Xangle Joins Com2uS Group’s Blockchain Mainnet XPLA as Validator

Haru Invest Considers Server Suspension as Troubles PersistIn the wake of halting withdrawals in June, Haru Invest, a Singapore-headquartered cryptocurrency platform, is contemplating the suspension of its server. This decision is part of the firm’s ongoing efforts to streamline operations and reduce maintenance costs.Photo by David Guenther on UnsplashCost reductionCEO Hugo Lee made the announcement on Monday, underscoring the significant burden of server maintenance costs on the company’s finances. He acknowledged that this cost represents a substantial portion of their fixed expenses and is thus a top priority for the firm.Lee disclosed:“We plan to suspend the service in a few weeks, backing up all member information.”However, he also noted that the company is yet to finalize a concrete plan for the server suspension.The move to shut down the server aligns with Haru Invest’s broader strategy to lower all costs associated with its services. Lee explained:“Some of the current fixed expenditures include the upkeep of Haru Invest services, the cost of workspace like the office, and the cost of communication with our members.”The company is actively seeking ways to reduce these expenses and preserve its assets.Asset distributionAdditionally, Lee assured users that the assets conserved thus far would be included in the distribution to those who have had their funds locked on the platform since June, offering a glimmer of hope to impacted users.Nevertheless, the announcement of the server suspension has raised concerns within the Haru Invest community. Some users have expressed skepticism about the purported high costs of server maintenance, believing the firm’s claim to be exaggerated.One user, voicing this discontent, commented on Haru Invest’s Telegram channel, “Server costs cost nothing.” Another remarked: “Servers are gone soon guys, huge costs, 200 USD a month.” According to industry standards, the maintenance costs for running a server for a small to medium-sized business typically range between $35 to $500 per month.Unhappy platform usersLee’s statement regarding the impending server suspension follows the platform’s earlier decision to terminate deposits and withdrawals in June. This decision was coupled with the closure of Haru Invest’s offices and the dismissal of numerous employees, as reported by local news agencies.Haru Invest attributed these issues to the fraudulent activities of the consignment operator B&S Holdings, formerly known as Aventus. While some investors accused the firm of orchestrating a “rug pull,” Haru Invest denied these allegations and maintained its innocence. One user posted the following claim on X (formerly Twitter) last week: “Rugpull. If justice is served, the scammers will be behind bars.”In a bid to address concerns over its corporate rehabilitation application, Lee appeared in court in September, emphasizing that Haru Invest was actively cooperating with investigating agencies. However, the company has yet to provide a timeline for the recovery of users’ assets as of early October.Lee also addressed the matter in Monday’s statement: “We are also responding to the rehabilitation proceedings that some of our members have filed with the court as mentioned in our previous announcement, in addition to actively cooperating with other authorities’ investigations. ”Haru Invest is reportedly facing a class-action lawsuit with disgruntled investors alleging fraud.

The UK affiliate of Banxa, the Australia-headquartered financial infrastructure firm, has clinched a coveted spot as the first entity to grace the Financial Conduct Authority's (FCA) crypto register for the year 2024.Photo by Susan Q Yin on UnsplashAuthorized VASPThe company drew attention to this milestone on Tuesday, through the publication of a press release. The approval catapults BNXA UK VASP (virtual asset service provider) into the realm of authorized providers of crypto-related services to clients residing in the United Kingdom. Notably, the UK subsidiary company's managing director, Brinda Paul, formerly held the director of compliance position at Banxa in Melbourne. She struck an optimistic note in her comments on the approval, stating:"I am incredibly proud to have led this registration process to a successful outcome, especially considering the low approval rate of 7% for FCA registrations in 2023, - only 4 companies received their registration. Banxa believes the FCA's high standards, focusing on robust business models, corporate governance, risk management and compliance validates the Company's commitment to support cryptoasset adoption and the development of the crypto market in the UK while doing so in a compliant manner." Banxa's stature extends to its listing on the Toronto Stock Exchange, solidifying its position as a key player in the payments infrastructure domain. The company claims to be following a mission to “build the infrastructure to extend the benefits of crypto to every merchant & consumer in the world.” The firm includes Asian crypto service provider and investor OK Group among its list of initial investors. Other early stage investors include KuCoin and Australia’s Thorney Investment Group. Fiat processing servicesThe company specializes in fiat-processing services tailored for various cryptocurrency exchanges, including heavyweights like Binance and OKX. It’s interesting to note that in the case of these two companies, neither Binance nor OKX holds FCA approval for their crypto operations, although OKX has been making a concerted effort of late towards coming into compliance. Banxa has been accumulating money transmitter licenses in the United States. As of September, the company held 32 such licenses for various U.S. states. A pivotal aspect of FCA registration pertains to promotional endeavors targeting UK customers. Entities aiming to disseminate promotional materials to UK-based clients must either secure registration with the FCA or obtain approval for their promotions through an authorized entity. Responding to legislative changes, the FCA has rolled out updated guidance, extending its oversight to crypto promotions targeting UK consumers. This move aims to enhance consumer comprehension of crypto investments and associated risks, in line with the FCA's commitment to consumer protection and market integrity. New UK marketing rulesNew marketing rules have led to exchanges like Bybit withdrawing services from the UK market. Recent developments have also seen crypto platforms like KuCoin and HTX added to the FCA’s warning list of unregulated entities. Drawing insights from industry consultations, the FCA has refined its rules and accompanying guidance, integrating feedback from stakeholders to ensure coherence and effectiveness in navigating the evolving regulatory terrain. 

Akira ransomware, responsible for stealing $42 million from over 250 organizations across North America, Europe and Australia in just a year, is now targeting businesses in Singapore. In response, Singaporean authorities have issued a joint advisory warning local businesses about the increasing threat posed by a variant of this ransomware.Photo by Mike Enerio on UnsplashAlert follows complaintsThe alert follows multiple complaints from victims, prompting agencies like the Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) to take action. These agencies emphasize the urgency of recognizing and combating this threat. How Akira operatesAkira affiliates employ various techniques to infiltrate a victim's network. These include exploiting known vulernabilities. For example, that could mean the targeting of services like Cisco virtual private networks (VPNs) that have been configured without multi-factor authentication (MFA). Another approach that the ransomware incorporates is attacking external-facing services such as the Remote Desktop Protocol (RDP) via brute force. Social engineering is another tool within its repertoire. This involves tricking victims into downloading malicious software or entering credentials on phishing websites. There is a marketplace for compromised credentials in the dark web. Akira also relies on such data, acquiring it from access brokers who sell network access.  Once inside a network, Akira affiliates often create new domain accounts to maintain persistent access, even after reboots. They use numerous tools to steal user credentials, escalate privileges and spread throughout the network. Detection and prevention measuresThe Singaporean advisory outlines several strategies for detecting, deterring and neutralizing Akira attacks. Authorities strongly advise against paying ransoms, on the basis that doing so does not guarantee data recovery or prevent future attacks. Authorities also warn that paying ransoms can encourage further attacks. The FBI has noted that Akira operators do not contact victims. Instead, they expect victims to initiate contact. Payment in BitcoinThe advisory outlines how Bitcoin is implicated in the ransomware scam. It states:”Ransom payments are requested in Bitcoin, which are directed to cryptocurrency wallet addresses specified by the affiliates. The TOR site (.onion) where victims contact the affiliates, contains stolen information and a list of the affected organisations.” It’s not the first time that Singaporean authorities have issued warnings that have implicated Bitcoin and crypto. In January, the CSA and SPF, in a joint advisory, suggested that people should use hardware wallets in an effort to guard against crypto-related malware and phishing attacks. A number of weeks prior to that, Singapore’s former Prime Minister, Lee Hsien Loong, took to Facebook to issue a warning with regard to a crypto scam that involved the use of deceptive content generated using artificial intelligence (AI). Mitigation techniquesBusinesses are being urged by the authorities to adopt best practices to mitigate the Akira ransomware threat. They suggest the implementation of a recovery plan alongside the use of multi-factor authentication (MFA) in order to secure data and the access to that data.  They also suggest filtering network traffic as it helps in identifying and blocking malicious activities. Meanwhile, disabling unused ports and hyperlinks curbs the risk further as it reduces the attack surface. Lastly, the authorities suggested the use of system-wide encryption to protect data even if it is accessed by unauthorized entities.