US Treasury Sanctions Gaza-Based Crypto Operator

Hong Kong Police Issue Warning as Binance Users Lose Funds to Phishing ScamHong Kong has witnessed a surge in phishing scams targeting Binance users, prompting local law enforcement to issue a cautionary advisory.Photo by Serey Kim on UnsplashCyberDefender warningThe warning was issued by Hong Kong police via its CyberDefender Facebook page on Monday. Over the past two weeks, at least 11 Binance customers in Hong Kong fell victim to phishing scams, collectively losing over $446,000 (equivalent to HKD 3.5 million). These scams primarily involve fraudulent text messages.According to Hong Kong police, these fraudulent text messages claim to be from Binance and ask users to verify their accounts by clicking on a link provided within the message. On Facebook, the warning stated:“Recently, fraudsters posing as Binance sent text messages claiming that users must click the link in the message to verify their identity details before a deadline, otherwise their account would be deactivated.”Upon clicking the phishing link and entering their login credentials to “verify” their accounts, victims unwittingly grant fraudsters full access to their Binance accounts. This modus operandi mirrors the tactics commonly employed in phishing scams.CZ chimes inBinance CEO Changpeng Zhao (CZ) also joined in the cautionary chorus, issuing a warning to customers on his X account.The crypto sector in Hong Kong has been facing challenges recently, largely related to the recent JPEX fraud case. The losses incurred from the JPEX exchange scandal have swelled to an estimated $180 million, with over 2,300 victims filing complaints with local authorities.The JPEX scandal led to multiple arrests in Hong Kong and prompted authorities to intensify their efforts against illegal crypto activities. The Securities and Futures Commission (SFC) of Hong Kong introduced regulations mandating the licensing of all crypto exchanges operating within its jurisdiction earlier this year.To date, only two exchanges, HashKey and OSL, have secured licenses under this regulatory framework. Numerous other crypto exchanges in Hong Kong have submitted license applications, but Dubai-headquartered JPEX, despite heavily promoting its application for a Hong Kong license, failed to submit an application to the local regulator. In the wake of the JPEX scandal, the SFC published a comprehensive list of companies seeking crypto licenses and expanded its list of suspicious platforms.Cyber security firm Kaspersky found earlier this year that phishing related to crypto trading is on the rise in Asia, particularly in the Philippines. Binance’s CZ has had to issue warnings where phishing is concerned on previous occasions. He did so in July when the founder of decentralized crypto exchange (DEX) Uniswap was hacked.In February of last year, CZ came out again to warn users of a massive SMS-related crypto phishing scam. Back in 2018 a serious attempt was made to compromise the credentials of Binance platform users via phishing techniques.As phishing scams continue to pose a significant threat to crypto users in Hong Kong, and with the aftermath of the JPEX debacle still reverberating through the industry, vigilance and caution remain paramount for participants in the region’s crypto ecosystem.

McDonald’s Enters the Metaverse with McNuggets LandMcDonald’s, the global fast food giant, has ventured into the metaverse realm to commemorate the 40th anniversary of its beloved Chicken McNuggets, with McDonald’s Hong Kong spearheading the immersive experience.McNuggets Land, a virtual world situated within the metaverse platform The Sandbox, now welcomes enthusiastic players to embark on a quirky adventure filled with pixelated McNugget characters like “Coach McNugget” and his trusty sidekick, “Assistant Coach McNugget.” The project team behind The Sandbox laid out the details of the initiative via a blog post published on Medium on Thursday.In this novel virtual landscape, players are tasked with the mission of locating four McDonald’s signs, sparking excitement for the rewards that await. Among the enticing incentives are a shared prize pool of 100,000 SAND (approximately $44,000) and enigmatic “mystery boxes.” SAND is the native token of The Sandbox virtual world.Photo by Jas Rolyn on UnsplashCustomer engagement challengesThe CEO of The Sandbox, Sebastien Borget, expressed enthusiasm for collaborating with global brands like McDonald’s to drive mass adoption of the metaverse. The Sandbox has already witnessed the presence of several prominent brands like Adidas, Atari, and Gucci within its virtual world. Comparatively, it might be challenging for McNuggets Land to carve out a distinctive niche to capture enduring user engagement.Numerous brands have attempted whimsical activations within metaverses over the years, from Snapple’s virtual bodega to Taco Bell’s metaverse wedding. However, the fundamental question arises when virtual food or drink experiences are introduced — what’s the point when you can’t taste or smell in the metaverse?Bear market & regulatory setbacksMoreover, the timing of brands entering the Web3 space may be subject to scrutiny. With venture capital money flowing toward AI and Disney closing its metaverse ventures, the Web3 landscape faces a more challenging environment in 2023. The ongoing crypto winter and Securities and Exchange Commission (SEC) crackdowns have somewhat dampened the allure of these activations, making it imperative for brands like McDonald’s to offer a compelling “why” for their Web3 endeavors.Starbucks has been experimenting with its Web3 loyalty program called “Odyssey,” which ties in seamlessly with its customers’ real-world coffee purchases. This strategic approach aligns virtual rewards and digital collectibles with existing behaviors, giving added value to their regular activities. In doing so, Starbucks fosters a sense of community and gains valuable feedback for future improvements, ensuring a more sustainable and purposeful presence in the Web3 space.Formative developmentWhile McDonald’s McNuggets Land in the metaverse may excite some players with its whimsical charm, the bigger question remains: What value does it truly bring to the participants, and how does it ensure a lasting impact? In a rapidly evolving Web3 landscape, success lies in offering meaningful experiences that align with users’ existing behaviors and aspirations, fostering genuine engagement and community-building.We are still at a stage where consideration of the metaverse in terms of what it is, what it represents, and what experience users can or should glean from it is still formative. It remains to be seen as to the extent to which Mcdonald's will be successful in this instance, but it is encouraging that they’re brave enough to get involved with the innovation.

A couple of recent reports have revealed how North Korean hackers have been moving funds to a Cambodian crypto payments platform while further insight has come to light with regard to how these hackers are compromising crypto companies. Huoine PayOn July 15, Reuters reported that Cambodian currency exchange and payments firm Huione Pay had received in excess of $150,000 in digital currency from a wallet associated with notorious North Korean hacking group Lazarus. Analysis of blockchain data demonstrated that the funds had been received by the Phnom Penh-headquartered payments firm in June 2023 and February 2024. Photo by allPhoto Bangkok on Unsplash‘Pig butchering’It’s understood that Lazarus stole those digital assets from three crypto firms during the months of June and July of 2023. While Huione has suggested that it was oblivious to the origin of the funds, a blog article by blockchain analytics company Elliptic, published to its website on July 10, suggested that “Huione Guarantee is an online marketplace that has become widely used by scam operators in South East Asia.”  Elliptic went on to assert that some of these scammers employ “pig butchering” techniques, where fraudsters manipulate the victim into investing into fraudulent crypto schemes. It added that “merchants on the platform offer technology, data and money laundering services, and have engaged in transactions totaling at least $11 billion.” The National Bank of Cambodia explained to Reuters that the company is not permitted to trade crypto and that it "would not hesitate to impose any corrective measures" against Huione. The platform is believed to have strong ties to Cambodia’s ruling family. One of the firm’s three directors is understood to be a cousin of the Cambodian Prime Minister, Hun Manet. The Lazarus hacking group is believed to have masterminded a $305 million hack of Japanese cryptocurrency DMM Bitcoin in May of this year. Pseudonymous on-chain investigator ZachXBT claimed on X that $35 million of the proceeds had been laundered through the Huione platform. Compromising crypto businessesIn a related development, a report by DL News published on July 15 has found that North Korean hackers are employing a new tactic in order to compromise crypto businesses. The hackers are scanning the internet for job postings advertised by the companies they’re targeting and submitting bogus applications. A report by the United Nations Security Council has revealed that in excess of 4,000 North Koreans have taken up employment with international technology firms. Part of the social engineering-based tactics employed by the hackers includes contriving to get employees within targeted companies to install malware.  Oftentimes, the resumes and LinkedIn profiles of real people are used in order to find a way in via the recruitment process. A report by DeFiLlama suggests that $664 million has been lost via instances of crypto hacking within the first half of 2024.