Backpack forges partnership with Australian crypto on-ramp provider

The crypto space continues to suffer a disproportionate share of hacks and scams that were further exacerbated on Wednesday, with Malaysian crypto data aggregator the latest to succumb to a security breach. Serving as yet another stark reminder of the persistent threats plaguing the sector, a phishing scam targeted CoinGecko's X account, leading to a brief compromise that raised concerns about the safety of user information.Photo by GuerrillaBuzz on UnsplashPhishing scamDuring this incident, hackers posted a phishing link on CoinGecko's X account, falsely advertising a token airdrop for a cryptocurrency named GCKO. The deceptive post claimed that GCKO could be used for API services, including the cryptocurrency ANKR. Swift action by CoinGecko involved the removal of the fraudulent post and a public warning urging users to avoid interacting with any suspicious links or content. In an X post, CoinGecko wrote:”Our Twitter accounts @CoinGecko and @GeckoTerminal have been compromised. We're taking immediate steps to investigate the situation and secure our accounts. Please DO NOT click on any links or engage with suspicious content. Your security is our top priority.” Employee errorThe firm followed up with an update on Thursday, attributing the breach to a team member inadvertently clicking on a fraudulent Calendly link, granting unauthorized access to the hacker. Despite having two-factor authentication (2FA) enabled and employing robust security measures, CoinGecko emphasized that the inadvertent click allowed unauthorized access. The compromised accounts were then exploited to disseminate misleading information and potentially engage in malicious activities. CoinGecko expressed sincere apologies for any confusion or inconvenience caused by the incident. The company reiterated its commitment to platform security and continuous improvement of internal controls, assuring users that corrective measures were promptly implemented. SEC incompetenceCoinGecko's security incident occurred within 24 hours of a similar occurrence involving the U.S. Securities and Exchange Commission (SEC). The SEC's X account was compromised, with scammers posting a false message from Chair Gary Gensler about the approval of spot bitcoin exchange-traded funds (ETFs). While CoinGecko identified a vulnerability in its security regimen, the SEC later confirmed that the breach in its case was far more basic. It was not due to infrastructure attacks but rather the lack of 2-factor authentication (2FA) tied to the SEC's account, the most basic form of operations security. Gensler and the SEC have come in for major criticism from the crypto community in the U.S. due to a policy of regulation by enforcement that has been pursued. With that, the Commission came in for swift and harsh criticism in the immediate aftermath of its X account hack. Many pointed out the irony of Gensler advising consumers to secure their accounts back in October when the SEC itself had failed to do so. Others queried who would be responsible for what some interpreted as an episode of market manipulation, something that the SEC has perennially associated the crypto markets with. During the time that the account was compromised, millions of dollars of value were liquidated in short and long trading positions. CoinGecko's quick response serves as a valuable lesson in the importance of vigilance and proactive security measures amid the growing threats facing the cryptocurrency community.

Hong Kong and Kazakhstan Pilot SWIFT’s CBDC SolutionCentral bank digital currency (CBDC) development globally is unrelenting, with the latest iteration of that involving global financial messaging network SWIFT.The global member-owned cooperative recently disclosed that three central banks are currently participating in beta-testing of this revolutionary solution, including the Hong Kong Monetary Authority (HKMA) and the National Bank of Kazakhstan.Photo by NASA on UnsplashBuilding upon initial successThe company provided details on the initiative via a press release published to its website on Wednesday. Simultaneously, an extended consortium of over 30 financial institutions is embarking on sandbox experiments to explore a multitude of potential use cases.The impetus behind SWIFT’s commitment to CBDC interoperability grew stronger after a successful round of sandbox testing. Participants in the initial phase quickly recognized the potential and intrinsic value of SWIFT’s solution.Building on this success, the beta version of SWIFT’s CBDC connector solution is now being integrated into the infrastructure of three central banks and monetary authorities.Second phase testingIn tandem with the beta testing, SWIFT has inaugurated a second phase of sandbox experiments, drawing in a consortium of commercial banks, central banks, and financial market infrastructure providers. This phase is dedicated to exploring an array of use cases, ranging from trigger-based payments for digital trade platforms to foreign exchange models, delivery vs. payment mechanisms, and liquidity-saving techniques.Eighteen central and commercial banks had taken part in the first phase of those sandbox experiments. Equally, the second phase has attracted a long list of entities, including the Reserve Bank of Australia, Deutsche Bundesbank, HKMA, Bank of Thailand, CLS, and others. With thirty leading global financial institutions participating in this latest testing round, that makes for a 66% increase in participation by comparison with the first phase. Their collective input and collaboration will contribute towards shaping the future landscape where CBDCs are concerned.Tom Zschach, Chief Innovation Officer at SWIFT, commented on the use of the technology in bridging from existing systems, stating:“The financial community has already recognized the strong potential of our CBDC innovations for preventing digital islands while securely bridging the payment systems of today and the future.”Global hotbed of innovationThe American think tank, the Atlantic Council, has been tracking CDBC projects on a global basis. Its endeavors in that respect demonstrate the expansive efforts that are being made to develop this technology.19 of the G20 countries are in advanced stages of CBDC development, with nine already in pilot phases. While this proliferation signifies the growing importance of CBDCs on the global stage, it also raises concerns about potential fragmentation as countries predominantly focus on domestic usage.SWIFT has taken a proactive stance in addressing the potential challenges of a fragmented CBDC landscape. The company embarked on its CBDC journey over 18 months ago, with the initial sandbox phase simulating nearly 5,000 transactions between different blockchain networks and existing fiat-based payment systems.

OpenAI CEO Sam Altman's Worldcoin project aims to bolster ties with Malaysian officials amid concerns over data privacy. Sam Altman and Alex Blania, key figures behind the Worldcoin project, recently engaged in discussions with Malaysian leaders, including the nation's Prime Minister, to enhance government relations. The move comes as Worldcoin faces scrutiny and seeks to address concerns surrounding data protection.Photo by Esmonde Yong on UnsplashAddressing privacy concernsThe "proof-of-personhood" crypto project has been under scrutiny for its data collection practices. Last month, temporary bans were imposed by Spain and Portugal, halting Worldcoin's data collection activities. The project offers WLD tokens to users in exchange for iris scans to create their personal World ID, prompting privacy advocates' concerns. Government attention and oversightWorldcoin's high-profile nature, coupled with Sam Altman's involvement, has drawn significant government attention. Countries like Germany, France, Argentina, Kenya and South Korea have initiated investigations into the project's data collection practices. Despite challenges, senior government officials continue to engage with Worldcoin amidst growing concerns about artificial intelligence threats like deepfakes. Strengthening government relationsTo address regulatory concerns, Worldcoin's parent company, Tools for Humanity, appointed Trevor Traina, former U.S. ambassador to Austria, as Head of Global Affairs. Traina emphasized the importance of meeting policymakers' expectations regarding data privacy and security. New privacy measuresIn response to regulatory pressures, Worldcoin introduced "Personal Custody," discontinuing the storage of biometric data for new signups. Additionally, users can now request the deletion of their iris codes, and stricter age verification measures have been implemented to prevent minors from signing up. These measures were developed in consultation with privacy experts and data protection authorities. Despite challenges, Worldcoin has assigned over five million World IDs, according to project data.