Qatar Criticized for Regulatory Inaction Against Crypto Companies

North Korean Hackers Take Off With $100M Atomic Wallet HoneypotHaving reported last week on a $35 million hack of Atomic Wallet users’ funds, an update on the matter reveals that the situation is much worse than originally thought, with losses now exceeding $100 million.Photo by Kenny Eliason on Unsplash5,500 wallets compromisedThe attack has sent shockwaves throughout the crypto community, raising concerns about the security of decentralized wallets. Atomic Wallet, an Estonia-based project known for its non-custodial approach where users take full responsibility for storing their assets securely, has been hit hard by this unforeseen breach.Elliptic, a crypto compliance analysis company, published an update on the situation on Tuesday. According to that blog article, it estimates that approximately 5,500 crypto wallets have been compromised, meaning that losses have risen to more than $100 million, highlighting the severity of the attack.Despite the significant impact on users, Atomic Wallet has yet to provide an explanation regarding the root cause of these substantial losses. Users have taken to social media in frustration, demanding clarification from the company. Surprisingly, the company’s last direct update on Twitter dates back to June 7, leaving users feeling even more anxious.User frustrationOne user, Ezra Carlson, expressed frustration, questioning why Atomic Wallet didn’t warn users when they were aware of the ongoing hack. Carlson tweeted: “@AtomicWallet why won’t AM give me a straight answer about why they didn’t warn me, knowing full well that they were being hacked, that it was not safe to use AM last week before I made a transfer to my wallet that was then hacked.”Another user, “Real Deal Crypto,” criticized Atomic Wallet’s lack of updates, stating: “Your last update was five days ago — SERIOUSLY?!?!”Although Atomic Wallet acknowledged reports of compromised wallets on June 3, downplaying the impact by claiming that less than 1% of users were affected, the staggering sum of losses indicates a significant breach. Its last communication on the matter came on June 11 when, in responding to a user, the firm said that it continued to investigate and to await Twitter updates on the matter.Hack tied to North Korea’s Lazarus GroupElliptic has connected this heist to the notorious Lazarus Group, a cyber-criminal organization with ties to the North Korean regime, responsible for stealing over $2 billion in crypto assets through various thefts. This attribution marks the first time a significant crypto heist has been openly linked to the Lazarus Group since their $100 million exploit of Horizon Bridge in June 2022.In response to the heist, Elliptic has been collaborating with international investigators and exchanges, mobilizing resources to recover the stolen assets. Their efforts have reportedly led to the freezing of over $1 million worth of funds. However, the thief has adapted its behavior in response to the freezing of assets, turning to the Russia-based Garantex exchange to launder the stolen assets, as noted by Elliptic.This recent attack adds to a series of notable breaches in the crypto industry. Jimbos Protocol experienced an exploit resulting in a loss of $7.5 million, and Tornado Cash faced a malicious proposal that seized control of its governance in May. According to a report by Chainalysis, crypto hackers made off with an estimated $3.8 billion in 2022, with North Korea being responsible for a significant portion of the attacks.

Cebu Meeting of FSB Highlights Crypto RisksThe Regional Consultative Group for Asia of the Financial Stability Board (FSB) has highlighted the risks implicated by crypto assets in a series of meetings held on Thursday and Friday in Cebu, the Philippines.The FSB is an international body with a mandate to monitor the global financial system, as well as make recommendations in respect of that system. The agency was established by the G20 group of countries in April 2009, replacing its forerunner, the Financial Stability Forum.Photo by John Alvin Merin on UnsplashA regulatory framework for cryptoThe two-day event focused on non-bank financial intermediation (NBFI) in Asia and the development of an effective global regulatory framework for crypto-assets. It discussed recent developments in financial markets, together with their regional impact.In opening remarks, Philippine Central Bank Governor, Felipe Medalla, stated: “Crypto, the biggest issue there is, whether we like it or not is quite a lot, especially younger people who are actually gambling. They have huge losses, our view right now. Well, you’re there, it’s your problem and the regulation becomes strict the moment crypto meets banking.”International participants highlighted the need for the development of an effective global regulatory framework for crypto-assets. Particular concern exists with regard to the potential for systemic risk in relation to crypto and a potential overflow into the traditional financial system.Earlier this year, the FSB proposed a complete regulatory framework for cryptocurrencies, with the report having been originally submitted in October of last year. Among its key components is the imposition of tighter controls. It proposed the guiding principle of “same activity, same risk, same regulation” for crypto assets, mirroring the approach taken for traditional financial assets.Global approach to taming cryptoThis approach has proven to be problematic for people working within the digital assets space. Many of the core facets of cryptocurrencies are entirely different to anything we see in traditional finance. Trying to frame crypto within an existing approach and standard has been perceived by many to be akin to trying to fit a square peg in a round hole.It’s not the FSB's role or place to affect policy directly. That responsibility lies with policymakers and regulators in each individual country. However, the organization is seeking to influence those individuals and entities in the hope that they will employ its suggested regulatory framework.Klaas Knot, Chair of the FSB and President of the Dutch Central Bank, provided this view on crypto: “We will come up with a global regulatory framework. It also only makes sense to regulate this from a global perspective. Because, nowadays you can take a server and put it anywhere in the world and start issuing these digital assets.”From Knot’s take, it’s clear that governments and central bankers are cottoning on to the fact that individual nation-state regulation is futile to an extent where decentralized innovations like cryptocurrency are concerned. Others such as European Central Bank (ECB) President Christine Lagarde and Mark Branson, President of German financial markets regulator BaFin, similarly have called for a globally enforced regulatory approach over the course of the past year.Ongoing struggleWhile regulation can be helpful, particularly when it comes to the points at which crypto meets the traditional system, there’s no doubt that this emerging innovation will disrupt the conventional system to some degree or other. That may place an incentive before central bankers and governments to try and stymie the further development of digital assets.While a truly global approach to regulating digital assets could retard development of the sector, there is rarely total consensus among world governments on a single issue. Therefore, by its very nature, crypto, and the digital assets sector will likely continue to develop regardless. It’s more a question of how long that process takes.

Korbit Passes Post-Audit for ISMS-P and ISO CertificationsSouth Korean crypto exchange Korbit announced on Wednesday that it has successfully passed a post-audit to maintain its Personal Information and Information Security Management System (ISMS-P) certification and four different International Organization for Standardization (ISO) certifications — ISO 27001, ISO 27017, ISO 27018, and ISO27701.“By maintaining our ISMS-P and ISO certifications this year, we were able to reaffirm the stability and trustworthiness of Korbit’s personal information protection capabilities and security management system,” said Oh Se-jin, CEO of Korbit.Photo by FLY:D on UnsplashRigorous criteriaThe ISMS-P is a security management system jointly operated by the Ministry of Science and ICT and the Personal Information Protection Commission, representing the highest level of security management in Korea. It combines 80 requirements for Information Security Management System (ISMS) certification and 22 requirements for Personal Information Management System (PIMS) certification, totaling 102 requirements that must be met. Once obtained, certification is valid for three years, and annual post-audits are required to maintain its validity.Korbit first obtained ISMS-P certification in September of 2021 and has once again passed this year’s post-audit that was conducted last Wednesday.Meeting international standardsIn addition, the exchange had previously passed post-audits for four ISO certifications related to information protection and personal information management systems earlier in June. This includes ISO 27001 for information security management systems, ISO 27017 for information security controls on cloud services, ISO 27018 for protection of personally identifiable information (PII) in public clouds, and ISO 27701 for privacy information management systems.This achievement demonstrates Korbit’s commitment to reliability and security when operating and managing exchange services.“As a crypto exchange, we will continually focus on strict security management to ensure the protection of customer information and assets,” said CEO Oh.