Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Crypto World

Balaji Pushes for Malaysia Deal, Warns of Exit After Network School Probe

Published

on

Crypto Breaking News

Balaji Srinivasan, the founder of Network School—an in-person tech community in Malaysia—says he is seeking an official memorandum of understanding (MoU) with Malaysia after authorities opened an investigation into allegations that the community was sheltering Israeli citizens using second passports.

Malaysia’s Home Affairs Ministry said it is checking the Forest City project in Johor after reports claimed Israelis were present in violation of immigration rules. The ministry said initial checks found that all 266 foreign nationals linked to the community were holding valid travel documents, while the investigation continues.

Key takeaways

  • Malaysia is investigating Network School after claims that it included Israelis who would be in breach of immigration requirements.
  • The Home Affairs Ministry reported that preliminary document checks for 266 foreign residents showed valid paperwork.
  • Srinivasan is requesting an MoU to provide “legal certainty” for future investment and operations in Malaysia.
  • He has paused planned expansion spending in Malaysia pending assurance that the allegations will not repeat.
  • The case underscores how “crypto utopias” and digital-native communities still rely on conventional state frameworks for legality.

An MoU aimed at legal certainty

Srinivasan framed the request for a formal agreement as a solution to uncertainty around the legal standing of Network School’s residents and investors. He said that without a document clarifying that the community is welcome, Network School could shift its capital elsewhere.

In a video directed to Malaysian Prime Minister Anwar Ibrahim, Srinivasan said he wants something more concrete than broad assurances that “tech is welcome,” arguing that the community needs personal confirmation that it is legally and politically accepted. He did not detail the final structure of the agreement, but suggested it could take the form of a memorandum of understanding or involve an adjustment to a special economic zone provision.

According to Srinivasan, the MoU is also intended to ensure that additional capital commitments do not become hostage to future immigration disputes. He said he is putting further investments in Malaysia, including a $122 million expansion plan for the community, on hold until he receives “sufficient assurance” that the situation will not recur.

Advertisement

Malaysia’s investigation: initial checks show valid documents

Malaysia’s Home Affairs Ministry said Tuesday that it is investigating the Network School project in Johor following allegations that the community included Israelis in a way that would violate immigration law. The ministry reported that its initial checks reviewed documents for 266 foreign nationals connected to the effort and found that they were all in possession of valid travel documents.

While the preliminary findings suggest paperwork compliance at least on the documentation front, the fact that a probe has been initiated indicates that authorities are still looking beyond the mere existence of valid travel documents—particularly in relation to nationality-specific entry requirements and the underlying claims prompting the scrutiny.

How the allegations surfaced

The claims appear to have originated from social media. The article reports that the allegations were traced back to a post on Instagram from the activist group “Malaysian Protest 4 Palestine,” which accused Network School of operating as a “gathering place for Israeli entrepreneurs.”

Under Malaysia’s rules, Israeli passport holders are reportedly not allowed to enter without written permission from the Malaysian Ministry of Home Affairs, and Malaysia does not recognize Israel or maintain diplomatic relations with the country. This policy forms the basis for why the allegations—if true—would raise legal concerns.

Advertisement

It also highlights a recurring challenge for projects that present themselves as international or border-agnostic communities: even when members hold valid documents, eligibility and entry permissions can still hinge on a broader framework of state policy.

The broader tension for border-dependent “crypto utopias”

Network School is marketed as a physical community for tech builders and founders, and Srinivasan has previously positioned it as part of a more ambitious vision for technology-driven institutions. The current dispute reflects a tension many similar communities face: they may want to create digital-native ecosystems—complete with their own norms, networks, and economic activity—yet their continued operation ultimately depends on conventional government permission and legal clarity.

The episode is therefore more than a single-country immigration story. It raises questions about how quickly digital communities can institutionalize without first securing stable legal frameworks for their participants—particularly when public allegations or geopolitical sensitivities intersect with immigration rules.

In Srinivasan’s account, the need for an MoU is not about asking for special treatment, but about reducing uncertainty that can immediately affect capital plans. That dynamic is a practical issue for builders and investors alike: expansion timelines, residence planning, and onboarding of international participants can all become difficult if the legal status of the community or its membership composition remains in dispute.

Advertisement

While Malaysia’s ministry has stated that initial document checks found valid papers for the 266 foreign nationals involved, the investigation’s outcome—and whether an MoU will satisfy the “assurance” Srinivasan is demanding—will determine whether Network School can proceed without further interruptions.

Readers should watch next for the scope of Malaysia’s continuing review and whether Srinivasan’s requested agreement clarifies how immigration requirements will be applied to Network School residents going forward.

Risk & affiliate notice: Crypto assets are volatile and capital is at risk. This article may contain affiliate links. Read full disclosure

Advertisement

Source link

Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Crypto World

Analyst Says Long-Term Bullish Setup Could Take Ethereum to $22K

Published

on

Ethereum (ETH) could be entering the final stage of a long-term bullish pattern that eventually sees it go as high as $22,000, according to new analysis shared by pseudonymous crypto commentator NoName on July 17.

While the projection is highly speculative, it has added to a growing debate over whether ETH’s June lows marked the start of a broader recovery.

Analyst Points to Long-Term Chart Patterns After ETH Rebound

According to a chart the market watcher shared on X, since 2021, Ethereum has been building what technical analysts call an expanding diagonal, consisting of five waves, with each successive wave becoming larger than the last one. They pointed out that the first four waves were already done, with the fourth having found support between $1,072 and $1,385.

“That’s the floor this entire structure was building toward,” NoName explained, adding that expanding diagonals often end with a fifth wave that breaks above the previous cycle high. They also compared ETH’s structure to a historical Dow Jones Industrial Average (DJIA) fractal and said that both charts have a similar formation and could produce a similar breakout. Based on that interpretation, the projected target is anywhere from $12,000 to $22,000.

Advertisement

“Same structure, same resolution,” wrote the analyst. “Wave 5 target: 12k-22k.”

They also described ETH as “one of the most underpriced assets on the market” currently, suggesting that many people had given up on it, which could create an opportunity for long-term investors.

Another analyst, Crypto Patel, reached a similar conclusion using a different framework. In his version, he said that Ethereum has been following a Wyckoff accumulation pattern that could eventually lift the asset toward $10,000 by 2027 or 2028, provided the recent swing low around $1,500 remains intact. The trader also identified resistance between $2,400 and $2,600 and called it the first major hurdle the world’s second-largest cryptocurrency will have to overcome before any larger advance in its price could begin.

CryptoQuant contributor CW8900 also struck an optimistic note, sharing data showing that Ethereum wallets holding more than 100,000 ETH have gone back to green following the latest rebound. According to him, whales have only fallen into loss during major market bottoms, and their return to profit on many occasions has coincided with either a sustained rally or a meaningful short-term recovery.

The Other Side of the Coin

In June, ETH went very close to the $1,500 level, but softer-than-expected US inflation data released this week helped push it up to its highest level in a month and a half at $1,940 before sellers dragged it back below $1,900.

Advertisement

At the time of writing, CoinGecko data showed the asset trading close to $1,800, having dropped by about 5% in 24 hours but still up more than 3% during the past week.

But while those recent gains have improved sentiment, the market is not all rowing in the same direction. According to analyst Crypto Rover, a repeating 1,369-day cycle points to a scenario where ETH could move back below $1,500 before a lasting bottom forms.

The post Analyst Says Long-Term Bullish Setup Could Take Ethereum to $22K appeared first on CryptoPotato.

Source link

Advertisement
Continue Reading

Crypto World

AI Future Forum 2026 in Dubai!

Published

on

Crypto Breaking News

On December 1–2, 2026, in Dubai, alongside Blockchain Life 2026 — one of the world’s largest events for Web3, crypto, mining, and AI — the all-new AI Future Forum takes the stage.

Expect visionary founders, global investors, breakthrough AI projects, robotics, and the technologies that will shape the next decade of the digital economy.

With 15,000+ attendees from 130+ countries and 200+ industry-leading speakers, the AI Future Forum is set to become the world’s premier destination where AI, Web3, and crypto leaders come together to shape what’s next.

What awaits participants?

Advertisement

🔹 A full week of live networking with key players from around the world: 2 days of the forum, hundreds of side events, exclusive meetings, and the Formula 1 Grand Prix Final.

🔹 200+ top speakers: leading AI experts, founders of technology companies, investors, representatives of top AI startups, and leaders of the digital industry. The focus will be on the practical application of AI, its integration with crypto and business, and the technologies shaping the new digital economy.

🔹 A large-scale expo zone: 200+ leading companies in robotics, AI development, Web3 projects, and the most progressive startups.

🔹 The legendary AfterParty at one of Dubai’s top clubs with a globally known headline artist.

Advertisement

🔹 Startup Pitch – an opportunity to present your project to the international community and attract attention from investors and funds.

🎟️ One ticket. Two world-class events.

Exclusive limited offer! AI Future Forum ticket includes full access to Blockchain Life 2026.

🔥 Get 10% off with promo code WEB3DIGITAL before the prices go up: 

Advertisement

https://ai-future.com/ 

Risk & affiliate notice: Crypto assets are volatile and capital is at risk. This article may contain affiliate links. Read full disclosure

Source link

Advertisement
Continue Reading

Crypto World

Tokenization has become a strategic priority for 84% of financial firms

Published

on

Tokenization has become a strategic priority for 84% of financial firms

On Wednesday, DTCC completed its first live production trades involving tokenized securities, marking a major step toward bringing blockchain technology into traditional financial markets.

Broadridge’s findings suggest those efforts are influencing the broader industry. Sixty-eight percent of respondents said tokenization will at least partially reshape financial markets within the next three to five years, while nearly one-third plan to increase investment in tokenization projects by 26% to 50% or more over the next two years.

The survey also found firms are not preparing for an all-onchain future. Instead, 92% expect digital and traditional assets to coexist for the foreseeable future, and 69% plan to integrate tokenization into existing infrastructure rather than build separate blockchain-native systems.

That mirrors the approach taken by many large financial institutions, which have generally focused on connecting blockchain networks to existing trading, custody and settlement systems instead of replacing them.

Advertisement

Adoption remains uneven across the industry. Forty-four percent of capital markets firms said they already have tokenization initiatives in production or operating at scale, compared with 20% of asset managers and 9% of wealth managers.

The survey also pointed to where firms expect tokenization to gain traction first. About 80% of respondents believe tokenized mutual funds and money market funds will play a meaningful role within five years, reflecting the rapid growth of tokenized Treasury products. By comparison, only about half expect tokenized equities to achieve similar adoption over that period.

Source link

Advertisement
Continue Reading

Crypto World

Kaspersky Flags Malware Framework Targeting Crypto Investors

Published

on

Crypto Breaking News

Cybersecurity researchers are flagging a fresh wave of malware tactics aimed at people who hold, build, and advise on crypto-related software. Kaspersky, for instance, says it has discovered a new malware framework—dubbed OkoBot—that targets cryptocurrency investors by combining social engineering with data theft capabilities.

At the same time, SlowMist warns of a separate intrusion campaign that targets Web3 developers through seemingly legitimate recruitment messaging on LinkedIn, pushing victims to run poisoned code hosted on GitHub. Together, the incidents underscore how attackers are increasingly using everyday work routines—interviews, code trials, and app installs—as delivery mechanisms for malware.

Key takeaways

  • OkoBot is designed to steal crypto-related data by harvesting wallet files, browser information, credentials, and injected browser or extension activity.
  • Kaspersky says it has observed multiple OkoBot-linked attacks since January 2026, and that the framework evolved from an earlier campaign called TookPS.
  • OkoBot’s infrastructure reportedly routes all payload delivery through an SSH tunnel, enabling remote data transport to attacker-controlled systems.
  • SlowMist reports LinkedIn-based “recruiter” scams that deliver malicious GitHub repositories disguised as technical interview tasks for Web3 developers.
  • The recruitment workflow mirrors legitimate developer interviews closely enough to lower suspicion, increasing the chance victims will run the malicious code.

OkoBot targets crypto holders through wallet and browser theft

In a report released this week, Kaspersky described OkoBot as a malware framework that kickstarts an infection chain using social engineering and “malicious app” delivery tactics. According to Kaspersky, the initial entry includes tricks such as ClickFix, which aims to persuade users to execute harmful commands, as well as trojanized GitHub applications that can introduce a backdoor to a compromised device.

Once a system is under attacker control, Kaspersky says OkoBot is capable of collecting sensitive information that is directly relevant to crypto ownership. The company reports that the malware can:

  • Harvest cryptocurrency wallet files.
  • Extract browser data and user credentials.
  • Inject malicious extensions.
  • Capture wallet application windows, potentially enabling theft through on-screen or session-related data.

Kaspersky also stated that it identified multiple attacks using this malware family since January 2026. For investors, the practical concern is not only that wallets could be accessed, but also that browser activity and stored authentication data can be used to move faster toward account takeovers or transfer operations.

How the infrastructure works: payload orchestration via SSH

A notable detail in Kaspersky’s analysis is that OkoBot allegedly differs from prior campaigns by how it manages its malicious payloads. Kaspersky said the framework orchestrates all 20 malicious payloads via an SSH tunnel, which supports remote transport of data from compromised computers to systems controlled by attackers.

Advertisement

That matters because it points to an operational model where the attacker retains strong control over follow-on stages after initial compromise. Instead of relying solely on static behavior, a tunneled architecture can help attackers adapt to victims and collect information more reliably, depending on what the malware finds on each host.

Kaspersky also described OkoBot as an evolution of TookPS, a malware campaign first identified in 2025 that distributed a Trojan downloader through fake software websites. By evolving from an earlier delivery approach and adding more coordinated payload handling, the OkoBot framework appears positioned to increase both infection success and post-compromise effectiveness.

LinkedIn recruitment scams push Web3 devs into running poisoned repositories

Separate research from SlowMist focuses on a different target set: Web3 developers. In a report published on Saturday, the firm said attackers are reaching developers through LinkedIn messages that impersonate Web3 recruiters.

SlowMist’s description of the workflow suggests attackers are deliberately choosing a high-trust, familiar entry point. After initial contact, victims are sent what appear to be fake GitHub repositories, framed as a “minimum viable product” that the developer should install and try before an interview.

Advertisement

The technique is effective, SlowMist argues, because it resembles a real technical interview process. The report notes that a legitimate developer workflow often involves pulling code, installing dependencies, and launching a project—steps victims naturally perform while preparing for an interview. In that environment, malicious code can be less obvious, especially if the victim does not expect a security risk from a repository “connected” to a recruiting conversation.

What attackers aim to steal from developer systems

SlowMist said the end goal is to deliver a complete remote access trojan to the victim’s device. Once established, the malware could enable attackers to steal sensitive materials associated with development and operations, including project keys, cloud credentials, or data tied to wallet extensions.

SlowMist also emphasized that the recruitment approach is part of a broader pattern: attackers are increasingly leveraging scenarios such as recruitment, code reviews, and project collaborations to trick developers into running malicious repositories. In other words, this is not only about deception, but also about timing—waiting for the moment a developer is likely to execute code as part of normal work.

Importantly, this LinkedIn-focused warning came after SlowMist reported another campaign targeting macOS users. That earlier effort, as SlowMist described it, aimed to steal credentials and hijack Telegram sessions in order to coerce victims into submitting wallet recovery phrases through fake websites. While the TTPs differ between the campaigns, both point to the same underlying threat: attackers are methodically chaining social engineering and credential theft to ultimately compromise crypto access.

Advertisement

Going forward, both reports suggest readers should watch for more “legitimate-looking” pathways into compromise—especially where code execution is requested via recruiters, interview workflows, or third-party repositories. For investors and developers alike, the immediate question is not only whether malware is present, but whether attackers can leverage everyday trust and authenticated sessions to reach wallet-relevant secrets quickly.

Risk & affiliate notice: Crypto assets are volatile and capital is at risk. This article may contain affiliate links. Read full disclosure

Source link

Advertisement
Continue Reading

Crypto World

Adam Back Talks About Bitcoin BIP-110 Controversy. “Satoshi Was Not Retarded”

Published

on

A 1997 Mailing List Holds a Clue to the Satoshi Puzzle

Adam Back, Blockstream’s CEO, dismissed claims that Satoshi Nakamoto backed BIP-110, a contested Bitcoin (BTC) soft fork proposal. He mocked its backers on X for failing to fund what he called a cypherpunk summer celebration.

The exchange unfolded on July 18, 2026, as the debate over BIP-110 proposal approaches a critical signaling deadline. Back predicted the fork attempt would collapse within weeks of that deadline.

Adam Back Questions the Satoshi Assumption

A user on X argued Nakamoto would still back BIP-110 if he were alive today. Back rejected the premise outright. He then questioned whether Nakamoto is even dead, calling it pure speculation either way.

Back also denied being Nakamoto himself. The remark reopened a long-running debate over Bitcoin governance and who speaks for its founding vision. Back has weighed in on this dispute before, in his earlier fork risk warning.

Bitcoin, meanwhile, traded near $63,944 on the Bitcoin price chart, up 1.43% in 24 hours.

BIP-110 Struggles to Gain Miner Support

BIP-110 would temporarily cap the size of arbitrary data miners can embed in Bitcoin transactions, targeting Ordinals-style inscriptions. However, miner backing has stayed minimal so far. Signaling data show just 0.86% of blocks in the current difficulty period support the proposal. That is far short of the 55% threshold needed for lock-in.

Advertisement

Back mocked the proposal’s backers directly, pointing to their failure to monetize the campaign.

sad part is we didnt manage to get the 110 fork to pay for the cypherpunk summer afterparty. no airdrop, no liquidity, no fork futures. no money where their mouth is. ofc as they too know it’s failed.

Back

The comment, meanwhile, echoes the long-running BIP-110 dispute that has split developers for months.

What Happens When Signaling Turns Mandatory

Mandatory signaling begins around block 961,632, roughly three weeks from Friday’s chain tip near block 958,529. Back predicted the fork would stall almost immediately afterward.

Advertisement

He said the first mandatory signaling block would trigger an automatic split. Bitcoin nodes always follow the chain with the most cumulative work.

Miners would have little reason to keep mining once their chain fell behind, Back said. He compared the abandoned fork to a “Pompeii chain,” frozen as a monument to the attempt’s failure.

The prediction follows Back’s earlier pushback against separate claims that Bitcoin would effectively fire noncompliant miners in August.

It also lands alongside renewed chatter about Satoshi’s dormant coins, another flashpoint in the identity debate.

Advertisement

Whether BIP-110 activates or fades away may hinge on how many miners flip the switch once signaling turns mandatory.

The post Adam Back Talks About Bitcoin BIP-110 Controversy. “Satoshi Was Not Retarded” appeared first on BeInCrypto.

Source link

Advertisement
Continue Reading

Crypto World

SpaceX Stock Sinks Below IPO Price: The Hype Is Over?

Published

on

SpaceX Stock Sinks Below IPO Price: The Hype Is Over?

SpaceX (SPCX) shares slipped below their $135 initial public offering (IPO) price this week. The stock had peaked above $200 in the weeks following its record Nasdaq debut. Elon Musk dismissed the retreat and predicted the company will eventually outvalue Earth itself.

The stock was priced at $135 a share in June, raising $75 billion in the largest IPO on record. It has now lost roughly a third of its value from that peak. Short interest surged as the price fell.

SpaceX Stock Price Chart. Source: Yahoo Finance

SpaceX’s Bold Claim Meets a Falling Stock

Musk’s forecast followed a SpaceX stock crash that wiped billions from his fortune this month. Musk responded directly to entrepreneur Peter Diamandis on X.

Diamandis argued that all owned material wealth on Earth totals about $600 trillion. Space, in his view, holds nearly infinite quantities of the same resources.

Advertisement

Musk’s math rests on that comparison, though it hinges on SpaceX reaching goals he never specified. The claim, however, is not new. Musk floated a similar SpaceX outvalue Earth argument earlier this month, well before the stock tested its IPO floor.

SpaceX Stock Price
SpaceX Stock Price. Source: TradingView

Short Sellers Draw Musk’s Ire

Bearish bets against SpaceX climbed sharply as the stock fell. Short interest reportedly reached about 185 million shares, or 29% of the tradable float.

That figure stood at roughly 40 million shares just three weeks earlier. It represents close to $25 billion in bearish wagers. Short sellers already hold an estimated $8.7 billion in paper profits.

The rapid buildup followed SpaceX’s historic IPO, which also sparked a rally in tokens tied to Musk, including Dogecoin. One widely shared post mocked the Ivy League pedigrees of short sellers. Musk then issued a warning of his own on X.

He offered no evidence for that claim, and the stock kept sliding regardless.

What Comes Next for SpaceX

The stock now trades near a level flagged in a recent falling wedge pattern. That pattern points to a possible rebound toward $158. Investors will also watch August share unlocks. That date lets insiders sell shares for the first time since the IPO, adding potential fresh supply.

SpaceX also scrubbed a Starship test flight this week. Automated safety systems halted the countdown at T-minus zero after several Raptor engines failed to ignite. Musk said two engines need replacement, with the next attempt likely early the following week.

Musk has separately argued that the scarcity of goods and services will eventually disappear. It reflects a related piece of his broader worldview on abundance.

Advertisement

That vision, though, remains untested against SpaceX’s near-term performance. Short sellers, meanwhile, appear willing to bet against the stock before the unlock date arrives.

The post SpaceX Stock Sinks Below IPO Price: The Hype Is Over? appeared first on BeInCrypto.

Source link

Advertisement
Continue Reading

Crypto World

Kaspersky Flags Malware Framework Aimed at Crypto Investors

Published

on

Crypto Breaking News

Two separate cybersecurity reports point to a growing trend in crypto-related malware: attackers are no longer relying only on obvious phishing emails. Instead, they are moving closer to the workflows people already use—recruiting pipelines, developer code trials, and wallet-related software behavior.

Kaspersky says it has uncovered a cryptocurrency-targeting malware framework dubbed “OkoBot,” which initiates an infection chain through social engineering, malicious commands, and trojanized GitHub applications. Separately, SlowMist describes a campaign aimed at Web3 developers that starts with fake LinkedIn recruitment offers and ends with poisoned repositories designed to deliver remote access.

Key takeaways

  • Kaspersky links the OkoBot framework to wallet theft activity, including harvesting wallet files and capturing browser and credential data.
  • OkoBot is designed to steal assets by injecting malicious browser extensions and collecting wallet application windows, Kaspersky reports.
  • SlowMist warns that fake “recruitment” messages are being used to trick developers into running malicious GitHub repositories that resemble legitimate interview tasks.
  • SlowMist says the campaign’s goal is to deliver a remote access trojan that can exfiltrate project keys and cloud or wallet extension data.
  • Both reports emphasize social engineering paths—ClickFix-like tactics or developer-targeted collaboration scenarios—that make the attacks harder to spot.

Kaspersky: OkoBot targets crypto investors through wallet and credential theft

In a report released this week, Kaspersky describes OkoBot as a malware framework built to compromise cryptocurrency investors by chaining together multiple stages of intrusion. The first step is not purely technical; it relies on social engineering methods intended to get victims to act.

According to Kaspersky, initial access can come from tactics such as ClickFix, a technique that aims to trick users into running malicious commands. Alternatively, attackers may deliver similar outcomes by distributing trojanized GitHub apps that include backdoors once installed.

After gaining a foothold, Kaspersky says OkoBot has capabilities specifically relevant to crypto users and their systems. The malware can harvest crypto wallet files, collect browser data and user credentials, and manipulate the victim’s environment by injecting malicious extensions. It also reportedly captures wallet application windows, which can give attackers a more direct path to stolen assets than credential theft alone.

Advertisement

Kaspersky added that it has observed multiple attacks involving the OkoBot malware family since January 2026, suggesting the framework is not a one-off operation but part of an active campaign.

Evolution from TookPS: more orchestration, more reach

Kaspersky also frames OkoBot as an evolution of a prior threat. The company says the malware framework evolved from “TookPS,” a campaign first identified in 2025 that distributed a Trojan downloader via fake software websites. That earlier stage matters because it signals a progression in how attackers deliver and manage malicious payloads: from initial trickery and download into a more structured compromise process.

A distinctive operational detail in Kaspersky’s account is how OkoBot manages its payloads. The report states that it orchestrates all 20 malicious payloads via an SSH tunnel, allowing remote transport of data from infected computers to infrastructure controlled by attackers.

For investors and defenders, this design choice matters because it can complicate incident response. Data exfiltration over an SSH tunnel may blend with normal encrypted traffic patterns, and the multi-payload architecture suggests victims may not see a single obvious “binary” responsible for damage.

Advertisement

SlowMist: fake LinkedIn recruiting and “try before interview” repositories

In a separate report, SlowMist describes another approach to malware delivery: it targets Web3 developers by disguising an attack as recruitment. Rather than sending victims a generic phishing link, attackers reportedly contact developers through LinkedIn while posing as Web3 recruiters.

SlowMist says the attackers follow up with instructions to download and run code from fake GitHub repositories. The bait is framed as a realistic recruitment process: the repository is presented as a “minimum viable product” that the developer should try before the interview, which aligns closely with how technical screenings often work.

The company notes that the workflow looks and feels like a genuine interview assignment: developers are expected to pull code, install dependencies, and launch the project. That resemblance is a key factor in why the attack can be difficult to detect—there may be no obvious sign that a “try it now” task is actually weaponized.

Remote access trojan goals: keys, credentials, and extension data

According to SlowMist, the end goal of the LinkedIn-and-GitHub tactic is to deliver a complete remote access trojan onto the victim’s device. Once installed, SlowMist says attackers can steal sensitive information relevant to Web3 work, including project keys, cloud credentials, or wallet extension data.

Advertisement

SlowMist also emphasizes that this is not an isolated tactic. The report argues that attackers are increasingly exploiting scenarios that encourage developers to run code—such as recruitment tasks, code reviews, and project collaborations—turning normal professional behavior into an infection vector.

It is also notable that SlowMist’s write-up arrives amid a broader pattern of recent warnings. The security firm had also previously cautioned about a separate malware campaign targeting macOS users, designed to steal credentials, hijack Telegram sessions, and ultimately pressure victims into entering wallet recovery phrases via fake websites.

For readers and builders, the common thread across both reports is the same: attackers are calibrating their intrusions to the moments when people are most likely to click “run,” install, or test code—whether that happens after a recruiter message on LinkedIn or after a malicious “app” appears to be a legitimate GitHub tool. The next thing to watch is whether these campaigns expand into more standardized tooling for developers and more automation for account-level compromise, since both Kaspersky and SlowMist describe activity that looks organized and iterative rather than sporadic.

Risk & affiliate notice: Crypto assets are volatile and capital is at risk. This article may contain affiliate links. Read full disclosure

Advertisement

Source link

Continue Reading

Crypto World

Kaspersky exposes OkoBot’s 20-module crypto wallet attack

Published

on

Kaspersky exposes OkoBot’s 20-module crypto wallet attack

Kaspersky has exposed OkoBot, a year-old malware operation that uses roughly 20 modules to steal crypto wallet recovery phrases and has affected users across at least five countries.

Summary

  • Kaspersky uncovered OkoBot using roughly 20 modules to steal crypto wallet credentials.
  • The malware has affected users in Brazil, Vietnam, Canada, Mexico, and Turkey.
  • OkoBot uses fake recovery screens, keylogging, spyware, and ClickFix commands to target victims.

Kaspersky researchers discovered that the malware has remained active for more than a year, according to a report published by Bits.media. Most identified victims were located in Brazil, Vietnam, Canada, Mexico, and Turkey, while the operators blocked IP addresses from Russia and other Commonwealth of Independent States countries.

Distributed through GitHub repositories, OkoBot is disguised as legitimate software, including Microsoft SQL Server Management Studio. Kaspersky found that the attackers rely on the ClickFix social engineering method, which tricks victims into running malicious commands on their own devices.

Advertisement

The technique often presents users with fake error messages, verification steps, or repair instructions. Following those directions causes victims to execute code that installs the malware without realizing the command is malicious.

OkoBot targets seed phrases and wallet credentials

Among OkoBot’s modules, SeedHunter displays a fake recovery interface linked to hardware wallets such as Ledger and Trezor, according to Kaspersky. When users enter their recovery phrases into the fraudulent screen, the module sends the information to the malware operators.

A second module called MC Keylogger records keyboard input and monitors clipboard activity, allowing it to capture passwords, copied wallet addresses, and other credentials. OkoSpyware can track wallet passwords and record videos of open windows, giving attackers another way to observe activity on an infected device.

Advertisement

Once a recovery phrase is exposed, the attackers can use it to take control of the associated wallet and move its assets. Kaspersky warned that victims have little chance of recovering stolen cryptocurrency because blockchain transfers are generally irreversible.

The malware’s modular design also lets its operators collect different types of information from a single infected system. According to the security company’s findings, OkoBot can target both wallet access data and credentials connected to other services used on the device.

ClickFix attacks have also targeted crypto developers

OkoBot is the latest malware campaign found using ClickFix against the cryptocurrency sector. As crypto.news reported in April, North Korea’s state-backed Lazarus Group used the same technique in a macOS campaign known as “Mach-O Man.”

Citing research from CertiK, the report found that Lazarus sent fake online meeting invitations to fintech and crypto executives. Victims were instructed to paste supposed repair or verification commands into the macOS Terminal, which installed malware capable of stealing cryptocurrency and corporate information.

Advertisement

CertiK also found that the Mach-O Man toolkit deleted itself after running, making forensic analysis more difficult. The campaign combined social engineering with terminal-level commands instead of relying only on malicious file downloads.

Developer tools have provided another route into crypto systems. In May, crypto.news reported that TrapDoor malware was distributed through poisoned software packages targeting developers in cryptocurrency, decentralized finance, artificial intelligence, and security infrastructure.

According to that report, TrapDoor sought wallet data, API keys, cloud credentials, and SSH access tied to services and ecosystems including Coinbase, Binance, MetaMask, Brave, Solana, Sui, and Aptos. Researchers also found hidden prompts designed to manipulate Claude and Cursor into running fake security scans that exposed secrets and transmitted them to the attackers.

Advertisement

Source link

Continue Reading

Crypto World

France Orders ISPs to Geoblock Polymarket Over Gambling Rules

Published

on

Crypto Breaking News

France’s gambling regulator has ordered internet service providers to block access to Polymarket, escalating a wave of restrictions aimed at prediction platforms operating outside local authorizations.

In a Friday press release, the Autorité nationale des jeux (ANJ) said prediction websites fall under illegal gambling rules if they are not authorized, adding that advertising or promoting such sites is a criminal offense punishable by fines of up to 100,000 euros.

Key takeaways

  • France’s ANJ has ordered ISPs to block Polymarket, citing lack of authorization and illegal gambling promotion risks.
  • The regulator argues Polymarket’s features resemble regulated gambling, but without “protective mechanisms” found in the legal market.
  • ANJ also raised concerns about possible outcome manipulation, including allegations involving weather-related contracts.
  • Polymarket has already been geoblocked in multiple regions, according to its own documentation.
  • Regulatory scrutiny is not limited to Europe: similar legal disputes have played out in the US between state actors and federal authorities.

France moves to block Polymarket

The ANJ’s order targets access to Polymarket through internet service providers, framing the platform as an unauthorized gambling offering. According to the regulator, Polymarket’s operations are not authorized in France, and the advertising of gambling sites without permission constitutes a criminal offense.

The decision comes as prediction markets continue to gain mainstream attention. Polymarket, in particular, has grown rapidly over the last two years, with trading volume reaching billions of dollars, even as regulators worldwide question whether its event contracts are gambling products, unlicensed offerings, or something closer to financial instruments.

France’s action also reinforces a broader pattern of country-by-country enforcement. Polymarket access has been blocked in places including Singapore, Poland, Portugal, Hungary, Ukraine, Brazil, and Indonesia, while at press time Polymarket said it was geoblocked in 36 regions, based on its published API documentation.

Advertisement

ANJ cites “addictive” mechanics and missing safeguards

Beyond the authorization question, the ANJ’s reasoning focuses on how prediction products are experienced by users. The regulator said Polymarket offers “addictive features” that are comparable to those of legally regulated gambling, but it claims those features are “amplified by the absence of the protective mechanisms found in the legal gambling market.”

This distinction matters for investors and users because it goes to how regulators classify the product. When a platform resembles regulated gambling mechanics but lacks corresponding protections—such as consumer safeguards and oversight—authorities are more likely to pursue takedowns, advertising restrictions, and access blocking, even if the platform markets itself as a different kind of market.

Outcome manipulation concerns and investigation status

The ANJ also pointed to the risk of outcome manipulation in certain event contracts. It cited alleged rigging, including a specific example: bets tied to weather outcomes where the regulator said weather sensors may have been hacked.

“Some of the bets offered on this platform appeared to be rigged: for example, bets on the weather revealed that weather sensors may have been hacked.”

In addition, the cybercrime unit of the Paris Public Prosecutor’s Office opened an investigation in May 2026 and, according to the article’s account of the regulator’s findings, identified a lack of identity verification safeguards such as Know Your Customer checks.

Advertisement

For participants, this kind of enforcement pressure highlights a key operational fault line: regulators are not only focused on contract structure, but also on platform controls—especially around participant verification and the reliability of the information used to settle outcomes.

France builds on earlier warnings, while US regulators escalate

This is not France’s first move. Earlier coverage noted that the ANJ shared plans in November 2024 to block Polymarket after the platform allegedly failed to comply with national gambling laws, and the Friday decision follows through with the required ISP-level blocking.

The French action arrives amid an ongoing legal fight over prediction markets in the United States. On June 17, Kentucky sued five prediction market platforms, including Kalshi and Polymarket, alleging they were operating unlicensed sports betting platforms—according to the earlier reporting cited in the article. Additional states have followed suit. Separately, the Commodity Futures Trading Commission (CFTC) has sued New Mexico, arguing that state-level interference encroached on the federal regulator’s exclusive authority over federally regulated event contracts, as reflected in the referenced CFTC dispute.

Taken together, the US and France developments underscore a persistent regulatory tension: prediction markets sit at the intersection of gambling law, securities and commodities frameworks, and consumer protection rules. Even when platforms frame themselves as market infrastructure for forecasting rather than wagering, regulators appear willing to treat them as gambling-like products when participation mechanics and consumer risk resemble traditional betting.

Advertisement

As France implements the ISP blocking order, the next question for readers and market participants is how Polymarket and other affected platforms will adjust compliance, identity verification, and settlement-risk controls—and whether the broader trend shifts from geoblocking to more formal legal resolutions in major jurisdictions.

Risk & affiliate notice: Crypto assets are volatile and capital is at risk. This article may contain affiliate links. Read full disclosure

Source link

Advertisement
Continue Reading

Crypto World

Ethereum braces for CLARITY vote as bulls defend crucial support

Published

on

Polymarket chart shows 39% odds of the CLARITY Act becoming law in 2026.

Ethereum has risen 1.8% to $1,845 after Rep. Bryan Steil raised hopes for a Senate vote on the CLARITY Act next week, while ETF inflows and firm chart support kept traders cautiously bullish.

Summary

  • Ethereum rose 1.8% as Bryan Steil raised hopes for a CLARITY Act vote next week.
  • Spot Ethereum ETFs recorded $105 million in weekly inflows, their highest since April.
  • ETH must defend $1,830 and break $1,854 to target the $1,947 resistance zone.

Steil, who chairs the House Financial Services Subcommittee on Digital Assets, told FOX Business that the bill could reach the Senate floor in the coming week. Passage could place ETH under a digital commodity framework and establish federal rules for its trading and oversight.

During a July 17 hearing, Steil urged lawmakers to complete the legislation as the Senate prepares to consider it. “Let’s pass CLARITY,” he stated in remarks published by the House Financial Services Committee.

Advertisement

Polymarket traders raised the probability of the bill becoming law in 2026 to 39% from 30% on July 17. However, unresolved disputes over ethics rules and stablecoin yields have kept the odds below 50%.

Polymarket chart shows 39% odds of the CLARITY Act becoming law in 2026.
Source: Polymarket

Institutional flows have also improved. SoSoValue data showed that spot Ethereum ETFs attracted $105 million between July 13 and July 17, their strongest weekly inflow since April.

Ethereum’s decentralized finance activity has grown alongside the ETF demand. DeFiLlama placed the network’s total value locked at about $40.5 billion, up from roughly $36 billion at the start of July. The network also processed $978.9 million in decentralized exchange volume and 2.46 million transactions over the past 24 hours.

Ethereum must clear $1,854 to reopen the path toward $1,947

Ethereum’s daily chart shows a double-bottom structure formed around $1,511, with the neckline near $1,847. ETH briefly climbed to $1,947 before returning to test the neckline, which now overlaps with the 0.786 Fibonacci retracement at $1,853.82.

Advertisement
Ethereum daily chart shows ETH testing $1,854 resistance after forming a double-bottom pattern.
Ethereum daily price chart — July 18 | Source: crypto.news

A daily close above $1,854 would place the recent $1,947 high and the 100-day exponential moving average near $1,939 back in play. The double-bottom structure has a measured target near $2,180, while crypto analyst Michaël van de Poppe expects $2,200 to $2,400 if the $1,780 support remains intact.

Daily momentum still favors buyers, although the pace has slowed. The MACD line stands at 35.57, above the 21.69 signal line, while the positive histogram has contracted to 13.88. The relative strength index sits at 57.15, leaving ETH below overbought territory.

Advertisement

On the 4-hour chart, Ethereum (ETH) remains inside an ascending channel that has guided the recovery since late June. Its lower boundary and the previous Supertrend support meet around $1,830, while the upper boundary extends toward $2,040. Chaikin Money Flow remains positive at 0.07, but the active Supertrend resistance at $1,908 must fall before buyers can retest the July high.

Ethereum 4-hour chart shows ETH holding near $1,830 support inside a rising channel.
Ethereum 4-hour price chart — July 18 | Source: crypto.news

CoinGlass’ 48-hour liquidation heatmap places the nearest dense leverage cluster between $1,860 and $1,870. More positions sit around $1,900, while downside liquidity has accumulated near $1,810 and $1,790.

Ethereum liquidation heatmap shows major leverage clusters near $1,870, $1,900, and $1,810.
Ethereum liquidation heatmap | Source: CoinGlass

According to analyst Ted Pillows, the $1,820–$1,850 region will decide ETH’s next move.

“If Ethereum holds above it, expect another uptrend towards $1,950–$2,000.”

A break below $1,780 would weaken Ethereum’s recovery

Ethereum would lose its 4-hour channel if sellers force a close below $1,830. Such a move would expose the 50-day EMA near $1,812 and could trigger leveraged long liquidations around $1,810.

A deeper decline below the 61.8% Fibonacci level at $1,780.64 would weaken the double-bottom setup and open the 50% retracement at $1,729.24. Pillows also cited the escalating U.S.-Iran situation as a risk to the $1,820–$1,850 support zone.

Political uncertainty remains another invalidation risk. Failure to resolve the CLARITY Act’s ethics and stablecoin provisions could delay a Senate vote, remove the immediate catalyst behind ETH’s rebound, and place the $1,780 support under renewed pressure.

Advertisement

Disclosure: This article does not represent investment advice. The content and materials featured on this page are for educational purposes only.

Advertisement

Source link

Continue Reading

Trending

Copyright © 2025