North Korean hackers move $3.2M from 2018 hack

North Korean hackers stole $234.33 million from in 2018. Earlier this week, the hackers moved 1944.72 Ethereum (ETH) of the stolen funds, worth around $3.2 million at current prices, on-chain sleuth ZachXBT pointed out. The funds had been lying dormant for over 4.5 years, he noted.

The hackers transferred Ethereum worth $3.1 million to a single address 0x27Cf…0FbdCe. The attackers conducted eight other transactions of 1.74 ETH each.

According to ZachXBT, the hackers moved a small amount of the stolen funds to MEXC exchange.

In November, ZachXBT called out for trying to keep the April 2018 hack under wraps.  In the attack, the exchange lost $10,777.94 Bitcoin (BTC), $218,790 ETH, $Z3,783 Zcash, $99,999,000 Dogecoin (DOGE), $3,043,268 XRP (XRP), $11,000 Litecoin (LTC), and $175,866 Ethereum Classic (ETC).

The majority of the stolen assets were already laundered, ZachXBT said, while the remaining funds were moved this week. The recent transfers virtually emptied the tracked hacker wallet, that now has only $0.03 worth of ETH left, according to Etherscan data.

The post North Korean hackers move $3.2M from 2018 hack appeared first on CryptoSlate.

Some Twitter users can now buy Twitter Coins via Stripe

Twitter seems to have started the beta rollout of its Twitter Coins to certain users. A few Twitter users reported being able to buy Twitter Coins since Feb. 22. Rumors of Twitter releasing its own token started circulating in December 2022.

Twitter user who goes by ‘Tree of Alpha’ said a pack of 150 Twitter Coins priced at $1.99 became available for purchase on Wednesday. The only available payment method is Stripe, the user added.

CEO of IBC Group Mario Nawfal previously said that Twitter Coins, when launched, would allow users to reward Tweets.

App researcher Nima Owji posted a screenshot of Twitter’s explanation of its native token. According to Twitter, its coins are “virtual goods.” It noted, “As you receive coins they accumulate into Diamonds, which can be cashed out.”

Twitter said that its tokens will allow content creators to be rewarded by their fans and audience, and create a channel of passive income.

However, head analyst at Blockware Joe Burnett noted that Twitter rival Nostr’s zaps are “1,000x better than Twitter Coins.” Nostr is a decentralized social media platform where zaps signify micropayments made using Bitcoin’s Lightning Network.

Burnett added:

Twitter should become a Nostr client ASAP if they wish to remain relevant for the remainder of the 21st century.”

The post Some Twitter users can now buy Twitter Coins via Stripe appeared first on CryptoSlate.

Kraken and Custodia Bank CEOs say regulators ignored their warnings about scams and fraud

In a Twitter thread, Custodia Bank founder and CEO Caitlin Long said that she provided evidence to law enforcement about a crypto crime months before the company collapsed and left millions of customers in the lurch. She noted:

“I handed over evidence to law enforcement of probable crimes committed by a big crypto fraud, starting months before that company imploded and stuck its millions of customers with losses.”

She also added that she warned banking regulators of impending risks of bank runs at banks servicing the crypto industry before the actual bank runs took place. But Long believes that her “warnings were buried in the bowels of bureaucracy.”

Jesse Powell, co-founder and CEO of crypto exchange Kraken, which recently settled with the Securities and Exchange Commission (SEC), shared a similar experience. Powell said that he found it “infuriating” that regulators ignored the “massive red flags and obviously illegal activity” that he pointed out for years.

According to him, the regulators noted the red flags and said that “it’s complicated” because the firms are offshore, but they were “looking at everybody.”

Powell and Long expressed their discontent at their firms being used as an example of fraud when they have tried to do the right thing all along.

Long said Custodia Bank was slammed on multiple fronts when the White House attacked the Federal Reserve Board of Governors, the Kansas City Fed, and Senator Dick Durbin. Last month, the Federal Reserve Board denied Custodia Bank’s application to become a member of the Federal Reserve System.

In a senate speech, Long claims that senator Durbin “implicitly” compared her and Fidelity CEO Abigail Johnson with FTX founder Sam Bankman-Fried. Fidelity irked regulators last year when it announced that it would allow customers to invest part of their pension investments in Bitcoin.

Long added in a blog post:

“Custodia tried to become federally regulated – the very result bipartisan policymakers claim to want. Yet Custodia has been denied and now disparaged for daring to come through the front door. “

The approach to crypto regulation needs rethinking

Long said that crypto is currently comparable to the mutual funds market in the 1930s when it was rife with bad actors and fraud. But instead of thwarting the market altogether, President Franklin D. Roosevelt came up with breakthrough regulations that helped weed out the bad actors without killing the potential of mutual funds. And the U.S. needs to do the same with crypto, Long said.

The SEC stepped up its enforcement actions since the fall of FTX, and many have criticized its “regulation by enforcement” approach. According to Long:

“Washington’s misguided crackdown will only push risks into the shadows, leaving regulators to play whack-a-mole as the risks continuously pop up in unexpected places.”

Therefore, the country and regulators need to sit down with credible people in the crypto industry to develop a regulatory approach that does not thwart the innovative potential of the industry, she said.

The post Kraken and Custodia Bank CEOs say regulators ignored their warnings about scams and fraud appeared first on CryptoSlate.

Celsius prepares to reopen partial withdrawals for eligible users

Bankrupt crypto lender Celsius will be notifying eligible users about how they can start withdrawing assets in certain custody accounts, the firm announced on Feb. 15.

Celsius included the list of eligible users in its distribution schedule and will send emails and in-app notifications for the next steps, according to the announcement. However, Celsius has not yet set a date for when it will reopen withdrawals. The withdrawals will be restarted only for U.S.-based customers while international users have to await further court instructions.

As per the court order, the lender will return two categories of assets: “Pure” custody account assets, that is cryptocurrencies that were never part of its Earn or Borrow program, and “Transferred” custody assets — assets that were transferred from the Earn or Borrow program in the 90 days before Celsius filed for bankruptcy in July.

There is no limit on the amount of pure custody assets users can withdraw. However, only users with less than $7,575 worth of transferred custody assets will be able to withdraw while those above the limit remain ineligible for withdrawals.

At present, the court has authorized Celsius to allow eligible users to withdraw only 94% of their assets. The court will later decide if, when, and how the remaining 6% will be available for withdrawal. The court has also not decided when Earn users will be able to get their funds back.

Current and former employees of Celsius and their affiliates are ineligible for withdrawals as per the court order. Moreover, users that had active loans as of Dec. 20, 2022, and eligible users whose assets are less than the withdrawal transaction fees will not be able to withdraw assets. Users with aggregate transferred custody assets balance over $7,575 will also have to wait.

Celsius users need to update their accounts to withdraw

To reduce the risk of fraud and account takeovers, eligible Celsius users need to provide their updated know-your-customer (KYC) information — even if they had previously verified such information. Additionally, users also need to add a withdrawal address that will only become available after 24 hours.

Celsius also requires users to provide additional information about each withdrawal address, in accordance with the Travel Rule. The Travel Rule requires the collection and sharing of beneficiary and originator information with other financial institutions.

Therefore, users need to provide identification of whitelisted wallet addresses, confirm whether the withdrawal wallet belongs to the user or someone else, and information about the beneficiary crypto service provider.

Since Celsius is expecting high traffic once it reopens withdrawals, it can take more than 24 hours to process the withdrawal requests, it said.

The post Celsius prepares to reopen partial withdrawals for eligible users appeared first on CryptoSlate.

SEC crackdown could ‘benefit’ decentralized staking if it isn’t banned – Lido exec

Jacob Blish, head of business development at the decentralized autonomous organization (DAO) that runs Lido Finance, said the SEC’s enforcement actions are likely a “net benefit” for decentralized liquid staking providers but added that it “really depends on what the final resolution is,” Bloomberg News reported.

Blish said that there is uncertainty regarding the decision-making process of the SEC, which has created confusion. He said:

“The most disappointing thing is we as an industry keep getting asked for transparency, but then me as a U.S. citizen, I get no transparency and how [the regulatory] decision-making process is going.”

According to Blish, decentralized staking platforms like  Lido act as the “plumbing” required in a staking service. The platforms offer a software service, and it is up to the user whether to use it or not — the user has “full control.”

This differs from how staking provided by centralized exchanges works, where users hand over the control of assets to the exchange.

Blish’s comments follow Kraken’s $30 million settlement with the SEC and the closure of its staking service in the U.S. The SEC claimed that Kraken provided unregistered securities through its staking service.

According to Blish, the biggest risk of the SEC’s enforcement action against Kraken is a prohibition on U.S. citizens from interacting with or contributing to staking protocols

An outright ban on crypto staking participation could not only stop users from staking assets but could also potentially force contributors to abandon projects, he added.

The post SEC crackdown could ‘benefit’ decentralized staking if it isn’t banned – Lido exec appeared first on CryptoSlate.

The SEC may potentially sue Paxos over BinanceUSD – WSJ

The U.S. Securities and Exchange Commission (SEC) enforcement division has issued a Wells notice to Paxos — The Wall Street Journal (WSJ) reported, citing anonymous sources.

A Wells notice is a formal notice the SEC issues to inform the recipient that it plans to bring enforcement actions against it.

The SEC plans to sue Paxos for allegedly violating securities and investor protection laws. Paxos-issued stablecoin Binance USD (BUSD) is considered an unregistered security, according to the notice.

Paxos issued the 1:1 dollar-pegged stablecoin in partnership with Binance in September 2019. Since then, BUSD has grown to be the third-largest stablecoin and the seventh-largest cryptocurrency — with a market cap of $16.15 billion  — according to CryptoSlate data.

What happens next

A Wells notice does not mean that the SEC will take enforcement action. The five commissioners of the SEC have to vote to authorize any enforcement litigation or settlement by the agency.

Paxos can submit a written response to the Wells notice and present its case as to why it should not be sued.

When the SEC nearly doubled its Crypto Assets and Cyber Unit in May 2022, it said that stablecoins would be an area of focus. Stablecoins are similar to bank deposits or money-market mutual funds, according to SEC Chairman Gary Gensler.

The post The SEC may potentially sue Paxos over BinanceUSD – WSJ appeared first on CryptoSlate.

Historic legacy bank enables Brazilians to pay taxes using crypto

Brazilian bank Banco do Brasil and crypto firm Bitfy will enable Brazilian taxpayers to pay their taxes using cryptocurrencies. Banco do Brasil is the country’s oldest bank and among the world’s oldest functioning banks.

Under the partnership, Bitfy will act as the bank’s “collection partner,” allowing users with crypto on the Bitfy platform to use their assets to settle tax dues.

Multiple cryptocurrencies will be available for use to pay taxes. According to Banco do Brasil, the process is as simple as paying for a ticket by scanning a barcode.

Banco do Brasil said the feature will bring convenience to taxpayers and expand the public sector’s options for receiving taxes.

Bitfy founder and CEO Lucas Schoch said:

“This partnership makes it possible to expand the use and access to the ecosystem of digital assets with national coverage and with the seal of security and reliability of Banco do Brasil.”

The development comes after the city of Rio de Janeiro started accepting tax payments via cryptocurrencies in October 2022.

In December 2022, Brazil passed a law legalizing the use of cryptocurrencies for payments. The law is expected to come into effect in June 2023.

The post Historic legacy bank enables Brazilians to pay taxes using crypto appeared first on CryptoSlate.

Wormhole exploiter moves $46M worth of stolen funds

The Wormhole Network exploiter, who stole nearly $325 million worth of assets over a year ago, has been busy over the weekend. The hacker, who moved $150 million worth of stolen assets in January, shuffled more funds on Feb. 12, according to PeckShield.

The Wormhole attacker supplied $46 million worth of assets to MakerDAO to receive 16.6 million DAI tokens. The assets moved to MakerDAO included 24,400 Lido wrapped staked ETH (wstETH) worth $41.4 million and 3,000 Rocket Pool ETH worth $5 million.

The attacker then used the funds to buy 9,752.24 ETH at the price of $1,537 per ETH, spending a total of around $14.9 million. The exploiter spent another $1.5 million to buy 1,036 staked ETH(stETH). According to PeckShield, the hacker wrapped the purchased Ethereum tokens to get around 9,700 wstETH.

The Wormhole exploiter also supplied $15 million worth of wstETH to MakerDAO.

The post Wormhole exploiter moves $46M worth of stolen funds appeared first on CryptoSlate.

Binance adds zk-SNARK verification to its proof of reserves system

Binance has upgraded its proof-of-reserves (PoR) system with zk-SNARK verifications, a form of zero-knowledge proofs that preserves the privacy and security of sensitive user information.

Binance CEO Changpeng Zhao said the improvement was implemented in accordance with Ethereum co-founder Vitalik Buterin’s suggestion. Buterin had laid out his ideas on promoting trustless centralized exchanges through transparent proof-of-reserves systems in November.

Binance first published its PoR system in November 2022 as users started demanding more transparency from exchanges in the aftermath of the FTX collapse. At the time, Binance used Merkle tree cryptography to enable users to verify their holdings.

Yet, the system had two major drawbacks. Firstly, the leaf nodes in the Merkle tree represented the hash of users’ holdings to protect privacy, which meant that the Merkle root could not reflect the sum of its leaf nodes’ balance information.

Secondly, a malicious entity could potentially add a negative balance under a fake account somewhere in the tree to make the size of required reserves appear smaller.

Binance claims that zk-SNARKs solve these challenges. The zero-knowledge verification system can ensure that all leaf nodes in the Merkle tree have contributed to Binance’s claimed total user balance of each cryptocurrency. It will also ensure that there is no user with a negative balance included in the tree.

Binance will generate and publish zk-SNARK proof for the construction of the Merkle tree to prove its reserves. By verifying the Merkle proof Binance users can check whether their balance is included in the Merkle tree root. Users can verify the zk-SNARK proof to ensure that the Merkle tree construction was free from any tampering.

Because Binance has millions of users, it’s not possible to get a single proof of the Merkle tree construction. Therefore, Binance will split users into batches of 864 each. It would take 110 seconds to generate zk proof for a single batch of users. The proof can be verified in less than 1 millisecond.

It would take 2 hours for Binance to generate proof for all accounts at the cost of about $1,000. The exchange is working on implementing the solutions suggested by Buterin to improve the efficiency of the proof generation process, which should lower cost and enable it to provide proofs more frequently.

Binance’s PoR system currently supports 13 cryptocurrencies, with 4 recent additions, and it plans to add more tokens in the coming weeks.

Binance is also making the code for its PoR system open-source with the aim of providing more transparency to its users.

The post Binance adds zk-SNARK verification to its proof of reserves system appeared first on CryptoSlate.