U.S. seizes web domains tied to Burma-based crypto investment fraud ring

Wemade has signed an agreement with Swedish gaming company Crypto Rogue Games to onboard the developer’s blockchain game Crystals of Naramunz to WEMIX PLAY, according to an official press release on Tuesday (KST).Photo by Anas Alshanti on Unsplash“Our collaboration represents a convergence of expertise and creativity,” said Åke Andre, CEO of the development studio. “Crypto Rogue Games is thrilled to announce our partnership with WEMIX PLAY. This marks a significant milestone in our vision to reach the pinnacle of excellence in the Action RPG genre by providing everlasting experiences and value to our players.” Post-apocalyptic funCrystals of Naramunz is an upcoming free-to-play action role-playing game (RPG) set in a post-apocalyptic steampunk world called Naramunz. Players can explore Naramunz, which is characterized by ruins and dungeons, maximize the benefits of their in-game items and skills, and collect and trade in-game assets. The game also features fast and explosive action sequences, character upgrades and a barter economy. Unveiling potentialCrypto Rogue Games recently held an Alpha playtest for Crystals of Naramunz to gather feedback and assess improvements that can be made. A report published on the game’s official Medium page disclosed that reactions were positive, noting strengths and weaknesses of the game in its current stage of development. Crypto Rogue Games is led by a team of industry veterans from various RPG projects like the Path of Exile series and Pillars of Eternity, as well as the strategic simulation game Stellaris.

South Korea’s largest cryptocurrency exchange Upbit has opened a special event in celebration of its staking service surpassing a total value of KRW 1.5 trillion ($1.2 billion), where users can participate in a staking quiz to receive 0.002 ETH (approximately $4.60) each. Staking refers to the process of entrusting crypto assets to be utilized for a blockchain’s operations and receiving rewards in return.Photo by Nenad Novaković on UnsplashEvent detailsParticipants in the quiz event will have 30 minutes to complete five quizzes related to Upbit’s staking service. The total reward pool is 210 ETH, which will be allocated to 100,000 participants on a first-come, first-served basis the day after answers are submitted. After completing the quiz mission, ten users who also stake their Ethereum assets will get the opportunity to be selected to receive 1 ETH each. "We organized the event to make more users aware of staking on Upbit and to express our gratitude,” Dunamu, the operator of Upbit, said. Upbit’s growing staking platformUpbit’s staking service was officially launched in January last year. Currently, there are five cryptocurrencies that can be staked on Upbit – Ethereum, Cosmos, Cardano, Solana and Polygon. In particular, the exchange does not manage user assets or entrust them to external parties but stakes them through self-operated validators. All staked assets are stored in a cold wallet. 

Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe and Australia in just a year, is now targeting businesses in Singapore. In response, Singaporean authorities have issued a joint advisory warning local businesses about the increasing threat posed by a variant of this ransomware.Photo by Mike Enerio on UnsplashAlert follows complaintsThe alert follows multiple complaints from victims, prompting agencies like the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) to take action. These agencies emphasize the urgency of recognizing and combating this threat. How Akira operatesAkira affiliates employ various techniques to infiltrate a victim's network. These include exploiting known vulernabilities. For example, that could mean the targeting of services like Cisco virtual private networks (VPNs) that have been configured without multi-factor authentication (MFA). Another approach that the ransomware incorporates is attacking external-facing services such as the Remote Desktop Protocol (RDP) via brute force. Social engineering is another tool within its repertoire. This involves tricking victims into downloading malicious software or entering credentials on phishing websites. There is a marketplace for compromised credentials in the dark web. Akira also relies on such data, acquiring it from access brokers who sell network access.  Once inside a network, Akira affiliates often create new domain accounts to maintain persistent access, even after reboots. They use numerous tools to steal user credentials, escalate privileges and spread throughout the network. Detection and prevention measuresThe Singaporean advisory outlines several strategies for detecting, deterring and neutralizing Akira attacks. Authorities strongly advise against paying ransoms, on the basis that doing so does not guarantee data recovery or prevent future attacks. Authorities also warn that paying ransoms can encourage further attacks. The FBI has noted that Akira operators do not contact victims. Instead, they expect victims to initiate contact. Payment in BitcoinThe advisory outlines how Bitcoin is implicated in the ransomware scam. It states:”Ransom payments are requested in Bitcoin, which are directed to cryptocurrency wallet addresses specified by the affiliates. The TOR site (.onion) where victims contact the affiliates, contains stolen information and a list of the affected organisations.” It’s not the first time that Singaporean authorities have issued warnings that have implicated Bitcoin and crypto. In January, the CSA and SPF, in a joint advisory, suggested that people should use hardware wallets in an effort to guard against crypto-related malware and phishing attacks. A number of weeks prior to that, Singapore’s former Prime Minister, Lee Hsien Loong, took to Facebook to issue a warning with regard to a crypto scam that involved the use of deceptive content generated using artificial intelligence (AI). Mitigation techniquesBusinesses are being urged by the authorities to adopt best practices to mitigate the Akira ransomware threat. They suggest the implementation of a recovery plan alongside the use of multi-factor authentication (MFA) in order to secure data and the access to that data.  They also suggest filtering network traffic as it helps in identifying and blocking malicious activities. Meanwhile, disabling unused ports and hyperlinks curbs the risk further as it reduces the attack surface. Lastly, the authorities suggested the use of system-wide encryption to protect data even if it is accessed by unauthorized entities.