Crypto Influencer Arrested in Hong Kong Over JPEX Association

Gate.io Threatens Legal Action Against SpeculatorsGate.io, the erstwhile legacy Chinese cryptocurrency exchange currently headquartered in the Cayman Islands, has issued a stern warning to individuals spreading rumors of imminent bankruptcy.The exchange intends to take legal action against those responsible for causing panic among investors by disseminating baseless rumors without any concrete source of information. This announcement, originally written in Turkish, was posted on Gate.io’s official Twitter account on June 4.Photo by Kai Pilger on UnsplashInsolvency rumorsThe insolvency rumors surrounding Gate.io emerged following a series of events involving Multichain, a troubled cross-chain protocol. Multichain has been facing technical difficulties since May 24, when a node issue resulted in transaction delays. Several days later, the Multichain team revealed that they were unable to contact their CEO to access the servers and resolve the problem.These circumstances fueled speculation that the protocol’s leadership had been arrested and that Chinese authorities had seized over $1.5 billion in smart contract funds.On May 24, data from blockchain analytics firm Arkham Intelligence indicated a significant inflow of Multichain tokens ($MULTI) from Gate.io’s platform. In response to mounting concerns, Gate.io categorically denied any liquidity issues on May 31. The exchange asserted that its operations were running smoothly and that withdrawals were not a problem. Despite reports on Twitter and Telegram channels of traders withdrawing funds, Gate.io’s trading volume has remained relatively stable in recent days.As of now, Gate.io’s native token, GateToken ($GT), is trading at $4.01, representing a 18% decline over the past week, according to CoinGecko data. Gate.io, which although headquartered in the Cayman Islands, has recently expanded its presence to Hong Kong, Turkey, and Dubai.Multichain falloutThe ongoing issues faced by Multichain have prompted other cryptocurrency exchanges to take action. Binance, for example, suspended deposits for 10 bridged tokens on the BNB Smart Chain, Fantom, Ethereum, and Avalanche blockchain networks on May 25. Furthermore, transaction downtime compelled the Fantom Foundation to remove 449,740 $MULTI ($2.4 million) from liquidity on the decentralized exchange SushiSwap.Gate.io’s firm denial of insolvency rumors coupled with its threat of legal action underscores the exchange’s determination to combat the spread of this speculation. The exchange is seeking to protect the interests of its investors and maintain the stability of its operations.All stakeholders need to rely on continued vigilance in the crypto space. However, if Gate.io is to be afforded the benefit of the doubt in this instance, then it could be interpreted that it is demonstrating a commitment to transparency and swift action in the face of seemingly baseless rumors. On that basis, the firm’s response could be perceived as a demonstration of its resolve to navigate the challenges presented by the Multichain situation and uphold its reputation as a reliable cryptocurrency exchange.

Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe and Australia in just a year, is now targeting businesses in Singapore. In response, Singaporean authorities have issued a joint advisory warning local businesses about the increasing threat posed by a variant of this ransomware.Photo by Mike Enerio on UnsplashAlert follows complaintsThe alert follows multiple complaints from victims, prompting agencies like the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) to take action. These agencies emphasize the urgency of recognizing and combating this threat. How Akira operatesAkira affiliates employ various techniques to infiltrate a victim's network. These include exploiting known vulernabilities. For example, that could mean the targeting of services like Cisco virtual private networks (VPNs) that have been configured without multi-factor authentication (MFA). Another approach that the ransomware incorporates is attacking external-facing services such as the Remote Desktop Protocol (RDP) via brute force. Social engineering is another tool within its repertoire. This involves tricking victims into downloading malicious software or entering credentials on phishing websites. There is a marketplace for compromised credentials in the dark web. Akira also relies on such data, acquiring it from access brokers who sell network access.  Once inside a network, Akira affiliates often create new domain accounts to maintain persistent access, even after reboots. They use numerous tools to steal user credentials, escalate privileges and spread throughout the network. Detection and prevention measuresThe Singaporean advisory outlines several strategies for detecting, deterring and neutralizing Akira attacks. Authorities strongly advise against paying ransoms, on the basis that doing so does not guarantee data recovery or prevent future attacks. Authorities also warn that paying ransoms can encourage further attacks. The FBI has noted that Akira operators do not contact victims. Instead, they expect victims to initiate contact. Payment in BitcoinThe advisory outlines how Bitcoin is implicated in the ransomware scam. It states:”Ransom payments are requested in Bitcoin, which are directed to cryptocurrency wallet addresses specified by the affiliates. The TOR site (.onion) where victims contact the affiliates, contains stolen information and a list of the affected organisations.” It’s not the first time that Singaporean authorities have issued warnings that have implicated Bitcoin and crypto. In January, the CSA and SPF, in a joint advisory, suggested that people should use hardware wallets in an effort to guard against crypto-related malware and phishing attacks. A number of weeks prior to that, Singapore’s former Prime Minister, Lee Hsien Loong, took to Facebook to issue a warning with regard to a crypto scam that involved the use of deceptive content generated using artificial intelligence (AI). Mitigation techniquesBusinesses are being urged by the authorities to adopt best practices to mitigate the Akira ransomware threat. They suggest the implementation of a recovery plan alongside the use of multi-factor authentication (MFA) in order to secure data and the access to that data.  They also suggest filtering network traffic as it helps in identifying and blocking malicious activities. Meanwhile, disabling unused ports and hyperlinks curbs the risk further as it reduces the attack surface. Lastly, the authorities suggested the use of system-wide encryption to protect data even if it is accessed by unauthorized entities.

Beleaguered Indian crypto exchange WazirX took to social media on April 21 to clarify to the company’s creditors that it is moving closer towards restarting the platform. While the company hasn’t gone into bankruptcy following a $230 million platform hack which occurred in July of last year, it is going through a restructuring process via the Singapore High Court. Posting on the X social media platform, the company addressed concerns surrounding the restarting of operations.  It said that it understood that users were keen to see the platform restart, while reminding stakeholders that from the outset of the process, it had forecasted a first distribution of user funds and a restart of the platform within the April to May 2025 timeframe. Photo by matthew6910 on UnsplashMay court hearingThe firm outlined that its parent company, Zettai PTE Limited, has accomplished all steps to date, in order to bring about the re-emergence of the platform. It has put forward a scheme of arrangement to the court to distribute assets available to it to creditors and bring the trading platform back online.  It identified a May 13 court date as being pivotal to these plans, when the Singapore High Court will hold a sanction hearing and determine whether it confirms the company’s restructuring plan. WazirX added: “While we’ve worked to stay aligned with the previously shared timelines, court proceedings operate independently, and we respect that process. After the Scheme is sanctioned, the First Distribution and restart will follow within 10 business days from the Effective Scheme Date, as outlined earlier.” 85% payoutEarlier this month, 93% of WazirX creditors, accounting for 94.6% of the overall funds owed, voted in favor of the company’s restructuring plan. As part of the plan, users would be compensated with a payout over several distributions of 85% of the overall funds they held on the platform as of July 18, 2024. The company also plans to issue creditors with a recovery token, in an effort to provide them with further value over time. This communication from the company followed the announcement of a court judgement last week by India’s Supreme Court dismissing a lawsuit filed by 54 WazirX users who have lost funds due to the 2024 hack. While the action was dismissed, one of the plaintiffs pointed out on X that the Supreme Court hadn’t indicated that their action lacked merit. He added:”Our criminal writ petition against #WazirX & Nischal Shetty & others was dismissed on jurisdictional grounds.” On that basis, it would appear that the company may still have to deal with such a complaint if brought via a different forum. Over the course of the past 12 months, the WazirX hack stands out alongside an almost $1.5 billion hack at Bybit. In both cases, fingers have been pointed at notorious North Korean hacking group, Lazarus. According to a report published by Chainalysis last December, $2.2 billion had been stolen from crypto platforms in 2024.