EU bans Ruble-backed stablecoin A7A5 in latest round of Russia sanctions

HKMA reflects on retail CBDC pilot phase one completionHong Kong’s Monetary Authority (HKMA), the Chinese territory’s central bank, recently released a report following the completion of phase one of its central bank digital currency (CBDC) pilot, highlighting the potential benefits of a retail CBDC, commonly referred to as e-HKD (digital Hong Kong dollar).Photo by Ruslan Bardash on UnsplashUndecided on full implementationIn a press release published by the HKMA on Monday, the authority clarified that the report underscores that while a retail CBDC could bring value to the payments ecosystem and unlock new economic transaction possibilities, in-depth investigation and evaluation are essential before considering large-scale implementation.At this stage, Hong Kong’s central bank has not committed to introducing an e-HKD, but the report sheds light on the prospects and challenges associated with such a move. The region has been signaling its intent to position itself as a hub for virtual assets, evident in the regulatory framework introduced in June and the granting of licenses to crypto trading platforms in August.Project e-HKD, initiated by the HKMA in 2021, is a significant step toward assessing the feasibility of a digital Hong Kong dollar. The pilot program was launched in November 2022 as part of the HKMA's “Fintech 2025” strategy. However, the HKMA remains cautious, as reflected in the comments of HKMA CEO Eddie Yue earlier this month. Yue told the South China Morning Post that the central bank is still waiting for greater clarity when it comes to the technological, legal and societal aspects of full implementation.Three core attributes identifiedThe report identifies three primary areas where an e-HKD could provide value: programmability, tokenization and atomic settlement. These attributes could lead to faster, more cost-efficient and more inclusive transactions. However, it’s essential to note that the 14 pilot programs conducted with 16 participating firms during phase one were executed on a small scale within a controlled environment.The phase one review highlights that the true potential and prerequisites for implementing an e-HKD on a larger scale depend on market developments and further investigation. It acknowledges that minor issues identified during the pilot phase could become more prominent or even unacceptable in a production environment.Gearing up for phase twoPhase one of the pilot program delved into various aspects, including full-fledged payments, offline payments, tokenized deposits, programmable payments and the settlement of Web3 transactions and tokenized assets. Hong Kong is now gearing up for phase two of the pilot, with plans to explore new use cases for an e-HKD and engage in more focused pilot initiatives. The goal is to understand how the e-HKD can facilitate innovative methods of transacting goods and services while maintaining financial stability.The HKMA’s stance on a retail CBDC places it at the center of a global debate. While the U.S. remains undecided on the issue, with the topic becoming contentious in presidential elections, India has forged ahead with plans for a retail CBDC. Meanwhile, Thailand’s central bank commenced a pilot project for a retail CBDC earlier this year.

Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe and Australia in just a year, is now targeting businesses in Singapore. In response, Singaporean authorities have issued a joint advisory warning local businesses about the increasing threat posed by a variant of this ransomware.Photo by Mike Enerio on UnsplashAlert follows complaintsThe alert follows multiple complaints from victims, prompting agencies like the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) to take action. These agencies emphasize the urgency of recognizing and combating this threat. How Akira operatesAkira affiliates employ various techniques to infiltrate a victim's network. These include exploiting known vulernabilities. For example, that could mean the targeting of services like Cisco virtual private networks (VPNs) that have been configured without multi-factor authentication (MFA). Another approach that the ransomware incorporates is attacking external-facing services such as the Remote Desktop Protocol (RDP) via brute force. Social engineering is another tool within its repertoire. This involves tricking victims into downloading malicious software or entering credentials on phishing websites. There is a marketplace for compromised credentials in the dark web. Akira also relies on such data, acquiring it from access brokers who sell network access.  Once inside a network, Akira affiliates often create new domain accounts to maintain persistent access, even after reboots. They use numerous tools to steal user credentials, escalate privileges and spread throughout the network. Detection and prevention measuresThe Singaporean advisory outlines several strategies for detecting, deterring and neutralizing Akira attacks. Authorities strongly advise against paying ransoms, on the basis that doing so does not guarantee data recovery or prevent future attacks. Authorities also warn that paying ransoms can encourage further attacks. The FBI has noted that Akira operators do not contact victims. Instead, they expect victims to initiate contact. Payment in BitcoinThe advisory outlines how Bitcoin is implicated in the ransomware scam. It states:”Ransom payments are requested in Bitcoin, which are directed to cryptocurrency wallet addresses specified by the affiliates. The TOR site (.onion) where victims contact the affiliates, contains stolen information and a list of the affected organisations.” It’s not the first time that Singaporean authorities have issued warnings that have implicated Bitcoin and crypto. In January, the CSA and SPF, in a joint advisory, suggested that people should use hardware wallets in an effort to guard against crypto-related malware and phishing attacks. A number of weeks prior to that, Singapore’s former Prime Minister, Lee Hsien Loong, took to Facebook to issue a warning with regard to a crypto scam that involved the use of deceptive content generated using artificial intelligence (AI). Mitigation techniquesBusinesses are being urged by the authorities to adopt best practices to mitigate the Akira ransomware threat. They suggest the implementation of a recovery plan alongside the use of multi-factor authentication (MFA) in order to secure data and the access to that data.  They also suggest filtering network traffic as it helps in identifying and blocking malicious activities. Meanwhile, disabling unused ports and hyperlinks curbs the risk further as it reduces the attack surface. Lastly, the authorities suggested the use of system-wide encryption to protect data even if it is accessed by unauthorized entities.

A Chinese creditor of failed crypto exchange FTX has filed an objection on his own behalf and that of 300 others, with a U.S. bankruptcy court against a motion lodged with a view towards excluding payouts to creditors resident in China, Russia and 47 other foreign jurisdictions.Photo by Mariia Shalabaieva on UnsplashPotential distribution forfeitureThe FTX Recovery Trust, an entity formed in January to oversee the FTX bankruptcy estate following the adoption of a plan of reorganization, filed a motion last week seeking the approval of the Delaware Bankruptcy Court in the United States to adhere to new parameters related to the claims of creditors residing in restricted overseas jurisdictions. Besides China and Russia, the list of restricted jurisdictions also includes many within the Asian region, including  Afghanistan, Iran, Iraq, Macau, Myanmar (Burma), Nepal, North Korea, Pakistan, Qatar, Bangladesh and Cambodia. The FTX estate claims that these jurisdictions have regulations and laws restricting cryptocurrency transactions. In such cases, the FTX Recovery Trust claims that it cannot break local laws.  The difficulty for creditors resident in these countries is that if it's deemed illegal to reimburse them, they won’t qualify for the next scheduled distribution from the estate. In that instance, distribution forfeiture will be triggered. Taking to X on July 7, FTXcreditor.com, an entity that has been buying up bankruptcy claims from FTX creditors over the course of the FTX bankruptcy process, highlighted the peril that creditors residing in these restricted countries may face. It stated: “Distribution forfeiture is triggered at every distribution record date. The first record date already passed, if your claim is still tied to a local KYC when the stamp drops, that tranche is potentially gone.” Short timeframe for objectionsMr. Purple, a pseudonymous distressed assets bankruptcy professional who has been advocating for FTX creditors since the collapse of the business in November 2022, concurred with this view in a subsequent post on X. He pointed out that an extremely short timeframe has been given to affected creditors to respond. The motion was filed on July 2 and objections are due by July 15. $500 million in claims are at stake which accounts for 5% of all creditor claims. Of this, 82% of these claims belong to Chinese creditors. In a series of follow-up posts, the bankruptcy professional describes several procedural issues that he believes will result in it being incredibly difficult for affected creditors to have their funds reimbursed.Mr. Purple concludes:”The incentives are designed to be extremely risk averse in finding [a legal opinion] that paying creditors is legal! [The estate’s lawyers will] take the fees and say its not legal.” In his court filing, the Chinese creditor, who is resident in Singapore, stated: “My family holds four KYC-verified accounts with aggregate claims exceeding $15 million USD.” . . . “We have fully complied with every procedural requirement under the Plan. The proposed motion now jeopardizes our right to distribution in an arbitrary and inequitable manner.” On X, he asserted that the FTX Recovery Trust’s motion “constitutes an impermissible and material modification of the Plan.” Aside from legal action, the only other potential solution for creditors residing in restricted countries is to sell their claims. However, claims buyers are pricing in greater risk with lower rates and less favorable terms.