The iconic "You Wouldn't Steal a Car" anti-piracy campaign, which dramatically equated digital piracy with physical theft, appears to have used a pirated font in its own materials. New evidence indicates the campaign utilized "XBAND Rough," a free clone of the commercial "FF Confidential" font, which requires a license.

TorrentFreak independently confirmed campaign materials from 2005 embedded the XBAND Rough font rather than the original created by Just Van Rossum in 1992. Researchers discovered the font in PDF files hosted on the campaign's official website. Van Rossum, FF Confidential's creator, called the revelation "hilarious" when informed by TorrentFreak. "I knew my font was used for the campaign and that a pirated clone named XBand-Rough existed. I did not know that the campaign used XBand-Rough," he said.

An anonymous reader quotes a report from Ars Technica: Russian military personnel are being targeted with recently discovered Android malware that steals their contacts and tracks their location. The malware is hidden inside a modified app for Alpine Quest mapping software, which is used by, among others, hunters, athletes, and Russian personnel stationed in the war zone in Ukraine. The app displays various topographical maps for use online and offline. The trojanized Alpine Quest app is being pushed on a dedicated Telegram channel and in unofficial Android app repositories. The chief selling point of the trojanized app is that it provides a free version of Alpine Quest Pro, which is usually available only to paying users.

The malicious module is named Android.Spy.1292.origin. In a blog post, researchers at Russia-based security firm Dr.Web wrote: "Because Android.Spy.1292.origin is embedded into a copy of the genuine app, it looks and operates as the original, which allows it to stay undetected and execute malicious tasks for longer periods of time. Each time it is launched, the trojan collects and sends the following data to the C&C server:

- the user's mobile phone number and their accounts;
- contacts from the phonebook;
- the current date;
- the current geolocation;
- information about the files stored on the device;
- the app's version."

If there are files of interest to the threat actors, they can update the app with a module that steals them. The threat actors behind Android.Spy.1292.origin are particularly interested in confidential documents sent over Telegram and WhatsApp. They also show interest in the file locLog, the location log created by Alpine Quest. The modular design of the app makes it possible for it to receive additional updates that expand its capabilities even further.

An anonymous reader quotes a report from Business Insider: There is some microplastics in normal, healthy arteries," Dr. Ross Clark, a University of New Mexico medical researcher who led the study, told Business Insider before he presented his findings at the meeting of the American Heart Association in Baltimore on Tuesday. "But the amount that's there when they become diseased -- and become diseased with symptoms -- is really, really different," Clark said. Clark and his team measured microplastics and nanoplastics in the dangerous, fatty plaque that can build up in arteries, block blood flow, and cause strokes or heart attacks. Compared to the walls of healthy plaque-free arteries, plaque buildup had 16 times more plastic -- just in the people who didn't have symptoms. In people who had experienced stroke, mini-stroke, or vision loss, the plaque had 51 times more plastic. [...]

To investigate why, Clark studied samples from 48 people's carotid arteries -- the pair of superhighways in your neck that channel blood to your brain. The difference in plastic quantities surprised him, but his team found another concerning trend, too. Cells in the plaque with lots of plastic showed different gene activity than those with low plastic. In the high-plastic environment, one group of immune cells had switched off a gene that's associated with turning off inflammation. Clark's team also found genetic differences in a group of stem cells thought to help prevent heart attacks and strokes by reducing inflammation and stabilizing plaque. "Could it be that microplastics are somehow altering their gene expression?" Clark said. He added that there's "lots more research needed to fully establish that, but at least it gives us a hint as to where to look."

Ross, who specializes in the genetic mechanisms behind disease, agreed that more research is needed, but added that she thinks "these plastics are doing something with these plaques." Tracking microplastics in the human body is a new scientific endeavor as of the last couple years. It's not perfect. Clark's team heated the plaque samples to more than 1,000 degrees Fahrenheit to vaporize plastic polymers and break them down into smaller organic molecules, which can be identified and measured by their mass and other properties. Unfortunately, the lipids in plaque can break down into chemicals that look very similar to polyethylene, the most common plastic found in everything from plastic bags to car parts. "Because we know about this problem, we've taken a lot of steps to remove those lipids and confirm their removal, so that we're sure we're measuring polyethylene," Clark said. Still, he added, "it's a big limitation, and it should be acknowledged that these types of methodologies are continuously improving." "Almost all of what we know about microplastics in the human body, no matter where you look, can be summed up as: It's there, and we need to study further as to what it's doing, if anything," Clark said.

An anonymous reader quotes a report from Ars Technica: Wizards of the Coast has released the System Reference Document, the heart of the three core rule books that constitute Dungeons & Dragons' 2024 gameplay, under a Creative Commons license. This means the company cannot alter the deal further, like it almost did in early 2023, leading to considerable pushback and, eventually, a retreat. It was a long quest, but the lawful good party has earned some long-term rewards, including a new, similarly licensed reference book. [...] Version 5.2 of the SRD, all 360-plus pages of it, has now been released under the same Creative Commons license. The major change is that it includes more 2024 5th edition (i.e., D&D One) rules and content, while version 5.1 focused on 2014 rules. Legally, you can now design and publish campaigns under the 2024 5th edition rule set. More importantly, more aspects of the newest D&D rule books are available under a free license:

- "Rhythm of Play" and "Exploration" documentation
- More character origins and backgrounds, including criminal, sage, soldier, and the goliath and orc species.
- 16 feats, including archery, great weapon fighting, and seven boons
- Five bits of equipment, 20 spells, 15 magic items, and 17 monsters, including the hippopotamus

There are some aspects of D&D you still can't really touch without bumping up against copyrights. Certain monsters from the Monster Manual, like the Kraken, are in the public domain, but their specific stats in the D&D rulebook are copyrighted. Iconic creatures and species like the Beholder, Displacer Beast, Illithid, Githyanki, Yuan-Ti, and others remain the property of WotC (and thereby Hasbro). As a creator, you'll still need to do some History (or is it Arcana?) checks before you publish and sell.

An anonymous reader shares a report: For two years, ChatGPT has been OpenAI's cash cow. But by the end of the decade, the company has told some potential and current investors it expects combined sales from agents and other new products to exceed its popular chatbot, lifting total sales to $125 billion in 2029 and $174 billion the next year, according to documents seen by The Information.

The projections, which would propel the 10-year-old startup's sales toward the level of Nvidia or Meta Platforms today, reflect rapid revenue gains from agents, or AI software that can take actions on behalf of customers, as well as other new products. These include those tied to "free user monetization," likely meaning money made from OpenAI's nonpaying users.

Apple was fined 500 million euros ($570 million) on Wednesday and Meta 200 million euros, as European Union antitrust regulators handed out the first sanctions under landmark legislation aimed at curbing the power of Big Tech. From a report: The EU fines could stoke tensions with U.S. President Donald Trump who has threatened to levy tariffs against countries that penalise U.S. companies. WSJ adds more details: The commission also issued cease-and-desist orders that could have a bigger impact than the fines. One order targets Apple's App Store and the other takes aim at Meta's use of personalized ads -- important revenue streams for each company.

[...] The EU's action against Meta focuses on the company's effort to get users to agree to seeing personalized ads on Instagram and Facebook -- its main source of revenue. The commission ordered Meta to stop requiring users to either agree to those ads or pay for a subscription. It said it was still evaluating whether a "less-personalized ads" option that Meta introduced last fall complies with that order, raising the specter of further changes.

The Apple case deals with the company's App Store rules. The commission said Apple had failed to comply with an obligation to allow app developers to inform customers, free of charge, of alternative ways to purchase digital products.

An anonymous reader quotes a report from MIT Technology Review: A lawsuit to hold Yahoo responsible for "willfully turning a blind eye" to the mismanagement of a human rights fund for Chinese dissidents was settled for $5.425 million last week, after an eight-year court battle. At least $3 million will go toward a new fund; settlement documents say it will "provide humanitarian assistance to persons in or from the [People's Republic of China] who have been imprisoned in the PRC for exercising their freedom of speech." This ends a long fight for accountability stemming from decisions by Yahoo, starting in the early 2000s, to turn over information on Chinese internet users to state security, leading to their imprisonment and torture. After the actions were exposed and the company was publicly chastised, Yahoo created the Yahoo Human Rights Fund (YHRF), endowed with $17.3 million, to support individuals imprisoned for exercising free speech rights online.

The Yahoo Human Rights Fund was intended to support imprisoned Chinese dissidents. Instead, a lawsuit alleges that only a small fraction of the money went to help former prisoners. But in the years that followed, its chosen nonprofit partner, the Laogai Research Foundation, badly mismanaged the fund, spending less than $650,000 -- or 4% -- on direct support for the dissidents. Most of the money was, instead, spent by the late Harry Wu, the politically connected former Chinese dissident who led Laogai, on his own projects and interests. A group of dissidents sued in 2017, naming not just Laogai and its leadership but also Yahoo and senior members from its leadership team during the time in question; at least one person from Yahoo always sat on YHRF's board and had oversight of its budget and activities.

The defendants -- which, in addition to Yahoo and Laogai, included the Impresa Legal Group, the law firm that worked with Laogai -- agreed to pay the six formerly imprisoned Chinese dissidents who filed the suit, with five of them slated to receive $50,000 each and the lead plaintiff receiving $55,000. The remainder, after legal fees and other expense reimbursements, will go toward a new fund to continue YHRF's original mission of supporting individuals in China imprisoned for their speech. The fund will be managed by a small nonprofit organization, Humanitarian China, founded in 2004 by three participants in the 1989 Chinese democracy movement. Humanitarian China has given away $2 million in cash assistance to Chinese dissidents and their families, funded primarily by individual donors.

An anonymous reader quotes a report from MIT Technology Review: Arete Glacier Initiative has raised $5 million to improve forecasts of sea-level rise and explore the possibility of refreezing glaciers in place. Off one atoll, just south of the Maldives' capital, Male, researchers are testing one way to capture sand in strategic locations -- to grow islands, rebuild beaches, and protect coastal communities from sea-level rise. Swim 10 minutes out into the En'boodhoofinolhu Lagoon and you'll find the Ramp Ring, an unusual structure made up of six tough-skinned geotextile bladders. These submerged bags, part of a recent effort called the Growing Islands project, form a pair of parentheses separated by 90meters (around 300 feet). The bags, each about two meters tall, were deployed in December 2024, and by February, underwater images showed that sand had climbed about a meter and a half up the surface of each one, demonstrating how passive structures can quickly replenish beaches and, in time, build a solid foundation for new land. "There's just a ton of sand in there. It's really looking good," says Skylar Tibbits, an architect and founder of the MIT Self-Assembly Lab, which is developing the project in partnership with the Male-based climate tech company Invena.

The Self-Assembly Lab designs material technologies that can be programmed to transform or "self-assemble" in the air or underwater, exploiting natural forces like gravity, wind, waves, and sunlight. Its creations include sheets of wood fiber that form into three-dimensional structures when splashed with water, which the researchers hope could be used for tool-free flat-pack furniture.Growing Islands is their largest-scale undertaking yet. Since 2017, the project has deployed 10 experiments in the Maldives, testing different materials, locations, and strategies, including inflatable structures and mesh nets. The Ramp Ring is many times larger than previous deployments and aims to overcome their biggest limitation.

In the Maldives, the direction of the currents changes with the seasons. Past experiments have been able to capture only one seasonal flow, meaning they lie dormant for months of the year. By contrast, the Ramp Ring is "omnidirectional," capturing sand year-round. "It's basically a big ring, a big loop, and no matter which monsoon season and which wave direction, it accumulates sand in the same area," Tibbits says. The approach points to a more sustainable way to protect the archipelago, whose growing population is supported by an economy that caters to 2 million annual tourists drawn by its white beaches and teeming coral reefs. Most of the country's 187 inhabited islands have already had some form of human intervention to reclaim land or defend against erosion, such as concrete blocks, jetties, and breakwaters.

An anonymous reader quotes a report from Tom's Hardware: While most people enjoy PCs that are powered by SSDs, mechanical hard drives are still king in the datacenter. When these drives reach the end of their useful lives, they are usually shredded, and the key materials they're made of -- including several rare earth elements (REE) -- end up as e-waste. At the same time, countries are mining these same materials and emitting a lot of greenhouse gases in the process. And China, a major source of REE, recently announced export restrictions on seven of them, potentially limiting the U.S. tech industry's access to materials such as dysprosium, which is necessary for magnetic storage, motors, and generators.

[On Thursday], Western Digital announced that it has created a large-scale hard disk drive recycling program in concert with Microsoft and recycling-industry partners CMR (Critical Materials Recycling) and PedalPoint Recycling. The new process reclaims Rare Earth Oxides (REO) containing dysprosium, neodymium, and praseodymium from hard drives, along with aluminum, steel, gold, palladium, and copper. The REO reclamation takes place completely within the U.S. and those materials go back into the U.S. market.

Dubbed the Advanced Recycling and Rare Earth Material Capture Program, WD's initiative has already saved 47,000 pounds worth of hard drives, SSDs, and caddies from landfills or less-effective recycling programs. WD was able to achieve a more than 90% reclaim rate for REE and an 80% rate for all of the shredded material. The drives came from Microsoft's U.S. data centers where they were first shredded and then sent to PedalPoint for sorting and processing. Magnets and steel were then sent to CMR, which uses its acid-free dissolution recycling (ADR) technology to extract the rare earth elements.

Cursor AI users recently encountered an ironic AI failure when the platform's support bot falsely claimed a non-existent login restriction policy. Co-founder Michael Truell apologized for the issue, clarified that no such policy exists, and attributed the mishap to AI hallucination and a session management bug. The Register reports: Users of the Cursor editor, designed to generate and fix source code in response to user prompts, have sometimes been booted from the software when trying to use the app in multiple sessions on different machines. Some folks who inquired about the inability to maintain multiple logins for the subscription service across different machines received a reply from the company's support email indicating this was expected behavior. But the person on the other end of that email wasn't a person at all, but an AI support bot. And it evidently made that policy up.

In an effort to placate annoyed users this week, Michael Truell co-founder of Cursor creator Anysphere, published a note to Reddit to apologize for the snafu. "Hey! We have no such policy," he wrote. "You're of course free to use Cursor on multiple machines. Unfortunately, this is an incorrect response from a front-line AI support bot. We did roll out a change to improve the security of sessions, and we're investigating to see if it caused any problems with session invalidation." Truell added that Cursor provides an interface for viewing active sessions in its settings and apologized for the confusion.

In a post to the Hacker News discussion of the SNAFU, Truell again apologized and acknowledged that something had gone wrong. "We've already begun investigating, and some very early results: Any AI responses used for email support are now clearly labeled as such. We use AI-assisted responses as the first filter for email support." He said the developer who raised this issue had been refunded. The session logout issue, now fixed, appears to have been the result of a race condition that arises on slow connections and spawns unwanted sessions.

The Federal Trade Commission filed suit against Uber on Monday, alleging the transportation giant violated federal consumer protection laws through deceptive billing and cancellation practices for its Uber One subscription service. According to the complaint, Uber violated both the FTC Act and the Restore Online Shoppers' Confidence Act by misleading consumers about subscription terms, charging users without consent, and implementing deliberately complicated cancellation processes.

"Americans are tired of getting signed up for unwanted subscriptions that seem impossible to cancel," FTC Chair Andrew Ferguson said in announcing the action. The $9.99 monthly service, launched in 2021, offers benefits including fee-free delivery and discounted rides.

In February tech journalist Nicholas Carr published Superbloom: How Technologies of Connection Tear Us Apart.

A University of Virginia academic journal says the book "appraises the past and present" of information technology while issuing "a warning about its future." And specifically Carr argues that the government ignored historic precedents by not regulating the early internet sometime in the 1990s. But as he goes on to remind us, the early 1990s were also when the triumphalism of America's Cold War victory, combined with the utopianism of Silicon Valley, convinced a generation of decision-makers that "an unfettered market seemed the best guarantor of growth and prosperity" and "defending the public interest now meant little more than expanding consumer choice." So rather than try to anticipate the dangers and excesses of commercialized digital media, Congress gave it free rein in the Telecommunications Act of 1996, which, as Carr explains,

"...erased the legal and ethical distinction between interpersonal communication and broadcast communications that had governed media in the twentieth century. When Google introduced its Gmail service in 2004, it announced, with an almost imperial air of entitlement, that it would scan the contents of all messages and use the resulting data for any purpose it wanted. Our new mailman would read all our mail."

As for the social-media platforms, Section 230 of the Act shields them from liability for all but the most egregiously illegal content posted by users, while explicitly encouraging them to censor any user-generated content they deem offensive, "whether or not such material is constitutionally protected" (emphasis added). Needless to say, this bizarre abdication of responsibility has led to countless problems, including what one observer calls a "sociopathic rendition of human sociability." For Carr, this is old news, but he warns us once again that the compulsion "to inscribe ourselves moment by moment on the screen, to reimagine ourselves as streams of text and image...[fosters] a strange, needy sort of solipsism. We socialize more than ever, but we're also at a further remove from those we interact with."
Carr's book suggests "frictional design" to slow posting (and reposting) on social media might "encourage civil behavior" — but then decides it's too little, too late, because our current frictionless efficiency "has burrowed its way too deeply into society and the social mind."

Based on all of this, the article's author looks ahead to the next revolution — AI — and concludes "I do not think it wise to wait until these kindly bots are in place before deciding how effective they are. Better to roll them off the nearest cliff today..."

An AI support bot for the code editor Cursor invented a nonexistent subscription policy, triggering user cancellations and public backlash this week. When developer "BrokenToasterOven" complained about being logged out when switching between devices, the company's AI agent "Sam" falsely claimed this was intentional: "Cursor is designed to work with one device per subscription as a core security feature."

Users took the fabricated policy as official, with several announcing subscription cancellations on Reddit. "I literally just cancelled my sub," wrote the original poster, adding that their workplace was "purging it completely." Cursor representatives scrambled to correct the misinformation: "Hey! We have no such policy. You're of course free to use Cursor on multiple machines." Cofounder Michael Truell later apologized, explaining that a backend security change had unintentionally created login problems.

databasecowgirl writes: [Liz Truss will launch an "uncensorable" social media platform this summer.] The shortest-serving prime minister, who was quickly shown the door after crashing the UK economy, claims the platform is needed to take on the Deep State. Truss has worked diligently to earn comparisons to Trump with appearances at American political rallies sporting a red MAGA cap. The effort has paid off with Trump's recent tariff announcement and resulting market meltdown, resulting in the two brands combined in the neologism Liz Trump to mark the unprecedented economic policy disasters of the two politicians.

Truss' continuing in Trump's footsteps is creating her own uncensored social media platform for the UK to talk about important matters, which apparently is unable to be achieved without censorship on Musk's X or Trump's Truth Social. While a name has yet to be announced, Lettuce Talk has been suggested as appropriate for a platform run by a prime minister whose term was famously outlasted by a head of lettuce.

Google is offering all U.S. college students a free year of its Gemini Advanced AI tools through its Google One AI Premium plan, as part of a push to expand Gemini's user base and compete with ChatGPT. It includes access to the company's Pro models, Veo 2 video generation, NotebookLM, Gemini Live and 2TB of Drive storage. Ars Technica reports: Google has a new landing page for the deal, allowing eligible students to sign up for their free Google One AI Premium plan. The offer is valid from now until June 30. Anyone who takes Google up on it will enjoy the free plan through spring 2026. The company hasn't specified an end date, but we would wager it will be June of next year. Google's intention is to give students an entire school year of Gemini Advanced from now through finals next year. At the end of the term, you can bet Google will try to convert students to paying subscribers.

As for who qualifies as a "student" in this promotion, Google isn't bothering with a particularly narrow definition. As long as you have a valid .edu email address, you can sign up for the offer. That's something that plenty of people who are not actively taking classes still have. You probably won't even be taking undue advantage of Google if you pretend to be a student -- the company really, really wants people to use Gemini, and it's willing to lose money in the short term to make that happen.

LG is partnering with Zenapse to integrate AI-driven emotional intelligence into its smart TVs, enabling hyper-targeted ads based on viewers' psychological traits, emotions, and behaviors. Ars Technica reports: The upcoming advertising approach comes via a multi-year licensing deal with Zenapse, a company describing itself as a software-as-a-service marketing platform that can drive advertiser sales "with AI-powered emotional intelligence." LG will use Zenapse's technology to divide webOS users into hyper-specific market segments that are supposed to be more informative to advertisers. LG Ad Solutions, LG's advertising business, announced the partnership on Tuesday.

The technology will be used to inform ads shown on LG smart TVs' homescreens, free ad-supported TV (FAST) channels, and elsewhere throughout webOS, per StreamTV Insider. LG will also use Zenapse's tech to "expand new software development and go-to-market products," it said. LG didn't specify the duration of its licensing deal with Zenapse. Zenapse's platform for connected TVs (CTVs), ZenVision, is supposed to be able to interpret the types of emotions shown in the content someone is watching on TV, partially by using publicly available information about the show's or movie's script and plot, StreamTV Insider reported. ZenVision also analyzes viewer behavior, grouping viewers based on their consumption patterns, the publication noted. Under the new partnership, ZenVision can use data that LG has gathered from the automatic content recognition software in LG TVs.

With all this information, ZenVision will group LG TV viewers into highly specified market segments, such as "goal-driven achievers," "social connectors," or "emotionally engaged planners," an LG spokesperson told StreamTV Insider. Zenapse's website for ZenVision points to other potential market segments, including "digital adopters," "wellness seekers," "positive impact & environment," and "money matters." Companies paying to advertise on LG TVs can then target viewers based on the ZenVision-specified market segments and deliver an "emotionally intelligent ad," as Zenapse's website puts it.

The Trump administration plans to eliminate the IRS' Direct File program, an electronic system for filing tax returns directly to the agency for free, AP reported Wednesday, citing two people familiar with the decision. From the report: The program developed during Joe Biden's presidency was credited by users with making tax filing easy, fast and economical. But Republican lawmakers and commercial tax preparation companies complained it was a waste of taxpayer money because free filing programs already exist, although they are hard to use.

American Airlines announced today that it will add free in-flight Wi-Fi starting in 2026. However, Axios notes you'll need to be an AAdvantage member (American's loyalty program) to access it. From the report: American is partnering with AT&T to introduce free WiFi in January. It will be available on about 90% of the airlines' fleet, which will be planes equipped with Viasat and Intelsat high-speed satellite connectivity, per a press release. More than 500 of the airlines regional planes are expected to have high-speed WiFi capabilities by the end of the year.

An anonymous reader quotes a report from SecurityWeek: Insurance firm Lemonade is notifying roughly 190,000 individuals that their driver's license numbers were likely exposed due to a technical glitch. Copies of the notification letter that were submitted to regulators in several states show that the incident involved an online application that enables individuals to obtain car insurance quotes and purchase policies. According to the company, a vulnerability in the car insurance quote flow resulted in the exposure of certain driver's license numbers for identifiable individuals. The vulnerability has been addressed, Lemonade says.

Between April 2023 and September 2024, the platform transmitted the information unencrypted, which the company says allowed driver's license numbers to be accessed without authorization. "We have no evidence to suggest that your driver's license number has been misused but we are providing this notice as a precaution to inform potentially affected individuals and share some steps you can take to help protect yourself," the company's notification letter reads. The insurer is providing the impacted individuals with 12 months of free credit monitoring and identity protection services.

A Canadian math prodigy is accused of stealing over $65 million through complex exploits on decentralized finance platforms and is currently a fugitive from U.S. authorities. Despite facing criminal charges for fraud and money laundering, he has evaded capture by moving internationally, embracing the controversial "Code is Law" philosophy, and maintaining that his actions were legal under the platforms' open-source rules. The Globe and Mail reports: Andean Medjedovic was 18 years old when he made a decision that would irrevocably alter the course of his life. In the fall of 2021, shortly after completing a master's degree at the University of Waterloo, the math prodigy and cryptocurrency trader from Hamilton had conducted a complex series of transactions designed to exploit a vulnerability in the code of a decentralized finance platform. The maneuver had allegedly allowed him to siphon approximately $16.5-million in digital tokens out of two liquidity pools operated by the platform, Indexed Finance, according to a U.S. court document.

Indexed Finance's leaders traced the attack back to Mr. Medjedovic, and made him an offer: Return 90 per cent of the funds, keep the rest as a so-called "bug bounty" -- a reward for having identified an error in the code -- and all would be forgiven. Mr. Medjedovic would then be free to launch his career as a white hat, or ethical, hacker. Mr. Medjedovic didn't take the deal. His social media posts hinted, without overtly stating, that he believed that because he had operated within the confines of the code, he was entitled to the funds -- a controversial philosophy in the world of decentralized finance known as "Code is Law." But instead of testing that argument in court, Mr. Medjedovic went into hiding. By the time authorities arrived on a quiet residential street in Hamilton to search his parents' townhouse less than two months later, Mr. Medjedovic had moved out, taking his electronic devices with him.

Then, roughly two years later, he struck again, netting an even larger sum -- approximately $48.4-million -- by conducting a similar exploit on another decentralized finance platform, U.S. authorities allege. Mr. Medjedovic, now 22, faces five criminal charges -- including wire fraud, attempted extortion and money laundering -- according to a U.S. federal court document that was unsealed earlier this year. If convicted, he could be facing decades in prison. First, authorities will have to find him.