who have targeted police stations.

    Mapping Targeted Police Stations

    Using medium-resolution PlanetScope satellite imagery from Planet Labs, Bellingcat has been able to locate at least 15 police stations or similar buildings that were struck between March 1 and March 3. Videos and photos shared on social media also show the aftermath of some of these strikes.

    Comparing the March 1 PlanetScope satellite imagery with imagery taken on March 3, it’s possible to make out visible signs of building destruction throughout Tehran. Some of these sites have already been widely-reported on, including the strike on Supreme Leader Ali Khamenei’s compound and official residence.

    But Bellingcat reviewed damage to a number of smaller buildings throughout Tehran and cross-referenced the locations with data on Google Maps, Open Street Maps and Wikimapia where we found that several were listed as police stations. The majority of sites we identified are in dense urban areas. 

    Video shared by Iranian state broadcaster Tasnim News showed the aftermath of a strike on what it describes as a “diplomatic police station” near Ferdowsi Square — one of downtown Tehran’s main intersections. Another video taken at the same location shows at least two people on the ground with a large amount of damage to nearby buildings. Geolocation of the videos puts them at 35.7032, 51.4189, adjacent to a school and office buildings. 

    An annotated image from Google Earth showing where a police station was destroyed in an airstrike. Video from Iran’s Tasnim News shows buildings that match those in the satellite imagery.

    Another video, geolocated by a volunteer with Geoconfirmed — a volunteer geolocation collective — shows a heavily damaged police station near Tehran’s Grand Bazaar. PlanetScope imagery from March 3 shows heavy damage to the area around the police station.

    Photos and video from the Golestan Palace, a UNESCO World Heritage Site that sits adjacent to the police office, shows that it also sustained damage.

    Iran’s Police and Law Enforcement

    Iran’s security apparatus includes a network of police, plain clothes officers, civilian militia battalions known as Basij and the Islamic Revolutionary Guard Corps. During recent protests security forces were seen shooting protestors on the streets, and many of those killed showed signs of being shot in the head.

    Iran has experienced several waves of anti-regime protests over the past 15 years, all of which have been put down by the authorities who have not shied away from using extreme violence to contain them.

    Although the Financial Times reported speaking to a Tehran resident that said one of the police stations we identified, in the Gisha neighborhood, had hosted a branch of Iran’s morality police, it is thus far unclear from the satellite data whether any of the police stations had any particular role during the recent protests.

    Trevor Ball, Logan Williams and Felix Matteo Lommerse contributed reporting to this piece.

    Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Bluesky here, Instagram here, Reddit here and YouTube here.

    The post Satellite Imagery Reveals Strikes on Iranian Police Stations appeared first on bellingcat.

  • World News in Brief: Afghan-Pakistan border clashes latest, murder of Iraqi women’s rights activist condemned, Chile leprosy milestone

    Clashes along the Afghanistan-Pakistan border have continued for a seventh straight day, with humanitarian access to affected areas still restricted, the UN said on Wednesday.
  • YggTorrent Shuts Down After Hack, Leak and Stolen Crypto

    YggTorrent Shuts Down After Hack, Leak and Stolen Crypto

    In recent years, YggTorrent was France’s largest and most active torrent community, serving millions of users.

    The torrent site was not a typical torrent indexer. The community is powered by a dedicated tracker, something that’s quite rare these days.

    This thriving community was severely tested last December when its operators introduced a paid ‘Turbo Mode’. This triggered a revolt, with users and uploaders actively looking for alternative French torrent trackers.

    Just as the storm appeared to have calmed, YggTorrent’s operation was shaken up by a final blow this week, after unknown people breached the site, stole data and funds, and exposed the entire operation.

    YggTorrent Shuts Down Following Hack

    Today, YggTorrent decided to close its doors for good. This decision comes after the torrent site was severely compromised through an elaborate hack.

    According to a statement published by the site’s operators, a secondary pre-production staging server was the entry point. From there, the attackers used a privilege escalation exploit to delete and then exfiltrate the site’s database.

    YggTorrent’s message (translated)

    closedygg

    In addition to large amounts of site data, the hackers also stole cryptocurrency wallets. YggTorrent’s operators note that these wallets were used exclusively to fund server costs.

    The hack bears signs of a targeted attack. YggTorrent notes that there was no warning or attempt at a dialogue before all its data was exposed.

    According to YggTorrent, all stored user passwords were hashed and salted. However, the leak suggests that millions of legacy accounts were still stored in MD5 without salts, offering significantly weaker protection.

    YggLeak

    The hacker has shared a detailed summary of their achievements and findings on a dedicated leak site.

    From the leak site (translated)

    ygg leak

    This website explains that the hackers entered YggTorrent’s infrastructure through a series of critical configuration errors by the administrator, starting at the search engine service (SphinxQL) that was left exposed on the staging server without a password.

    The YggLeak site portrays YGGtorrent as a high-revenue “cash machine” rather than a simple sharing community. It claims that the site made millions of euros in revenues in 2025 alone. This revenue was reportedly converted to cryptocurrency.

    According to the leak, this conversion was not straightforward. The site allegedly used a plugin called CardsShield to route payments through dozens of fake e-commerce storefronts to disguise the true nature of transactions from PayPal and Stripe. The proceeds then went through a circuit involving USDT, Monero and Ethereum, with funds passed through Tornado Cash to reach anonymous wallets.

    The data, via Kulturegeek

    leakeddata

    While TorrentFreak can’t immediately verify any of these claims, the author of the YggLeak website suggests that the 11+ GB in data archives may be useful for law enforcement

    “[N]ow that this data is public, professionals will be able to examine it, gather additional evidence, and perhaps even take legal action against those responsible for the site, as well as against hosting providers or other identified third parties,” the YggLeak author writes.

    Fin.

    For YggTorrent, this is the end of the road. The site’s operators note that there is a backup of all data, so it would be possible to put the site back online. However, facing a rather hostile environment, the team has chosen to shut down permanently.

    “A platform can shut down. A community, however, leaves a lasting legacy. Thank you for these nine years. Thank you for your trust. Thank you for all these shared moments,” YggTorrent says in a closing note.

    From: TF, for the latest news on copyright battles, piracy and more.

  • Pregnant women shed grey matter to help with motherhood, study seen by BBC suggests

    It is time to move beyond the “baby brain” cliche, say scientists who scanned dozens of women’s brains.

  • EFF to Third Circuit: Electronic Device Searches at the Border Require a Warrant

    EFF, along with the national ACLU and the ACLU affiliates in Pennsylvania, Delaware, and New Jersey, filed an amicus brief in the U.S. Court of Appeals for the Third Circuit urging the court to require a warrant for border searches of electronic devices, an argument EFF has been making in the courts and Congress for nearly a decade.

    The case, U.S. v. Roggio, involves a man who had been under ongoing criminal investigation for illegal exports when he returned to the United States from an international trip via JFK airport. Border officers used the opportunity to bypass the Fourth Amendment’s warrant requirement when they seized several of his electronic devices (laptop, tablet, cell phone, and flash drive) and conducted forensic searches of them. As the district court explained, “investigative agents had a case coordination meeting and border search authority was discussed in early January 2017,” before Mr. Roggio traveled internationally in February 2017.

    The district court denied Mr. Roggio’s motion to suppress the emails and other data obtained from the warrantless searches of his devices. He was subsequently convicted of illegally exporting gun manufacturing parts to Iraq (he was also charged in a superseding indictment with torture and also convicted of that).

    The number of warrantless device searches at the border and the significant invasion of privacy they represent is only increasing. In Fiscal Year 2025, U.S. Customs and Border Protection (CBP) conducted 55,318 device searches, both manual (“basic”) and forensic (“advanced”).

    While a manual search involves a border officer tapping or mousing around a device, a forensic search involves connecting another device to the traveler’s device and using software to extract and analyze the data to create a detailed report the device owner’s activities and communications. Border officers have access to forensic tools that help gain access to data on a locked or encrypted device they have physical access to. From public reporting, we know that more recent devices (and ones that have had the latest security updates applied) are more resistant to these type of tools, especially if they are turned off or turned on but not yet unlocked.

    The U.S. Supreme Court has recognized for a century a border search exception to the Fourth Amendment’s warrant requirement, allowing not only warrantless but also often suspicionless “routine” searches of luggage, vehicles, and other items crossing the border.

    The primary justification for the border search exception has been to find—in the items being searched—goods smuggled to avoid paying duties (i.e., taxes) and contraband such as drugs, weapons, and other prohibited items, thereby blocking their entry into the country. But a traveler’s privacy interests in their suitcase and its contents are minimal compared to those in all the personal data on the person’s phone or laptop.

    In our amicus brief, we argue that the U.S. Supreme Court’s balancing test in Riley v. California (2014) should govern the analysis here. In that case, the Court weighed the government’s interests in warrantless and suspicionless access to cell phone data following an arrest against an arrestee’s privacy interests in the depth and breadth of personal information stored on a cell phone. The Court concluded that the search-incident-to-arrest warrant exception does not apply, and that police need to get a warrant to search an arrestee’s phone.

    Travelers’ privacy interests in their cell phones, laptops and other electronic devices are, of course, the same as those considered in Riley. Modern devices, over a decade later, contain even more data that together reveal the most personal aspects of our lives, including political affiliations, religious beliefs and practices, sexual and romantic affinities, financial status, health conditions, and family and professional associations.

    In considering the government’s interests in warrantless access to digital data at the border, Riley requires analyzing how closely such searches hew to the original purpose of the warrant exception—preventing the entry of prohibited goods themselves via the items being searched. We argue that the government’s interests are weak in seeking unfettered access to travelers’ electronic devices.

    First, physical contraband (like drugs) can’t be found in digital data.

    Second, digital contraband (such as child sexual abuse material) can’t be prevented from entering the country through a warrantless search of a device at the border because it’s likely, given the nature of cloud technology and how internet-connected devices work, that identical copies of the files are already in the country on servers accessible via the internet.

    Finally, searching devices for evidence of contraband smuggling (for example, the emails here revealing details of the illegal import scheme) and other evidence for general law enforcement (i.e., investigating non-border-related domestic crimes) are too “untethered” from the original purpose of the border search exception, which is to find prohibited items themselves and not evidence to support a criminal prosecution. Therefore, emails or other data found on a digital device searched without a warrant at the border cannot and should not be used as evidence in court.

    If the Third Circuit is not inclined to require a warrant for electronic device searches at the border, we also argue that such a search—whether manual or forensic—should be justified only by reasonable suspicion that the device contains digital contraband and be limited in scope to looking for digital contraband.

    This extends the Ninth Circuit’s rule from U.S. v. Cano (2019) in which the court held that only forensic device searches at the border require reasonable suspicion that the device contains digital contraband—that is, some set of already known facts pointing to this possibility—while manual searches may be conducted without suspicion. But the Cano court also held that all searches must be limited in scope to looking for digital contraband (for example, call logs are off limits because they can’t contain digital contraband in the form of photos or files).

    We hope that the Third Circuit will rise to the occasion and be the first circuit to fully protect travelers’ Fourth Amendment rights at the border.