Assemble Protocol’s Native Token Now Supported by Ceffu’s Custody Solution

Bakkt, an American digital asset custodian and trading firm, has acquired a stake in Marusho Hotta, a Japanese textile firm, as part of a new crypto treasury strategy which the company adopted recently. The firm, which was established in 2018 and is 55% owned by Intercontinental Exchange, the owner of the New York Stock Exchange (NYSE), published a statement on its website on Aug. 6, outlining that it had acquired a 30% stake in Marusho Hotta. The textile firm, a publicly-listed company on the Tokyo Stock Exchange (TSE: 8105), is both a manufacturer and distributor of yarn and bedding, as well as Japanese and Western clothing.Photo by 🇸🇮 Janko Ferlič on Unsplash‘bitcoin.jp’As a result of the transaction, Bakkt International President Phillip Lord will become CEO of Marusho Hotta, and the company will be renamed as “bitcoin.jp.” Akshay Naheta, co-CEO of Bakkt, commented on the development, stating: "Japan's regulatory environment creates an ideal platform for a Bitcoin-centered growth business. We look forward to working with MHT's team to integrate Bitcoin into their operating and financial model and to establish MHT as a leading Bitcoin treasury company." Back in June, it emerged that Bakkt was working towards raising $1 billion from investors, providing the first indication that the firm was moving towards pursuing a crypto treasury strategy. A filing lodged with the Securities and Exchange Commission (SEC) at the time stated:“We may acquire Bitcoin or other digital assets using excess cash, proceeds from future equity or debt financings, or other capital sources, subject to the limitation set forth in our Investment Policy.” The company went on to outline that the timing and magnitude of any such crypto purchases would depend upon market conditions at the time, capital market receptivity, the firm’s business performance and other strategic considerations. Given the credentials within traditional finance of the company’s owners, the arrival of Bakkt in 2018 was seen as a significant event within the crypto sector. However, the firm’s journey has not been an easy one. It started out by trying to appeal to retail users and bring about real-world use of cryptocurrency. It established an app and a partnership with Starbucks, which looked to bring crypto into mainstream use in terms of everyday payments.However, that partnership fizzled out and in 2024 a filing lodged by the company with the SEC revealed that the company’s position was challenging, with it warning that it “might not be able to continue as a going concern.” When the business first launched, it aspired to bring Bitcoin to 401(k) retirement accounts in the U.S. It may have been ahead of its time in that regard as it had to contend with Donald Trump’s first term as president when he wasn’t particularly pro-crypto and a distinctly anti-crypto Biden administration immediately afterwards. It is only now, seven years after the founding of Bakkt, that the current Trump administration is finally moving to allow crypto investment to form part of 401(k) plans. More recently the firm had concentrated on catering to the needs of institutional investors but faced further turmoil earlier this year when it lost two customers who allegedly made up 73% of Bakkt’s revenue.

Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe and Australia in just a year, is now targeting businesses in Singapore. In response, Singaporean authorities have issued a joint advisory warning local businesses about the increasing threat posed by a variant of this ransomware.Photo by Mike Enerio on UnsplashAlert follows complaintsThe alert follows multiple complaints from victims, prompting agencies like the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) to take action. These agencies emphasize the urgency of recognizing and combating this threat. How Akira operatesAkira affiliates employ various techniques to infiltrate a victim's network. These include exploiting known vulernabilities. For example, that could mean the targeting of services like Cisco virtual private networks (VPNs) that have been configured without multi-factor authentication (MFA). Another approach that the ransomware incorporates is attacking external-facing services such as the Remote Desktop Protocol (RDP) via brute force. Social engineering is another tool within its repertoire. This involves tricking victims into downloading malicious software or entering credentials on phishing websites. There is a marketplace for compromised credentials in the dark web. Akira also relies on such data, acquiring it from access brokers who sell network access.  Once inside a network, Akira affiliates often create new domain accounts to maintain persistent access, even after reboots. They use numerous tools to steal user credentials, escalate privileges and spread throughout the network. Detection and prevention measuresThe Singaporean advisory outlines several strategies for detecting, deterring and neutralizing Akira attacks. Authorities strongly advise against paying ransoms, on the basis that doing so does not guarantee data recovery or prevent future attacks. Authorities also warn that paying ransoms can encourage further attacks. The FBI has noted that Akira operators do not contact victims. Instead, they expect victims to initiate contact. Payment in BitcoinThe advisory outlines how Bitcoin is implicated in the ransomware scam. It states:”Ransom payments are requested in Bitcoin, which are directed to cryptocurrency wallet addresses specified by the affiliates. The TOR site (.onion) where victims contact the affiliates, contains stolen information and a list of the affected organisations.” It’s not the first time that Singaporean authorities have issued warnings that have implicated Bitcoin and crypto. In January, the CSA and SPF, in a joint advisory, suggested that people should use hardware wallets in an effort to guard against crypto-related malware and phishing attacks. A number of weeks prior to that, Singapore’s former Prime Minister, Lee Hsien Loong, took to Facebook to issue a warning with regard to a crypto scam that involved the use of deceptive content generated using artificial intelligence (AI). Mitigation techniquesBusinesses are being urged by the authorities to adopt best practices to mitigate the Akira ransomware threat. They suggest the implementation of a recovery plan alongside the use of multi-factor authentication (MFA) in order to secure data and the access to that data.  They also suggest filtering network traffic as it helps in identifying and blocking malicious activities. Meanwhile, disabling unused ports and hyperlinks curbs the risk further as it reduces the attack surface. Lastly, the authorities suggested the use of system-wide encryption to protect data even if it is accessed by unauthorized entities.

KuCoin Ups Compliance via Mandatory KYCKuCoin, the Seychelles-headquartered global cryptocurrency exchange, has unveiled plans to strengthen its Know Your Customer (KYC) system by introducing mandatory identity checks.In an official announcement on Wednesday, KuCoin stated that this upgrade aims to ensure compliance with global anti-money laundering (AML) regulations. Effective from July 15, KuCoin will require all new users to undergo KYC authentication as part of the registration process. Those who fail to complete the KYC process will be unable to access KuCoin’s wide range of products and services, according to the exchange.Photo by Markus Winkler on UnsplashExisting and new usersFurthermore, existing users who registered prior to July 15, 2023, will also be required to complete the KYC process to access certain features on KuCoin. Withdrawals will remain unaffected for these users. However, they will no longer be able to deposit new funds, the announcement outlines.Despite the introduction of mandatory KYC, KuCoin’s existing non-KYC users will still be able to utilize services such as spot trading sell orders, futures trading deleveraging, and margin trading deleveraging. Additionally, other available services for existing non-KYC users include redemptions at KuCoin’s staking and lending hub, KuCoin Earn, and exchange-traded funds’ redemption.Johnny Lyu, the CEO of KuCoin, explained the KYC process, stating: “A complete KYC process requires users to provide their name, identification number, and identification photo, and undergo facial recognition.” Lyu emphasized that KuCoin carefully verifies customer identification and collects the necessary data in compliance with the laws and regulations of applicable jurisdictions.He added: “Typically, we require customer identification information including information on the customer’s name and further identifiers such as a physical address, date of birth, and national ID number.”Risk profile data collectionIn accordance with regulatory requirements, KuCoin also collects additional information regarding a customer’s business and risk profile. This includes details about the nature and volume of trading activity and the origin of virtual funds deposited, according to Lyu.Lyu underscored that KYC has always been a principle adhered to by KuCoin and that identity recognition is an established part of its process. He further highlighted that KuCoin’s KYC policy is designed to align with regulations in applicable jurisdictions, as there is no unified global KYC regulation at present.KuCoin has also made it clear that the exchange does not support the United States KYC requirements based on their current or updated KYC rules. This new mandatory KYC update will impact a significant number of cryptocurrency users globally. As of July 2022, KuCoin reported over 20 million registered accounts on its platform.Leading global exchangeKuCoin is also recognized as one of the world’s largest cryptocurrency exchanges in terms of trading volumes. At the time of writing, KuCoin’s daily trading volumes exceed $540 million, with more than 8 million monthly visits, according to data from CoinGecko. For comparison, major United States-based exchange Kraken receives approximately 5 million visits per month, with a daily trading volume of around $380 million.This move by KuCoin follows a trend of increasing KYC policies among cryptocurrency exchanges. In May, Dubai-based Bybit restricted non-KYC users from withdrawing more than 20,000 Tether (USDT) monthly. It has been reported that cybercriminals have taken advantage of KYC requirements, selling hacked and verified crypto accounts on the darknet for as low as $30 as of April 2023.