Five Foreigners Detained in Thai Crypto Scam Crackdown

Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe and Australia in just a year, is now targeting businesses in Singapore. In response, Singaporean authorities have issued a joint advisory warning local businesses about the increasing threat posed by a variant of this ransomware.Photo by Mike Enerio on UnsplashAlert follows complaintsThe alert follows multiple complaints from victims, prompting agencies like the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) to take action. These agencies emphasize the urgency of recognizing and combating this threat. How Akira operatesAkira affiliates employ various techniques to infiltrate a victim's network. These include exploiting known vulernabilities. For example, that could mean the targeting of services like Cisco virtual private networks (VPNs) that have been configured without multi-factor authentication (MFA). Another approach that the ransomware incorporates is attacking external-facing services such as the Remote Desktop Protocol (RDP) via brute force. Social engineering is another tool within its repertoire. This involves tricking victims into downloading malicious software or entering credentials on phishing websites. There is a marketplace for compromised credentials in the dark web. Akira also relies on such data, acquiring it from access brokers who sell network access.  Once inside a network, Akira affiliates often create new domain accounts to maintain persistent access, even after reboots. They use numerous tools to steal user credentials, escalate privileges and spread throughout the network. Detection and prevention measuresThe Singaporean advisory outlines several strategies for detecting, deterring and neutralizing Akira attacks. Authorities strongly advise against paying ransoms, on the basis that doing so does not guarantee data recovery or prevent future attacks. Authorities also warn that paying ransoms can encourage further attacks. The FBI has noted that Akira operators do not contact victims. Instead, they expect victims to initiate contact. Payment in BitcoinThe advisory outlines how Bitcoin is implicated in the ransomware scam. It states:”Ransom payments are requested in Bitcoin, which are directed to cryptocurrency wallet addresses specified by the affiliates. The TOR site (.onion) where victims contact the affiliates, contains stolen information and a list of the affected organisations.” It’s not the first time that Singaporean authorities have issued warnings that have implicated Bitcoin and crypto. In January, the CSA and SPF, in a joint advisory, suggested that people should use hardware wallets in an effort to guard against crypto-related malware and phishing attacks. A number of weeks prior to that, Singapore’s former Prime Minister, Lee Hsien Loong, took to Facebook to issue a warning with regard to a crypto scam that involved the use of deceptive content generated using artificial intelligence (AI). Mitigation techniquesBusinesses are being urged by the authorities to adopt best practices to mitigate the Akira ransomware threat. They suggest the implementation of a recovery plan alongside the use of multi-factor authentication (MFA) in order to secure data and the access to that data.  They also suggest filtering network traffic as it helps in identifying and blocking malicious activities. Meanwhile, disabling unused ports and hyperlinks curbs the risk further as it reduces the attack surface. Lastly, the authorities suggested the use of system-wide encryption to protect data even if it is accessed by unauthorized entities.

Bank of Japan Publishes Results of CBDC PoCThe Bank of Japan (BoJ) recently concluded the second phase of its central bank digital currency (CBDC) proof of concept (PoC) project, which began in April. The results of this phase were published on Monday, and they shed light on key aspects such as the comparison between account-based and token-based CBDCs and the management of holding limits for users with multiple accounts.Photo by Manuel Cosentino on UnsplashToken-based CBDCsThe experiments conducted by the central bank covered a wide range of topics. Among the most intriguing findings were the advantages and disadvantages of token-based CBDCs and how to effectively impose holding limits for users with multiple CBDC balances.Token-based CBDCs have garnered interest from various central banks, with some adopting the UTXO token model used by Bitcoin without the use of a distributed ledger. A UTXO or unspent transaction output, defines where a blockchain transaction starts and finishes. The Bank of Japan explored this model and analyzed its pros and cons.In the initial proof of concept, both account-based and token-based CBDCs were examined, considering scenarios where the central bank managed the ledger or shared it with intermediaries like banks. In the token-based model, fixed token denominations were used, similar to physical cash in countries like India, and a centralized ledger was employed. However, in the recent phase, the central bank utilized flexible value tokens similar to UTXO and shared ledger functions with intermediaries.The Bank of Japan favored the flexible value token model due to its ability to handle multiple requests simultaneously. However, it acknowledged that this model may require more technical resources compared to the account-based approach. Challenges may arise when implementing additional functions, such as holding limits, while maintaining optimal performance. The European Central Bank (ECB) also noted in a recent report that most payment providers are accustomed to account-based payments and would incur costs to adapt to token-based systems.Another significant aspect explored by the BoJ was how to impose holding limits when users have multiple CBDC balances through different intermediaries. The challenge lies in determining if the overall holding limit has been breached without compromising user privacy.Homomorphic encryptionOne possible solution discussed in the report is the use of homomorphic encryption, which enables computations to be performed on encrypted data without it first needing to be decrypted. That allows for the necessary checks without intermediaries accessing the specific data being checked. Although this solution may slightly increase processing time, it could introduce a higher risk of data inconsistencies.Alternatively, a simpler approach proposed by the central bank is to establish a per-account holding limit and a limit on the number of accounts a single user can hold, rather than imposing global limits. Ideally, users with multiple accounts would have a higher per-account holding limit compared to those with fewer accounts.Phase 3 underwayWith the next pilot phase already underway, the BoJ aims to test the end-to-end process flow and identify challenges related to integrating with external systems. Additionally, they are creating a CBDC Forum to gather input from the private sector, ensuring a collaborative approach to CBDC development.While investigation and research into CBDCs continues, the BoJ has said that it will make a final decision on CBDC implementation by 2026.

Katsunobu Katō, a Liberal Democratic Party politician and Japan's Minister of Finance under Prime Minister Shigeru Ishiba's government since October 2024, has said that cryptocurrency assets can play a role in a diversified investment portfolio. Katō made the remarks while speaking at an event that was held in Tokyo related to the subject of crypto assets on Aug. 25, according to Bloomberg. Katō stated:''Crypto assets run the risk of high volatility, but if an appropriate investment environment is created, they can become targets for diversified investment.''Photo by JJ Ying on UnsplashGrowing crypto user baseKatō acknowledged that there is a growing user base in Japan related to digital assets. With that, he intends to work towards the provision of a healthy trading environment in Japan for stakeholders within the digital assets sector. The finance minister added that he has been trying to balance regulation with a need to leave the digital assets sector with sufficient freedom so as to enable the development of innovation. Crypto tax reformIt emerged over the weekend that the Japanese financial regulator, the Financial Services Agency (FSA), intends to include tax reform measures in respect of the crypto sector in 2026 tax revision proposals that it will bring to the Japanese government. It’s expected that the proposals, scheduled for submission by the end of this month, will call for a separate taxation category for digital assets and the implementation of a flat 20% tax rate. Under Japan’s existing tax regimen, crypto trading gains must be reported under the categorization of “miscellaneous income,” with those gains subject to tax rates of up to 55%. The move would bring taxation on crypto trading gains in line with the tax treatment that’s currently in place for equity trading gains. Equities have been given their own category and are taxed at a flat rate of 20%. Reclassifying cryptocurrenciesAdditionally, the FSA plans to propose legislation next year that would result in the reclassification of cryptocurrencies, removing them from their current treatment as a means of payment under the Payment Services Act. The regulator wants crypto to come under the Financial Instruments and Exchange Act, reclassifying it as a financial product. Katō has outlined his party’s commitment to the consideration of reviewing crypto asset taxation. That item was incorporated into his government’s tax reform plan for 2025, while the Japanese cabinet approved a proposal to amend the Payment Services Act back in March. As part of plans to have digital assets categorized as financial products, the FSA is also understood to be interested in broadening the scope of insider trading restrictions. Kato’s remarks are being interpreted as positive for the crypto sector. According to International Monetary Fund (IMF) data, Japan is the world’s fifth-largest economy, with a gross domestic product (GDP) exceeding $4.1 trillion.Source: World Economic Outlook (April 2025)In further positive news for the sector in Japan, it was reported on Aug. 18 that the FSA is likely to approve the issuance of JPYC, a Japanese yen-backed stablecoin, over the course of the coming months.