Monday, Mar 03, 2025 // (IG): BB // GITHUB // SN R&D
China’s State Media Signals Retaliation Against U.S. Tariffs, Targets American Agriculture
Bottom Line Up Front (BLUF): China’s state-backed Global Times has reported that Beijing is preparing countermeasures against new U.S. tariffs announced by President Donald Trump, with American agricultural exports likely to be the primary target. The report, citing anonymous sources, suggests that China will respond with a combination of tariffs and non-tariff measures, escalating economic tensions between the two superpowers. The timing of this narrative aligns with China's domestic political agenda and broader strategic positioning in the ongoing trade dispute.
Analyst Comments: Historically, China has responded to U.S. trade actions by targeting agricultural imports, as seen in 2018 when Beijing imposed up to 25% tariffs on American soybeans, beef, pork, wheat, corn, and sorghum. The U.S. remains China’s largest agricultural supplier, but these tensions have led to a steady decline in imports. In 2024, China imported $29.25 billion worth of U.S. agricultural products—a 14% drop from 2023, which itself saw a 20% decline from the previous year. Given this pattern, the Global Times report could be a deliberate attempt to prepare both domestic and international audiences for another wave of retaliatory measures.
FROM THE MEDIA: In response to Trump's additional 10% tariff on Chinese goods, which brings the total duty to 20%. The report states that U.S. agricultural and food products are "most likely" to be included in China's retaliation, though specifics remain unclear. While China remains the largest buyer of American agricultural goods, past trade conflicts have shown that Beijing is willing to restrict imports to gain leverage. The Global Times has previously been used to float potential policy responses before official government announcements, making it unclear whether these retaliatory measures are fully decided or simply a negotiating tactic. The timing of this report—coinciding with China's annual parliamentary meetings—suggests a strategic move to project strength and control the narrative as trade tensions escalate.
READ THE STORY: Reuters
Crypto ETFs Poised to Surpass Precious Metal Funds Amid Surging Demand
Bottom Line Up Front (BLUF): State Street forecasts that cryptocurrency exchange-traded funds (ETFs) will surpass precious metal ETFs in North America by the end of 2025, becoming the third-largest asset class in the $15 trillion ETF market. The rapid growth of crypto ETFs—led by Bitcoin and Ethereum funds—has exceeded expectations, with BlackRock recently integrating Bitcoin into its model portfolios. As demand rises, the U.S. Securities and Exchange Commission (SEC) is expected to approve ETFs based on additional cryptocurrencies beyond Bitcoin and Ethereum.
Analyst Comments: The explosive growth of crypto ETFs reflects mainstream financial institutions' increasing acceptance of digital assets. While Bitcoin and Ethereum currently dominate, the potential SEC approval of ETFs for tokens like Solana, XRP, and Litecoin could further expand the market. This shift signals a growing appetite among both institutional and retail investors for regulated crypto exposure without the complexities of digital wallets and private keys. However, regulatory uncertainty remains a key risk, particularly with an impending leadership change at the SEC following Chair Gary Gensler’s resignation. Additionally, the approval of “in-kind” crypto ETF transactions—allowing direct crypto trades instead of cash conversions—could enhance efficiency and tax benefits, further accelerating adoption.
FROM THE MEDIA: State Street reports that U.S. crypto ETFs, despite launching only last year, have already amassed $136 billion in assets. In comparison, North American precious metal ETFs collectively hold $165 billion, but State Street predicts crypto ETFs will overtake them by year-end. BlackRock’s recent inclusion of Bitcoin in its model portfolios underscores the institutional shift toward digital assets. Meanwhile, fund managers are filing applications for ETFs linked to a broader range of cryptocurrencies, and State Street expects approval for the top 10 tokens by market capitalization in 2025. The firm also forecasts a rise in actively managed ETFs across asset classes, with active fixed-income ETFs gaining ground as investors seek risk-managed exposure.
READ THE STORY: FT
Bybit Suffers $1.5 Billion Crypto Heist—Potentially the Largest Ever
Bottom Line Up Front (BLUF): Dubai-based cryptocurrency exchange Bybit has reported a massive cyber heist, with hackers stealing $1.5 billion (£1.1 billion) worth of Ethereum. The attack, which targeted Bybit’s digital wallet, could be the largest cryptocurrency theft in history. Bybit’s founder, Ben Zhou, assured users that their funds would be reimbursed, and the company remains solvent despite the loss.
Analyst Comments: This abrupt shift in U.S. cyber policy raises serious national security concerns. Russia has been one of the most persistent and sophisticated cyber adversaries, linked to attacks such as SolarWinds, Colonial Pipeline, and ongoing espionage campaigns. While the Trump administration may view this as a diplomatic strategy to ease tensions, there is no indication that Russia has reciprocated by halting its cyber activities against the U.S. If anything, this move could embolden Russian cyber operations while weakening America’s defensive posture. Additionally, reported staffing cuts at cybersecurity agencies may leave critical infrastructure more vulnerable to foreign threats.
FROM THE MEDIA: The order does not apply to the National Security Agency (NSA). A leaked CISA memo outlining "new priorities" also fails to mention Russia, despite its well-documented history of cyber intrusions into U.S. government and private sector systems. Anonymous sources within CISA and Cyber Command have expressed alarm, noting that personnel have been verbally instructed to ignore Russian cyber threats. The administration has not clearly justified the decision, though some officials suggest it may be part of a broader diplomatic strategy. Meanwhile, the U.S. intelligence community continues to warn about active Russian cyber campaigns targeting critical infrastructure.
READ THE STORY: BBC
Trump’s Defense Secretary Orders Cyber Command to Halt Operations Against Russia
Bottom Line Up Front (BLUF): U.S. Defense Secretary Pete Hegseth has reportedly ordered U.S. Cyber Command to halt all cyber operations against Russia, marking a significant shift in national cybersecurity policy. The move follows internal directives at the Cybersecurity and Infrastructure Security Agency (CISA) that exclude Russia from its list of cyber threats. Critics warn that the decision undermines national security, given Russia’s history of cyberattacks on U.S. infrastructure, elections, and private sector networks.
Analyst Comments: This abrupt shift in U.S. cyber policy raises serious national security concerns. Russia has been one of the most persistent and sophisticated cyber adversaries, linked to attacks such as SolarWinds, Colonial Pipeline, and ongoing espionage campaigns. While the Trump administration may view this as a diplomatic strategy to ease tensions, there is no indication that Russia has reciprocated by halting its cyber activities against the U.S. If anything, this move could embolden Russian cyber operations while weakening America’s defensive posture. Additionally, reported staffing cuts at cybersecurity agencies may leave critical infrastructure more vulnerable to foreign threats.
FROM THE MEDIA: The order does not apply to the National Security Agency (NSA). A leaked CISA memo outlining "new priorities" also fails to mention Russia, despite its well-documented history of cyber intrusions into U.S. government and private sector systems. Anonymous sources within CISA and Cyber Command have expressed alarm, noting that personnel have been verbally instructed to ignore Russian cyber threats. The administration has not clearly justified the decision, though some officials suggest it may be part of a broader diplomatic strategy. Meanwhile, the U.S. intelligence community continues to warn about active Russian cyber campaigns targeting critical infrastructure.
READ THE STORY: The Register // Fudzilla // Gizmodo
U.S. Treasury Halts Enforcement of Anti-Money Laundering Law
Bottom Line Up Front (BLUF): The U.S. Treasury Department has announced it will no longer enforce penalties under the Corporate Transparency Act (CTA), a Biden-era anti-money laundering law requiring businesses to disclose their beneficial owners. The Trump administration argues that the law burdens small businesses and plans to narrow its scope to foreign entities. Critics warn that this decision weakens financial transparency and makes the U.S. a more attractive destination for illicit funds.
Analyst Comments: The Corporate Transparency Act was designed to curb anonymous shell companies, a significant tool for criminals and corrupt actors. By limiting enforcement, the Treasury effectively signals that financial secrecy is once again acceptable in the U.S., potentially making it a haven for illicit funds. The move raises concerns about compliance with international financial regulations, which could lead to diplomatic and economic consequences, including potential scrutiny from global watchdogs like the Financial Action Task Force (FATF).
FROM THE MEDIA: The Trump administration has opposed the law, citing concerns about regulatory burdens on small businesses, despite repeated legal challenges supporting its legitimacy. The Treasury said it intends to revise the law to apply only to foreign entities. Supporters of the CTA argue that the decision weakens safeguards against money laundering, as the U.S. has increasingly become a global hub for illicit financial activity. Critics also note that the move contradicts bipartisan efforts to enhance corporate transparency and curb financial crimes.
READ THE STORY: Reuters
China's DeepSeek Claims AI Cost-Profit Ratio of 545% Per Day
Bottom Line Up Front (BLUF): Chinese AI startup DeepSeek has disclosed cost and revenue estimates for its V3 and R1 models, claiming a theoretical cost-profit ratio of up to 545% per day. The company states it spent under $6 million on training chips, significantly less than U.S. rivals like OpenAI. While actual revenue is reportedly lower due to free services and variable pricing, the revelation has sparked concerns in the AI industry, particularly regarding the efficiency and cost-effectiveness of Chinese AI development compared to Western counterparts.
Analyst Comments: DeepSeek’s claims, if accurate, could disrupt the AI market by challenging the prevailing notion that cutting-edge AI development requires billions in hardware investment. The company's use of less powerful Nvidia H800 chips suggests that China finds alternative pathways to competitive AI performance, potentially sidestepping U.S. restrictions on high-end semiconductor exports. This could intensify the ongoing AI arms race between the U.S. and China, pushing U.S. firms to rethink their cost structures and hardware dependencies. Additionally, the financial markets may react with increased skepticism toward AI firms that justify massive spending on chip infrastructure.
FROM THE MEDIA: According to a GitHub post, renting one Nvidia H800 chip costs $2 per hour, leading to a total daily inference cost of approximately $87,072. The company estimates that these models generate $562,027 in theoretical daily revenue, equating to an annualized revenue projection of over $200 million. However, DeepSeek acknowledges that real revenue is lower due to free access for many users and discounted pricing during off-peak hours. This disclosure comes amid declining AI stock prices, with investors questioning the sustainability of high-cost models deployed by U.S. firms like OpenAI.
READ THE STORY: Cybernews
C++ Creator Warns of 'Serious Attacks' Against the Language Amid Memory Safety Debate
Bottom Line Up Front (BLUF): Bjarne Stroustrup, the creator of C++, has called for urgent action to defend the language against growing criticism over memory safety. Government agencies and tech giants are pushing for the adoption of safer languages like Rust, while the C++ community is working on solutions such as the Profiles framework. With the U.S. Cybersecurity and Infrastructure Security Agency (CISA) calling for a roadmap away from memory-unsafe languages by 2026, the future of C++ remains uncertain.
Analyst Comments: The push for memory safety is reshaping the software development landscape, with Rust gaining traction as a safer alternative to C and C++. Stroustrup's call to action suggests that the C++ community is struggling to counter the narrative that the language is outdated and inherently insecure. However, proposals like Profiles and TrapC indicate efforts to modernize C++ are underway. Whether these solutions will be implemented in time to satisfy industry and government demands or if C++ will continue to be marginalized in security-critical applications.
FROM THE MEDIA: Bjarne Stroustrup issued a strong warning to the C++ Standards Committee (WG21) in a February 7th note, urging them to act decisively against what he describes as "serious attacks" on the language. He referenced the U.S. CISA's 2023 Product Security Bad Practices report, encouraging developers to move away from memory-unsafe languages by 2026. While some C++ safety initiatives, such as TrapC and Safe C++, have been proposed, critics argue they may not be ready in time. Tech companies like Google and Microsoft have shifted their focus toward memory-safe languages like Rust, further pressuring C++ to evolve or risk obsolescence.
READ THE STORY: The Register
Big Businesses Drive Growth in Renewable Energy Amid Declining Government Subsidies
Bottom Line Up Front (BLUF): Major corporations are increasingly committing to long-term power purchase agreements (PPAs) with wind and solar farms, helping to drive renewable energy growth as government subsidies decline. According to BloombergNEF, corporate renewable electricity purchases rose 35% last year, with the largest growth in the U.S., particularly among tech companies powering data centers. Energy developers emphasize that these agreements are now critical for financing new renewable projects, as rising interest rates and market uncertainties make unsubsidized developments riskier.
Analyst Comments: Companies like Amazon, Unilever, and Arla are not only securing their own energy needs but also driving new wind and solar installations by providing developers with financial stability. However, the slowdown in European renewable capacity additions—due to high financing costs and regulatory uncertainty—raises concerns about the industry's overall trajectory. The continued rise of PPAs suggests that corporate demand may become a primary force sustaining the sector, especially as governments scale back direct financial support.
FROM THE MEDIA: Beyond the tech sector, companies in chemicals, mining, and raw materials are also securing PPAs to stabilize their energy supply. Executives from RWE, one of the world’s largest renewable developers, stressed that long-term commitments are now essential for financing new offshore wind projects. The European renewable sector has seen a slowdown, with wind capacity additions declining for two consecutive years and new solar installations in the EU dropping by 92% in 2024. In Denmark, offshore wind auctions were recently suspended after failing to attract bidders willing to build without subsidies. Despite these challenges, businesses remain a critical driver for renewable energy expansion, with food and agriculture companies like Arla and Unilever leading the charge in signing new PPAs.
READ THE STORY: FT
Items of interest
Vo1d Botnet Surpasses 1.59M Infected Android TVs Across 226 Countries
Bottom Line Up Front (BLUF): The Vo1d botnet has rapidly expanded, infecting over 1.59 million Android TV devices across 226 countries, with India seeing a significant infection surge. The botnet employs advanced encryption techniques and a modular malware structure, allowing it to evade detection and execute various malicious activities, including proxy network creation and ad fraud. Researchers warn that its complete control over infected devices could enable large-scale cyberattacks.
Analyst Comments: TVo1d’s rapid evolution highlights the growing threat of malware targeting the Internet of Things (IoT) and smart devices. Its use of RSA encryption, domain generation algorithms (DGAs), and modular payloads make it resilient and difficult to dismantle. The suspected supply chain attack vector raises concerns about the security of off-brand Android devices, which often lack Play Protect certification. If Vo1d’s infrastructure is indeed being leased for illegal operations, its impact could extend beyond ad fraud, including DDoS attacks, unauthorized content distribution, and even data exfiltration.
FROM THE MEDIA: The malware spreads via compromised firmware or supply chain attacks, primarily affecting non-Play Protect-certified Android TVs. The latest variant, analyzed by QiAnXin XLab, utilizes RSA encryption to secure communications, preventing a takeover by security researchers. Additionally, Vo1d deploys a modular malware named Mzmess, which supports proxy services and ad fraud schemes. Google has stated that affected devices likely originate from vendors using Android Open Source Project (AOSP) code rather than certified Android builds. The botnet's fluctuating activity suggests it may be rented out to other cybercriminals in cycles, enabling a range of illicit operations.
READ THE STORY: THN
How IoT Botnets Evade Detection And Analysis (Video)
FROM THE MEDIA: Alexey Kleymenov of Nozomi Networks shows detection evasion techniques of IoT malware.
What is an IoT Botnet? (Video)
FROM THE MEDIA: An IoT botnet is a collection of compromised IoT devices, such as cameras, routers, DVRs, wearables and other embedded technologies, infected with malware.
The selected stories cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.