IEEE to deploy skill certificates on blockchain for Indian members

One Store’s App Market to Support Polygon-Based dAppsSouth Korean native app market One Store said Friday that it has signed a memorandum of understanding (MOU) with Polygon Labs, the operator of the Polygon blockchain network, to provide robust support for Web3 games and decentralized applications (dApps) as part of its upcoming global service expansion.The signing ceremony for the MOU took place on Thursday at One Store’s headquarters in Seongnam, Gyeonggi Province. Peter Chun, CEO of One Store, and Marc Boiron, CEO of Polygon Labs, were in attendance.Polygon is a layer 2 scaling solution for Ethereum, with numerous domestic and international gaming companies already partaking in the Polygon ecosystem for a variety of purposes, such as Web3 game development and technological collaborations.Elevating user experienceThis new partnership is part of One Store’s efforts to offer enhanced choices for mobile users worldwide, setting its sights on overseas expansion and the creation of a global platform. With a focus on supporting Web3 games, the platform aims to cater to the blockchain gaming and app user base on an international scale, thus contributing to the expansion of the Web3 gaming ecosystem.Photo by Jonas Leupe on UnsplashAccording to the agreement, One Store will support marketing for Web3 games that have onboarded the Polygon platform, while Polygon Labs will encourage game developers that use its platform to enter One Store’s global market.“Through the upcoming global One Store platform, we will connect with users worldwide who are eagerly anticipating Web3 games and apps,” CEO Chun said.This marks a significant step towards the realization of a vibrant Web3 gaming and dApp landscape on a global scale. The collaboration is expected to bring about new opportunities and experiences for users seeking innovative and engaging digital content.Polygon’s collaboration with Korean industry leadersPolygon Labs has been teaming up with other Korean companies as well, including the telecommunications giant SK Telecom, in efforts to further nurture the ever-growing Web3 ecosystem.

A couple of recent reports have revealed how North Korean hackers have been moving funds to a Cambodian crypto payments platform while further insight has come to light with regard to how these hackers are compromising crypto companies. Huoine PayOn July 15, Reuters reported that Cambodian currency exchange and payments firm Huione Pay had received in excess of $150,000 in digital currency from a wallet associated with notorious North Korean hacking group Lazarus. Analysis of blockchain data demonstrated that the funds had been received by the Phnom Penh-headquartered payments firm in June 2023 and February 2024. Photo by allPhoto Bangkok on Unsplash‘Pig butchering’It’s understood that Lazarus stole those digital assets from three crypto firms during the months of June and July of 2023. While Huione has suggested that it was oblivious to the origin of the funds, a blog article by blockchain analytics company Elliptic, published to its website on July 10, suggested that “Huione Guarantee is an online marketplace that has become widely used by scam operators in South East Asia.”  Elliptic went on to assert that some of these scammers employ “pig butchering” techniques, where fraudsters manipulate the victim into investing into fraudulent crypto schemes. It added that “merchants on the platform offer technology, data and money laundering services, and have engaged in transactions totaling at least $11 billion.” The National Bank of Cambodia explained to Reuters that the company is not permitted to trade crypto and that it "would not hesitate to impose any corrective measures" against Huione. The platform is believed to have strong ties to Cambodia’s ruling family. One of the firm’s three directors is understood to be a cousin of the Cambodian Prime Minister, Hun Manet. The Lazarus hacking group is believed to have masterminded a $305 million hack of Japanese cryptocurrency DMM Bitcoin in May of this year. Pseudonymous on-chain investigator ZachXBT claimed on X that $35 million of the proceeds had been laundered through the Huione platform. Compromising crypto businessesIn a related development, a report by DL News published on July 15 has found that North Korean hackers are employing a new tactic in order to compromise crypto businesses. The hackers are scanning the internet for job postings advertised by the companies they’re targeting and submitting bogus applications. A report by the United Nations Security Council has revealed that in excess of 4,000 North Koreans have taken up employment with international technology firms. Part of the social engineering-based tactics employed by the hackers includes contriving to get employees within targeted companies to install malware.  Oftentimes, the resumes and LinkedIn profiles of real people are used in order to find a way in via the recruitment process. A report by DeFiLlama suggests that $664 million has been lost via instances of crypto hacking within the first half of 2024. 

The Singapore Police Force (SPF) and the Cyber Security Agency of Singapore (CSA) have jointly issued an advisory to raise awareness about the escalating use of cryptocurrency drainers in cyberattacks. The advisory aims to inform citizens about the threat and provide recommendations to protect against such attacks, with a specific emphasis on utilizing hardware wallets for enhanced security. Cryptocurrency drainers represent a form of malware that specifically targets crypto wallets. These malicious tools are often employed in phishing attacks to illicitly extract funds from users' wallets without proper authorization.Photo by Junrui Wu on UnsplashDrainer-as-a-service threatOf particular concern are commercial crypto draining kits, which empower less experienced cyber-criminals with sophisticated malware at no upfront costs. Operating on a drainer-as-a-service (DaaS) model, attackers share a predetermined percentage of the stolen funds with the service provider. The SPF and CSA underscored that crypto-drainer-related attacks typically originate from phishing campaigns. These campaigns commonly involve infiltrating verified social media accounts or dispatching fraudulent emails to users from compromised databases of major service providers. Unsuspecting victims who click on phishing links are redirected to counterfeit trading websites that prompt them to connect their Web3 wallets. Subsequently, a malicious smart contract is injected into the victim's system, enabling hackers to withdraw funds without additional authorization. MS Drainer and Inferno DrainerWhile no such attacks have been reported in Singapore to date specifically, the advisory acknowledges the rising recognition of this threat among hackers. Notably, an off-the-shelf crypto drainer called MS Drainer contributed to hackers stealing $59 million worth of cryptocurrency in 2023. Last month, Singapore-based cyber security firm Group-IB produced a report concerning the Inferno Drainer operation. According to the company’s research, the malware operation led to the theft of $80 million in digital assets globally, until the developers behind it shut it down last November. In December, the Pink Drainer hacking group notched up another victim, to the tune of $4.4 million in LINK tokens. Last week blockchain security firm Scam Sniffer reported that $10 million in digital assets had been stolen in phishing-related incidents over the course of just five days. Hardware walletsTo counteract these threats, Singapore authorities recommend the use of hardware wallets as a security measure against wallet drainer attacks. Additionally, the advisory instructs crypto investors to conduct thorough research before engaging with cryptocurrency services or platforms. Singaporeans are encouraged to report any suspicious incidents related to crypto drainers or phishing attacks to both relevant authorities and crypto service providers. In the event of a security breach, victims are urged to revoke any suspicious token approvals and promptly transfer their remaining funds to a different, secure wallet address to prevent further losses. This proactive approach aims to empower individuals with the knowledge and tools needed to navigate the risks associated with crypto drainers and foster cybersecurity awareness within the cryptocurrency ecosystem. As the threat landscape evolves relative to digital assets, this advisory serves as a valuable resource to educate citizens about the risks posed by crypto drainers.