HashKey Gears Up to Offer Trading Service to Retail Traders

Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe and Australia in just a year, is now targeting businesses in Singapore. In response, Singaporean authorities have issued a joint advisory warning local businesses about the increasing threat posed by a variant of this ransomware.Photo by Mike Enerio on UnsplashAlert follows complaintsThe alert follows multiple complaints from victims, prompting agencies like the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) to take action. These agencies emphasize the urgency of recognizing and combating this threat. How Akira operatesAkira affiliates employ various techniques to infiltrate a victim's network. These include exploiting known vulernabilities. For example, that could mean the targeting of services like Cisco virtual private networks (VPNs) that have been configured without multi-factor authentication (MFA). Another approach that the ransomware incorporates is attacking external-facing services such as the Remote Desktop Protocol (RDP) via brute force. Social engineering is another tool within its repertoire. This involves tricking victims into downloading malicious software or entering credentials on phishing websites. There is a marketplace for compromised credentials in the dark web. Akira also relies on such data, acquiring it from access brokers who sell network access.  Once inside a network, Akira affiliates often create new domain accounts to maintain persistent access, even after reboots. They use numerous tools to steal user credentials, escalate privileges and spread throughout the network. Detection and prevention measuresThe Singaporean advisory outlines several strategies for detecting, deterring and neutralizing Akira attacks. Authorities strongly advise against paying ransoms, on the basis that doing so does not guarantee data recovery or prevent future attacks. Authorities also warn that paying ransoms can encourage further attacks. The FBI has noted that Akira operators do not contact victims. Instead, they expect victims to initiate contact. Payment in BitcoinThe advisory outlines how Bitcoin is implicated in the ransomware scam. It states:”Ransom payments are requested in Bitcoin, which are directed to cryptocurrency wallet addresses specified by the affiliates. The TOR site (.onion) where victims contact the affiliates, contains stolen information and a list of the affected organisations.” It’s not the first time that Singaporean authorities have issued warnings that have implicated Bitcoin and crypto. In January, the CSA and SPF, in a joint advisory, suggested that people should use hardware wallets in an effort to guard against crypto-related malware and phishing attacks. A number of weeks prior to that, Singapore’s former Prime Minister, Lee Hsien Loong, took to Facebook to issue a warning with regard to a crypto scam that involved the use of deceptive content generated using artificial intelligence (AI). Mitigation techniquesBusinesses are being urged by the authorities to adopt best practices to mitigate the Akira ransomware threat. They suggest the implementation of a recovery plan alongside the use of multi-factor authentication (MFA) in order to secure data and the access to that data.  They also suggest filtering network traffic as it helps in identifying and blocking malicious activities. Meanwhile, disabling unused ports and hyperlinks curbs the risk further as it reduces the attack surface. Lastly, the authorities suggested the use of system-wide encryption to protect data even if it is accessed by unauthorized entities.

Crypto Exchange HTX Reports $8 Million Hack Over WeekendCrypto exchange HTX confirmed on Monday that it fell victim to a hack over the weekend, resulting in losses amounting to 5,000 ETH ($8 million).HTX stakeholder Justin Sun, Founder of layer one blockchain TRON, disclosed the breach via an X post. In a series of subsequent X posts, Sun assured users and stakeholders that the exchange had promptly covered the losses, and current user deposits remained secure. He also emphasized that the platform was operating normally despite the security incident.Photo by GuerrillaBuzz on UnsplashHacker incentiveThe TRON Founder also extended an offer to the hacker responsible for the breach. He proposed a 5% reward for the return of the remaining funds, a figure notably lower than the 10% often offered to hackers in similar situations. Additionally, Sun dangled the possibility of a job at the exchange. That’s an unusual response to a cryptocurrency hack and one that had one commentator speculating upon the notion that the hacker belonged to the notorious North Korean Lazarus hacking group, pondering the prudence of such a move.Data from DeFi data aggregator DeFiLlama revealed that Seychelles-based HTX, formerly known as Huobi, witnessed nearly $10 million in outflows, with a remaining $2.73 million in customer deposits as of the latest data.Hacker’s identity may be knownThe hacker, who received a series of messages from an address identified as an HTX hot wallet by Nansen, was presented with a stark choice. The messages, written in both English and simplified Chinese, claimed to have uncovered the hacker’s true identity and urged the return of the stolen funds to the address 0x18709E89BD403F470088aBDAcEbE86CC60dda12e. In return, HTX offered a 5% “white hat bonus” valid until October 2, 2023. If the funds were not returned by that date, law enforcement would be involved, the message warned.The hack came shortly after Justin Sun shared a promotional video in which he depicted himself defeating a hooded figure symbolizing a hacker “shorting crypto” with a single punch while on a spaceship journey to what appeared to be Mars.Insolvency fearsOn Tuesday, Sun outlined that the exchange had established a “SAFU” (Safe Asset Fund for Users) fund for platform users. However, taking to X on Monday, Adam Cochran, Managing Partner at Cinneamhain Ventures, claimed that there was a likelihood that the HTX business is insolvent. Cochran maintains that available data suggests a shortfall in crypto holdings relative to HTX users' assets.Travis Kling, Founder and Chief Information Officer of Ikigai Asset Management, went one further on X, stating:”Not “probably”. Huobi is insolvent.”Kling, a long-time critic of Binance, went on to suggest that if Huobi were to collapse, that event would likely lead to Binance unraveling also.HTX originated in China and nowadays maintains offices in Singapore, Japan, South Korea, Hong Kong, and the UK. It has long been speculated that Justin Sun has a controlling stake in the HTX business. Sun has denied that assertion, instead suggesting that he is a member of HTX’s “Global Advisory Board.”

RaonSecure Partners with Korean Savings Banks to Build Mobile ID Verification SystemRaonSecure, a South Korean tech security firm and blockchain solutions developer, announced yesterday its partnership with the Korea Federation of Savings Banks (KFSB) to build a system that verifies customers’ identities through mobile identification cards, according to local news outlet Financial News.Photo by Brett Jordan on UnsplashImproving customer convenienceThe KFSB has undertaken the establishment of a mobile ID verification system with the goal of improving customer convenience. This system enables mobile ID cardholders to easily verify their identities during the know-your-customer (KYC) procedures of savings banks, whether they are conducted remotely or in-person. In pursuit of this objective, RaonSecure was chosen through a selection process that sought out a company with experience in constructing mobile IDs.Blockchain-powered DID solutionRaonSecure CEO Lee Soon-hyung said the company has demonstrated its technological prowess by providing cutting-edge services based on its blockchain-powered decentralized identity (DID) platform, OmniOne. These offerings include an application tailored for civil servant IDs, along with an app specially crafted to support citizens who entered or completed military service.Under this agreement, RaonSecure will develop a system designed to ensure both convenience and security in verifying mobile IDs across the integrated computer network of KFSB’s member banks. The company has future plans to extend its services to individual banks, aiming for wider implementation and utilization.During the initial phase of the service rollout, verification will be limited to driver’s licenses. However, RaonSecure’s overarching objective is to establish a dynamic and adaptable system capable of accommodating a broader array of identification documents, such as resident registration cards, in the future.Most Korean commercial banks have already accepted mobile IDs for their identification processes. Other financial institutions, including insurance companies and card companies, are also embracing this trend and introducing similar services. This collective shift is anticipated to expedite the growth and expansion of the industry.