US largest crypto trading platform, Coinbase, has agreed to part a total sum of $100 million towards settling its compliance worries with US financial regulators.
Indian Central Bank: Developing Global Crypto Regulation Is a Priority for G20 Under India’s Presidency
In response to FTX’s fall, United States lawmakers are reevaluating the crypto industry’s regulatory needs for 2023.
Legislators in the United States seem to be reevaluating the crypto industry and its regulatory needs in light of FTX’s collapse. According to the Wall Street Journal, since the crypto exchange filed for bankruptcy in November, lawmakers have been under pressure to set a new regulatory framework for cryptocurrencies.
Several proposals are in the works that would apply existing banking, securities, and tax rules to cryptocurrencies, and lawmakers are calling on the Securities and Exchange Commission (SEC) to adopt an aggressive approach to the crypto market.
In a December House hearing, Rep. Jake Auchincloss, who is also a member of the bipartisan Congressional Blockchain Caucus, reportedly noted that “it’s time for the blockchain investors and entrepreneurs to build things that matter or to lose more credibility,” adding that in 14 years crypto has only delivered “white papers and podcasts”.
Senator Roger Marshall, an advocate for blockchain technology’s potential to stop fraud, is also pushing for tighter regulation in the United States. “Someone needs to convince me that it’s not all just a Ponzi game,” he claimed.
Among the few legislators willing to stand up for the crypto industry, Rep. Patrick McHenry stated that it is necessary “to separate out the bad actions of an individual from the good created by an industry and an innovation.” The House Financial Services Committee will be led by McHenry in the new Congress.
FTX former CEO Sam Bankman-Fried’s lobby in Washington was focused on a bill that would give the Commodity Futures Trading Commission (CFTC) authority to regulate cryptocurrencies. The bill was expected to be included in the budget spending package for 2023, but now it’s unlikely to advance due to the past weeks’ developments.
As reported by Cointelegraph, Bankman-Fried was a significant donor to Republicans and Democrats in Washington. Earlier this year, he considered spending up to one billion dollars to help influence 2024 presidential election campaigns.
Open Secrets, a platform that tracks money in politics, lists SBF as the sixth-largest political contributor for the 2021-2022 cycle, with a total contribution of $39.8 million for candidates and political parties.
The Oregon Division of Financial Regulation urged investors to do due diligence before putting their funds on any crypto platform.
As the FTX collapse left many users yearning for the return of lost funds, scammers are using the opportunity to take advantage of the already injured victims, posing as government officials.
In a post, the Oregon Division of Financial Regulation (DFR) warned crypto investors that there are fake applications and websites put up by scammers aiming to take money but give nothing in return. The DFR urged traders to make sure to “do their homework” before sending any of their funds to crypto trading platforms.
As an example, the DFR also spoke of an incident concerning a website that claimed to be managed by the US Department of State. According to the DFR, the site declared that it was trying to help FTX customers to get their assets back. Because of this, the website was able to get information such as usernames and passwords from an investor. DFR administrator TK Keen said:
“We have said this before, but if it sounds too good to be true, it probably is. We encourage everyone to do their homework and invest wisely, and be diligent in protecting their usernames, passwords, and other sensitive data.”
Keen also noted that there are a lot of things within the crypto industry that looks legitimate but are trying to take advantage of people. Apart from giving a warning, officials also encouraged victims of crypto-related scams to file complaints with their office.
Meanwhile, executives involved in a South Korean crypto exchange fraud were sentenced to up to eight years in prison. Six officials involved in the $1.5 billion fraud that lured 50,000 investors promising 300% returns were nabbed. However. three were not because they claimed innocence to some charges and had the right to defend themselves through a court battle.
The hackers created decoy websites impersonating NFT marketplaces, NFT projects and even a DeFi platform.
Hackers linked to North Korea’s Lazarus Group are reportedly behind a massive phishing campaign targeting non-fungible token (NFT) investors — utilizing nearly 500 phishing domains to dupe victims.
Blockchain security firm SlowMist released a report on Dec. 24, revealing the tactics that North Korean Advanced Persistent Threat (APT) groups have used to part NFT investors from their NFTs, including decoy websites disguised as a variety of NFT-related platforms and projects.
Examples of these fake websites include a site pretending to be a project associated with the World Cup, as well as sites that impersonate well-known NFT marketplaces such as OpenSea, X2Y2 and Rarible.
SlowMist said one of the tactics used was having these decoy websites offer “malicious Mints,” which involves deceiving the victims into thinking they are minting a legitimate NFT by connecting their wallet to the website.
However, the NFT is actually fraudulent, and the victim’s wallet is left vulnerable to the hacker who now has access to it.
The report also revealed that many of the phishing websites operated under the same Internet Protocol (IP), with 372 NFT phishing websites under a single IP, and another 320 NFT phishing websites associated with another IP.
SlowMist said the phishing campaign has been ongoing for several months, noting that the earliest registered domain name came about seven months ago.
Other phishing tactics used included recording visitor data and saving it to external sites as well as linking images to target projects.
After the hacker was about to obtain the visitor’s data, they would then proceed to run various attack scripts on the victim, which would allow the hacker access to the victim’s access records, authorizations, use of plug-in wallets, as well as sensitive data such as the victim’s approve record and sigData.
All this information then enables the hacker access to the victim’s wallet, exposing all their digital assets.
However, SlowMist emphasized that this is just the “tip of the iceberg,” as the analysis only looked at a small portion of the materials and extracted “some” of the phishing characteristics of the North Korean hackers.
SlowMist Security Alert
North Korean APT group targeting NFT users with large-scale phishing campaign
This is just the tip of the iceberg. Our thread only covers a fraction of what we’ve discovered.
Let’s dive in pic.twitter.com/DeHq1TTrrN
— SlowMist (@SlowMist_Team) December 24, 2022
For example, SlowMist highlighted that just one phishing address alone was able to gain 1,055 NFTs and profit 300 ETH, worth $367,000, through its phishing tactics.
It added that the same North Korean APT group was also responsible for the Naver phishing campaign that was previously documented by Prevailion on Mar. 15.
North Korea has been at the center of various cryptocurrency theft crimes in 2022.
According to a news report published by South Korea’s National Intelligence Service (NIS) on Dec 22, North Korea stole $620 million worth of cryptocurrencies this year alone.
In October, Japan’s National Police Agency sent out a warning to the country’s crypto-asset businesses advising them to be cautious of the North Korean hacking group.