OKX expands Middle East presence through Dubai license approval

KCC sets guidelines for user protection on metaverse platformsThe Korea Communications Commission (KCC) has established its latest guidelines for ensuring the protection and safety of users of metaverse platforms, dubbed the “Basic Principles for the Protection of Metaverse Users”.Photo by GuerrillaBuzz on UnsplashNavigating the metaverse landscapeAlthough metaverse platforms can create new economic and business opportunities by linking reality with the virtual realm and providing users with a realistic and immersive experience, the agency argued that various problems may arise due to the use of anonymous profiles or avatars.In response, the KCC assembled six voluntary principles for metaverse service providers to apply to their operations through discussions with a policy advisory group for metaverse ecosystem user protection. The group is composed of 29 members, including academics, legal experts and domestic and overseas companies. It has been active since last year.Fostering ethical metaverse environmentsThe principles cover topics like ensuring free yet respectful communication between users; granting users a platform for voicing their opinions on issues related to their rights and interests; and ensuring that transactions involving digital products and services are conducted on proper terms. They also urge companies to give users the right to use and manage their own data along with that of the metaverse.On a less technical level, the last principle mentions that companies should make efforts to study the long-term impact of the metaverse on users’ physical and mental health, and on society, culture, environment and economy.The agency has also proposed to draft a code of practice outlining more specific measures to protect users, such as prohibiting sexual harassment and stalking, reporting and punishing cyberbullying and transferring the right to purchase NFTs.Responsible governanceMajor metaverse platform operators like Naver, SKT and Meta, who are members of the agency, agreed to apply the guidelines and include them in their relevant terms and conditions documents and service operation regulations. The KCC stated that it plans to monitor whether or not these commitments are met.Although not mandatory, the guidelines are recommended as measures to resolve user inconvenience, enhance service reliability and provide standards for user protection. User protection includes that of children, adolescents and personal privacy.

Dubai-based crypto exchange Bybit said it will temporarily pause the onboarding of new users in Japan as it adjusts to regulatory changes under the country’s Financial Services Agency (FSA). In a statement released on Oct. 30, the company explained that the suspension is part of its effort to reassess compliance obligations and align with upcoming local standards. Starting Oct. 31 at 12:00 p.m. UTC, Bybit will no longer accept new account registrations from Japanese nationals or residents. The company added that the change will not affect existing customers, whose services will remain uninterrupted for now. The decision landed amid a shifting domestic policy backdrop. Policymakers at the FSA have been weighing the treatment of crypto assets under the Financial Instruments and Exchange Act, viewing digital tokens through the lens of investment products. Officials have pointed to sharp price volatility and cyber-theft risks as reasons to strengthen safeguards for depositors and insured individuals.Photo by Cosmin Georgian on UnsplashBanks and insurers face ban on crypto salesAccording to an Asahi Shimbun report cited by Yonhap News, the FSA is set to prepare a draft framework that would bar banks and insurance companies from selling crypto directly, while permitting sales through brokerage firms. The draft was said to be slated for submission to the regular Diet session next year. In order to preserve a level competitive field, the authority plans to allow securities arms of banks and insurers to distribute tokens, given that online brokerages already offer crypto exposure. The same report suggested that banks and insurers could be allowed to hold and manage crypto assets once adequate risk management systems were in place. Market developments have continued alongside the policy work. Reuters reported that a yen-pegged stablecoin called JPYC launched on Oct. 27, issued by a company of the same name and backed by domestic savings and Japanese government bonds. An earlier Nikkei article had signaled that regulatory approval was expected, leaving timing as the main open question until the debut. Economic stimulus at odds with rate hike talkBroader macroeconomic policy has also been in focus for crypto investors. Some analysts have argued that an economic stimulus package announced by Japan’s newly elected Prime Minister Sanae Takaichi could channel fresh capital into markets and, by extension, provide a tailwind for Bitcoin. On social media platform X, BitMEX co-founder Arthur Hayes suggested that additional government support for households and businesses might propel the largest cryptocurrency toward the $1 million mark. Monetary policy remains a counterweight. The Bank of Japan kept its benchmark rate at 0.5% on Oct. 30, which led to a weaker yen and boosted demand for government bonds. According to Reuters, Governor Kazuo Ueda indicated that wage trends would guide the next step, leaving open the possibility of a rate increase as early as December. Higher interest rates typically raise borrowing costs and can damp risk appetite, dynamics that often weigh on speculative assets such as cryptocurrencies. Investors are watching how Japan’s evolving rulebook, fiscal support, and cautious monetary tightening intersect—and how that mix ultimately shapes crypto participation and pricing in one of Asia’s most closely observed markets. 

Crypto vulnerability uncovered with $1B in digital asset exposureSecurity vulnerabilities in the validator infrastructure of InfStones, an established infrastructure provider, have been disclosed by Tel Aviv-headquartered cybersecurity firm dWallet Labs.Photo by Brett Jordan on UnsplashBlockchain network validator vulnerabilityIn a detailed Medium blog post published on Tuesday, dWallet Labs shed light on a series of vulnerabilities that, when exploited, could potentially allow attackers to gain full control, execute code and extract private keys from numerous validators on major blockchain networks. Cryptocurrencies such as ETH, BNB, SUI, APT and others were identified as at risk, with potential direct losses estimated to exceed one billion dollars.The vulnerabilities discovered by dWallet Labs opened the door for attackers to compromise the private keys of validators across multiple blockchain networks, putting over one billion dollars of staked assets at risk. In response to the findings, InfStones, a Web3 infrastructure platform, also released a statement on Tuesday acknowledging the potential threat. However, its representative, Darko Radunovic, disputed the figures provided by dWallet Labs in a statement sent to Cointelegraph. Radunovic stated that the vulnerabilities identified in the production environment account for below 0.1% of their active nodes launched to date, emphasizing that the impact would be limited to a small fraction of their operational nodes.According to InfStones, “237 instances were in scope, of which 212 instances were deployed for our development and testing purposes, and 25 freshly deployed instances in the production environment.”Mitigating steps takenThe company detailed the immediate actions taken to mitigate the vulnerabilities, including shutting down the affected ports, as well as rotating all credentials and keys within their platform. An internal review conducted by InfStones revealed no additional adverse effects. Notwithstanding that, the company took the additional step of hiring an external security firm to audit its systems and policies.Meanwhile, dWallet Labs Founder and CEO Omer Sadika shared his thoughts on the X platform as to how he believes such events should be handled. Sadika wrote:”The worst way to handle a cybersecurity vulnerability is not taking responsibility and lying. We were super open and transparent with the goal of eliminating the risk to web3. My take: it’s not about whether you are fully secure or not, because no one is, it’s about how you handle it and maintain the trust with your partners and customers.”The collaboration between dWallet Labs and InfStones sheds light on the ongoing challenges faced by the cryptocurrency industry in maintaining the security and integrity of blockchain networks. While vulnerabilities were identified and addressed, the incident underscores the importance of proactive security measures to safeguard the assets and data within the rapidly evolving landscape of digital assets.