Crypto World
Inside the Massive Institutional Expansion and VASP Application
The company’s expansion in Brazil comes after it made big moves in Australia, the US, and Canada.
Ripple announced earlier today that it has significantly enhanced its presence in Brazil by incorporating some of its key features in the local market, including cross-border payments and digital asset custody.
The company’s President highlighted the importance of the Latin American market and praised Brazil for its rapidly developing financial ecosystem.
Ripple Doubles Down in Brazil
The statement published on March 17 reads that Ripple has now become the “only solution in the region capable of serving institutions across the full spectrum of financial needs – from cross-border payments and digital asset custody to prime brokerage and treasury management.”
The firm has also applied for a Virtual Asset Service Provider (VASP) license with the country’s central bank. The move comes after Brazil introduced its cryptocurrency regulatory framework and aims to reinforce Ripple’s “compliance-first approach” that has guided its global operations for over a decade.
After outlining the significance of the Latin American market, Ripple President Monica Long added that “Brazil has built one of the most advanced and forward-thinking financial ecosystems in the world.”
“We’ve spent more than a decade building the trust, licensing, and technology required to operate in regulated markets. Now, with our expanded platform, we can meet institutions across the region with everything they need to compete in the modern financial system,” Long concluded.
Brazilian Institutions Tapping Ripple Payments
The announcement explained that Ripple Custody will bring “bank-grade security, real-time compliance controls, and flexible deployment options to regulated institutions in the region.” Some of those include CRX and Justoken.
In the meantime, Ripple Payments, the end-to-end solution for moving money across borders with over $100 billion in processed volume globally, works with Banco Genial, Braza Bank, Nomad, Azify, ATTRUS, and Frente Corretora.
You may also like:
The company also said that its enterprise-grade stablecoin, RLUSD, has gained “significant traction” in the LATAM region, as institutions look for “trusted, regulated, digital dollar infrastructure.” RLUSD’s market cap has grown past $1.5 billion in less than 18 months after its launch.
The stablecoin has been adopted in Brazil by some of the most prominent exchanges and fintechs, including Mercado Bitcoin, Foxbit, Ripio, Braza Bank, Banco Genial, and others.
Ripple’s big move in Brazil follows similar developments in other regions. It began with a major announcement about an Australian financial license application, followed by a partnership focused on the North American markets.
Binance Free $600 (CryptoPotato Exclusive): Use this link to register a new account and receive $600 exclusive welcome offer on Binance (full details).
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE position on any coin!
Illinois Lieutenant Governor Juliana Stratton is poised to become the next Senator from the state after winning the Democratic primary Tuesday night, defeating Representative Raja Krishnamoorthi.
Krishnamoorthi had received north of $8 million in backing from crypto super-political action committee (PAC) Fairshake, among other entities, while Stratton was backed by Illinois Governor JB Pritzker. Illinois’ senate seat is rated a “Solid Democratic” seat by Cook Political Report, meaning the winner of Tuesday’s primary will most likely win the general election this November and represent the Prairie State in the Senate in 2027.
Fairshake’s ads largely attacked Stratton, rather than supporting Krishnamoorthi directly, a strategy it also employed in the 2024 election. The PAC typically supports candidates in primaries for races they’re likely to win, letting it boast that the vast majority of its backed candidates won elections in 2024.
Stand With Crypto, a Coinbase-backed group that assigns rates to lawmakers based on how crypto-friendly they are, gave Stratton an “F” ranking based on a single statement she made about her primary opponent receiving backing from “MAGA-backed crypto bros.” The rating notes that she has not voted on any crypto bills or otherwise made statements about crypto generally.
Krishnamoorthi received an “A” rating based on his voting record and his responses to a questionnaire sent out by the group.
Another candidate Fairshake opposed, La Shawn Ford, won his primary race as well, according to the Associated Press. Fairshake spent nearly $2 million opposing Ford’s race for the House of Representatives. Ford’s team sent the PAC a cease-and-desist alleging Fairshake’s ads were “defamatory,” according to the Forest Park Review.
A spokesperson for Fairshake did not immediately return a request for comment on either race, or on Ford’s allegations.
Bitcoin infrastructure provider Maestro has launched a Bitcoin-denominated credit market backed by mining economics, aiming to give institutions a new way to earn yield on idle Bitcoin while expanding financing options for miners.
Maestro said Mezzamine went live with its first program in partnership with mining-as-a-service provider Sazmining. According to a Tuesday announcement shared with Cointelegraph, the program is designed to let institutional Bitcoin (BTC) holders deploy BTC into mining-backed credit facilities targeting an annual yield of 8% to 9%.
The offering is designed to connect miners seeking capital with institutional Bitcoin holders seeking BTC-denominated yield, creating an onchain credit market tied to mining expansion rather than protocol staking rewards.
“New Bitcoins are mined every 10 minutes, and with Mezzamine BTC holders can earn and share block rewards with miners,” Marvin Bertin, Maestro’s co-founder and CEO, said in the announcement.
Related: Top Bitcoin mining stocks rise as US winter storms cut hashrate
Bitcoin-native credit market seeks to fix miner financing gap
Bitcoin mining firms often face limited financing options, typically relying on dollar-denominated debt against Bitcoin collateral or, if publicly listed, equity issuance.
Because many miners’ liabilities are denominated in dollars while revenue is earned in Bitcoin, that structure can leave operations more exposed during sharp market downturns.
Maestro said the credit facility includes bear-market protection features, including hedging tied to Bitcoin prices and mining-fleet economics, to help stabilize performance during downturns.
The company said miners may face higher financing costs in stronger markets in exchange for a structure designed to offer greater stability during downturns.
The offering is aimed at institutional investors, corporate treasuries, asset managers, family offices and registered investment advisers. Suresh Rajan, Mezzamine’s managing director, told Cointelegraph the minimum allocation is $100,000 worth of Bitcoin.
Mezzamine said the yield is derived directly from mining production. Miners borrowing through the platform use capital to buy additional ASIC hardware and expand hashrate, with part of the resulting block rewards used to service the credit facility and the remainder flowing to the miner.
According to Maestro, institutions receive yield funded entirely by the mining output, without additional token incentives or leveraged strategies.
Related: Solo Bitcoin miner bags over $200K block reward using rented hashrate
Bitcoin-denominated loans reduce miner liquidation risks
Bitcoin miners seeking traditional financing are often required to overcollateralize two-fold, increasing liquidation risks during Bitcoin price drops.
The new credit facility reduces that risk by denominating loans in Bitcoin and removing dollar-denominated call risks, Mezzamine’s managing director, Rajan, told Cointelegraph:
“A decline in Bitcoin’s price against the dollar does not trigger a margin call, and with Mezzamine’s hedged vehicle, the hedge actually returns profits in bear markets that can supplement mining revenue and further capitalize the program.”
“The loan performs according to mining economics, not currency markets,” he added.
Maestro told Cointelegraph it has seen more than 1,500 BTC in borrowing demand from qualified mining operators exploring alternative financing channels, including public miners and mid-sized operators.
Sazmining describes itself as a Bitcoin mining-as-a-service provider whose operations rely on hydropower and other carbon-free energy sources.
Magazine: 6 weirdest devices people have used to mine Bitcoin and crypto
Mastercard has agreed to acquire stablecoin infrastructure company BVNK in a deal valued at up to $1.8 billion, further expanding into blockchain-based payments.
The deal includes up to $300 million in contingent payments and is intended to strengthen Mastercard’s ability to connect fiat payment rails with onchain transactions, the company said on Tuesday.
“We expect that most financial institutions and fintechs will in time provide digital currency services, be it with stablecoins or tokenized deposits,” Jorn Lambert, chief product officer at Mastercard, said.
BVNK, founded in 2021, provides infrastructure that allows businesses to send and receive payments across major blockchain networks in more than 130 countries. Its platform is designed to bridge fiat currencies and stablecoins, enabling use cases such as cross-border payments, payouts and business transactions.
Related: Cari picks ZKsync’s Prividium as US regional banks join stablecoin race
Coinbase walks away from BVNK deal
In November 2025, Coinbase and BVNK announced they had mutually walked away from a proposed $2 billion acquisition that had reached the due diligence stage. No reason was disclosed for the cancellation of the deal.
BVNK has received investment from a number of major traditional payment firms. In May 2025, Visa made a strategic investment in the company through its Visa Ventures arm, which came after the stablecoin infrastructure company closed a $50 million Series B funding round led by Haun Ventures.
In October 2025, Citigroup’s venture arm, Citi Ventures, also invested in BVNK. While the investment size was not disclosed, BVNK said at the time that its valuation had surpassed $750 million.
Related: Stablecoins to replace old FX rails, but off-ramps remain a chokepoint
Stablecoins could power global payments within 15 years
Last week, billionaire investor Stanley Druckenmiller said stablecoins and blockchain technology could reshape global payments within the next decade, citing their speed, efficiency and lower costs compared to traditional systems. He argued that stablecoins could eventually replace existing payment rails, even as he remains skeptical about crypto’s role as a long-term store of value.
His comments come as traditional financial firms increasingly explore stablecoin-based systems following regulatory progress, including the GENIUS Act in the US.
Magazine: Bitcoin may take 7 years to upgrade to post-quantum — BIP-360 co-author
XRP (XRP) traded at $1.50 on Tuesday, a 3% rise in the past 24 hours as its relief rally stalled at $1.60. Still, growing network usage and increasing holder accumulation could provide a spark that may see the price finally break $1.50-$1.60 resistance.
Key takeaways:
-
XRP holder addresses hit 7.7 million record highs, as daily active addresses reach five-week highs.
-
Analysts say XRP bulls must reclaim $1.60 as support.
XRP Ledger non-empty wallets hit new highs
Santiment reported that the number of daily active addresses on XRP Ledger (XRPL) rose to a five-week high of 46,767, as the increase in the network activity coincided with a price move that saw the price climb to a four-week high of $1.60.
The number of non-empty addresses on XRPL has reached 7.7 million for the first time.
“XRP Ledger now has more than 7.7M holders (non-empty wallets) for the first time in its 13+ year history,” Santiment said in an X post on Tuesday.
The onchain data provider said this shows that the network’s “usage continues to grow,” even during periods of market downturns, suggesting investors were capitalizing on dips to buy XRP at a discount.
This aligns with aggressive accumulation by long-term investors who have increased their holdings since the US and Israel-Iran war began.
A sharp spike in the XRP holder net position change can be seen on March 1, exceeding 351 million XRP, marking it strongest single-day accumulation since Feb. 1.
XRP holder net position change tracks the 30-day supply shift among long-term investors, with positive readings indicating net accumulation.
Meanwhile, XRP whales, entities holding large amounts of tokens, have bought more since the beginning of March.
The chart below shows that XRP’s Whale Flow 30-day moving average (30DMA) turned positive in March for the first time since November 2025, ending four months of persistent selling.
This may continue to boost XRP’s price in the coming weeks, particularly when coupled with a reducing balance on exchanges, which has dropped to levels last seen in May 2021.
XRP price needs to flip $1.60 into support
Data from TradingView shows XRP attempting to breach the $1.50-$1.60 resistance that has capped the price for over six weeks.
XRP price “needs to move above the $1.51 resistance,” analyst CryptoWZRD_ said in a recent X post, adding:
“Holding above that level would offer a quick rally towards the $2.0 resistance.”
The last time the XRP/USD pair reclaimed this level was in December 2024. It rallied 90% in less than a week. In April 2025, it served as a launchpad for a 64% XRP price rally, as shown in the chart below.
Analyst CW8900 said the area between $1.50-$1.52 was a big “sell wall” for XRP, adding:
“If it breaks through this sell wall, there is no other resistance until $1.95.”
This level aligns with the measured target of a rounded bottom chart pattern and the 200-day simple moving average (SMA).
Before reaching this level, bulls are required to push the price above the pattern’s trend line at $1.60, validating the breakout.
As Cointelegraph reported, a decisive break above the upper trend line of a falling wedge at $1.60 would shift the bulls’ focus to the measured target at $2.55 next, potentially ending the downtrend.
This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision. While we strive to provide accurate and timely information, Cointelegraph does not guarantee the accuracy, completeness, or reliability of any information in this article. This article may contain forward-looking statements that are subject to risks and uncertainties. Cointelegraph will not be liable for any loss or damage arising from your reliance on this information.
Strategy paused its Bitcoin (BTC) accumulation via STRC preferred stock after failing to raise fresh capital since Friday, marking a notable shift after two aggressive weeks of buying.
Key takeaways:
-
STRC has dipped below its $100 par value, forcing Strategy to halt its Bitcoin buying spree.
-
Previous STRC dips below $100 have coincided with declines in BTC prices.
STRC drops below $100 par value
The pause coincided with STRC trading below its $100 par value, a key threshold for Strategy’s at-the-market (ATM) issuance model.
STRC is a yield-focused preferred stock, which income investors buy for monthly dividends.
Strategy typically issues new shares only when STRC trades at or above par to raise capital efficiently. When the price falls below $100, the company must offer better terms or sell at a discount, making issuance unattractive.
As a result, the funding channel shuts off, stalling STRC-backed BTC buys, which appears to be the case since Friday.
Before the pause, Strategy was in heavy accumulation mode, buying 22,337 BTC in the week ending March 15, partly funded by about $1.18 billion in STRC-linked sales.
The week before, it bought another 17,994 BTC, with roughly $377 million coming from STRC proceeds.
In total, Strategy added over 40,000 BTC in two weeks, with STRC serving as a key funding source. That’s roughly six times the total Bitcoin mined over the same two-week period.
STRC fractals hint at BTC dipping below $70,000
Historically, pauses in Strategy’s STRC-driven Bitcoin accumulation aligned with short-term BTC pullbacks.
For instance, after STRC slipped below its $100 par value in January, Bitcoin fell nearly 40% over the next three weeks.
A similar setup in November 2025 preceded a BTC price decline of around 25%, suggesting that the latest STRC move below $100 could again raise the risk of a near-term BTC price pullback.
Related: Bitcoin’s ‘powerful move’ nears as Bollinger Bands warn of volatility
The chances of a drop are high as Bitcoin pulls back after testing $76,000, a level coinciding with the upper boundary of its prevailing bear flag pattern.
BTC could slide toward the $66,000–$68,000 area, which aligns with the pattern’s lower trendline support, if the correction persists this week.
A bear flag breakdown, on the other hand, risks sending the Bitcoin price to as low as $51,000.
This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision. While we strive to provide accurate and timely information, Cointelegraph does not guarantee the accuracy, completeness, or reliability of any information in this article. This article may contain forward-looking statements that are subject to risks and uncertainties. Cointelegraph will not be liable for any loss or damage arising from your reliance on this information.
[PRESS RELEASE – London, UK, March 17th, 2026]
New roadmap positions BASIS as an institutional-grade digital asset management platform built for macro volatility, tokenized safe-haven demand, and frictionless Web3 onboarding.
Base58 Labs today unveiled the BASIS 2026 Technical Blueprint & Infrastructure Roadmap, introducing what the company describes as a next-generation digital asset management platform purpose-built for global institutional investors seeking secure exposure, capital efficiency, and advanced on-chain yield infrastructure. The company said BASIS is designed specifically for institutions navigating geopolitical instability, macroeconomic uncertainty, and rising demand for both blue-chip crypto assets and tokenized safe-haven alternatives.
According to Base58 Labs, BASIS is not designed as a conventional staking product. The platform is described as an “intelligent yield infrastructure” that integrates algorithmic execution, institutional-grade security controls, and digital asset management across BTC, ETH, SOL, and PAXG. The company stated that this approach is intended to address increasing institutional demand for infrastructure that supports asset management and risk mitigation in volatile market conditions.
Base58 Labs Targets Institutional Flight Toward Safe-Haven Digital Assets
At the center of the roadmap is the strategic integration of PAX Gold (PAXG), which Base58 Labs has prioritized as a core supported asset amid growing institutional interest in gold-linked digital instruments. The company said BASIS is designed to move beyond passive exposure by enabling a “yield-bearing gold” model that pairs PAXG holdings with algorithmic yield infrastructure intended to capitalize on structural market inefficiencies.
Base58 Labs said this approach reflects a broader shift in institutional capital allocation, where investors are increasingly seeking digital strategies that can combine capital preservation, portfolio diversification, and non-directional return opportunities under stressed macro conditions.
BTC, ETH, and SOL Infrastructure Built on the BHLE Execution Engine
Alongside PAXG, the company said BASIS is being developed around major digital assets including Bitcoin, Ethereum, and Solana, all supported by its proprietary Base58 Hyper-Latency Engine (BHLE). According to the roadmap, BHLE is designed as a high-performance execution environment capable of supporting low-latency routing, institutional-scale transaction throughput, and market-neutral strategy execution. The company states that the engine targets sub-50 microsecond latency and 100,000+ operations per second, with proprietary routing infrastructure tailored for precision execution and structural yield capture.
Base58 Labs said BHLE evolved from the firm’s high-precision R&D efforts and is intended to help power institutional-grade strategy deployment across multiple supported assets, regardless of broader market direction.
Privy-Powered Onboarding Aims to Remove Web3 Friction for Institutions
To address one of the biggest barriers to institutional adoption, Base58 Labs said BASIS has integrated with Privy.io to simplify wallet creation and user authentication. According to the company, institutions using BASIS will be able to create wallets through email and enterprise social logins without relying on traditional seed phrase management. The onboarding design uses Privy-based Multi-Party Computation (MPC) and includes a dual wallet system that separates funding activity from staking activity in order to improve transparency, operational clarity, and accounting convenience.
Base58 Labs said this onboarding model is central to its effort to reduce complexity for traditional financial institutions entering digital asset markets while preserving non-custodial control and strong operational safeguards.
Security Stack Designed for Institutional-Scale Capital Protection
The roadmap also highlights a security and risk-management framework intended for large-scale capital deployment. Base58 Labs said it has completed the first phase of internal testing covering core infrastructure integrity and external attack defense logic, while network stress tests focused on cross-chain liquidity routing and institutional-scale transaction handling are in the final stage.
The company further disclosed internal systems including the BASIS Sentinel Circuit Breaker (BSCB) and Defensive Maintenance Mode (DMM), which are designed to react rapidly in the event of black swan market events, exchange API failures, or extreme slippage. In addition, Base58 Labs said it has initiated formal procedures to pursue ISO 27001 and ISO 20000-1 certifications as part of its broader compliance and operational assurance strategy.
2026 Rollout to Include Closed Beta, Global Launch, and Institutional Private Pools
Base58 Labs said the BASIS rollout will proceed in phases throughout 2026. According to the published roadmap, Q2 2026 will focus on revealing the closed beta architecture and conducting external core logic audits by a Tier-1 global security firm. Q3 2026 is scheduled for the official global launch of BASIS and the opening of BTC, ETH, SOL, and PAXG asset management pools. In Q4 2026, the company plans to expand into private pools for institutional investors and customized algorithmic derivative strategies.
Executive Commentary
“Institutional capital is no longer looking only for access to digital assets it is looking for infrastructure that can deliver security, operational efficiency, and resilient yield under real-world market stress,” said a spokesperson for Base58 Labs, Dirk Johan Jacob Broer. “With BASIS, we are building an institutional platform designed for the next phase of on-chain finance, where seamless onboarding, intelligent execution, and capital protection must exist in one integrated system.”
About Base58 Labs
Base58 Labs is the research institute behind the BASIS ecosystem. While BASIS operates the execution and product infrastructure, Base58 Labs develops the measurement frameworks, execution logic, and risk models that support the platform under both normal and stressed market conditions. Through its work on market microstructure, execution risk, and structural alpha, Base58 Labs provides the research foundation that powers the next generation of institutional on-chain finance.
Binance Free $600 (CryptoPotato Exclusive): Use this link to register a new account and receive $600 exclusive welcome offer on Binance (full details).
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE position on any coin!
World, the identity network co-founded by OpenAI CEO Sam Altman, has released AgentKit, a developer toolkit that allows AI agents to prove they are linked to a verified, unique human through World ID when interacting with websites and online services.
The system integrates World ID’s proof-of-human identity with the x402 micropayments protocol started by Coinbase and Cloudflare, allowing agents to pay for access to online resources while presenting cryptographic proof that they are linked to a verified human credential.
The x402 protocol allows agents to pay small fees to access websites, APIs and other services. According to an announcement, the ecosystem has processed more than 100 million payments across applications, APIs and AI agents since launching in 2025.
Through the toolkit, verified World ID users can delegate identity credentials to AI agents, allowing them to prove they are tied to a unique individual without revealing personal information. Platforms can request micropayments, proof of human identity, or both when agents attempt to access services.
Formerly known as Worldcoin, World uses biometric verification to create a “proof-of-human” credential called World ID. The approach has sparked debate across the crypto industry and privacy advocates, with critics arguing that systems built on iris scans, proprietary hardware and centralized deployment raise privacy concerns and may conflict with the crypto movement’s emphasis on decentralization.
Related: South Korea plans to use AI for crypto tax enforcement
Crypto companies experiment with AI agent infrastructure
AI agents, automated software programs that can perform tasks and interact with online services on behalf of users, are gaining traction across the cryptocurrency industry, as well as B2C businesses, from retailing to travel planning.
In recent months, several crypto companies have introduced tools to expand the capabilities of these systems. In October, Coinbase launched wallet infrastructure designed to allow autonomous agents to execute onchain transactions, including spending, earning and trading crypto.
In February, blockchain infrastructure company Alchemy launched a system allowing AI agents to access its data services using onchain wallets and USDC (USDC) on Base. The same month, Pantera Capital and Franklin Templeton’s digital asset units joined the first cohort of Arena, a testing platform from open-source AI lab Sentient designed to evaluate enterprise AI agents.
However, the growing use of AI agents is also raising new concerns about potential risks.
On March 8, researchers reported that an experimental autonomous AI system called ROME unexpectedly attempted to use training infrastructure to mine cryptocurrency, triggering security alerts after initiating outbound network activity resembling crypto mining during reinforcement learning tests.
Tillman Holloway, founder and CEO of crypto investing and automated trading platform Arch Public, said AI agents will likely need clear limits as they gain access to financial systems. Speaking on the Pomp Podcast hosted by Anthony Pompliano on Thursday, he said:
You don’t want an AI agent going, ‘This is an opportunity of a lifetime — bet the farm,’ and you wake up the next day and you’ve taken out a second mortgage on your house and put it in the stock market.”
Magazine: What’s a ‘Network State’ and are there real-life examples? Big Questions
Bitrefill, a crypto-enabled e-commerce platform that lets customers spend digital assets on real-world products and gift cards, disclosed a cybersecurity incident that occurred on March 1. The breach enabled attackers to compromise an employee’s laptop by deploying malware and reusing existing IP and email infrastructure, which in turn granted access to hot wallets and the ability to drain funds. In addition to financial losses, Bitrefill confirmed that information tied to about 18,500 purchases was exposed, potentially revealing limited customer data. Crucially, the company said there is no evidence that the attackers extracted the entire database, suggesting the objective was financial rather than data exfiltration on a wholesale scale. Investigators have pointed to BlueNoroff Group, a North Korean hacking outfit with close ties to the Lazarus Group, as a possible participant or sole attacker in the incident.
Key takeaways
- The breach occurred on March 1 and targeted an employee’s laptop via malware, with attackers leveraging reused IP and email infrastructure to gain a foothold.
- Attackers deployed on-chain tracing techniques and accessed Bitrefill’s hot wallets to drain funds, while attempting to map accessible assets.
- Data exposure affected roughly 18,500 purchase records, but Bitrefill asserts that the full customer database was not accessed and that only limited customer information may have been disclosed.
- There is attribution to North Korea-linked groups, notably BlueNoroff Group with ties to Lazarus Group, as potential participants or sole operators behind the attack.
- Bitrefill halted systems to contain the breach, engaged law enforcement, and collaborated with multiple security firms to strengthen defenses and detection capabilities.
- Operations have largely returned to normal, with Bitrefill reporting that payments, inventory, and customer services are functioning, accompanied by ongoing security enhancements.
Tickers mentioned:
Sentiment: Neutral
Market context: The incident sits within a broader pattern of persistent cybersecurity threats facing crypto platforms, underscored by well-funded actors like Lazarus Group and its affiliated outfits. Lazarus remains associated with some of the most high-profile intrusions in the sector, including a noted $1.4 billion breach on a major exchange in February 2025, which has shaped industry risk perceptions and driven heightened security investments across the ecosystem.
Why it matters
The Bitrefill incident underscores how even firms built around rapid, on-demand crypto services must maintain rigorous operational security and incident response protocols. The attack vector—malware, credential reuse, and compromised hardware—highlights the need for layered defenses that extend beyond perimeter protections to include robust endpoint monitoring, strict access controls, and rapid containment measures. In the wake of the breach, Bitrefill not only contained the immediate risk by taking systems offline but also engaged external security partners to conduct comprehensive reviews and implement enhancements. This approach aligns with a broader industry trend: attackers are increasingly adept at blending traditional cyber techniques with on-chain reconnaissance to maximize impact, even on businesses that otherwise operate with strong security postures.
The incident also illustrates the tension between preserving customer trust and absorbing losses when underwrite costs fall to operational budgets. Bitrefill indicated that it would absorb the losses from its working capital, a decision that could reverberate through risk management discussions in the sector. For users, the event reinforces the importance of monitoring transaction activity, staying alert for unusual account behavior, and understanding that security incidents can surface even when providers are actively investing in defense. For operators and builders, it emphasizes the value of proactive third-party security audits, ongoing staff training, and the adoption of least-privilege access models to limit the blast radius of any future breach.
From a regulatory and policy standpoint, the disclosure and coordinated response with law enforcement signal ongoing collaboration between private firms and public authorities in addressing cross-border cyber threats. The Lazarus-linked threat landscape has long compelled exchanges and wallets to prioritize threat intel sharing, user notification protocols, and rapid incident communications to minimize damage and preserve market integrity. While Bitrefill’s experience is not unique, it contributes to a growing corpus of case studies that underscore the need for transparent post-incident reporting and verifiable security hardening measures in real time.
What to watch next
- Bitrefill’s ongoing security reviews and any published audit findings from the partnering firms (Security Alliance, FearsOff Security, Recoveris.io, and zeroShadow).
- Updates on how the company enhances internal access controls and monitoring capabilities to reduce the likelihood of a recurrence.
- Law enforcement disclosures or official statements that could shed further light on the attribution and motive behind the attack.
- Any public posts or supplementary communications from Bitrefill clarifying the status of customer data exposure and steps available to users who may have concerns.
- Industry-wide responses to similar intrusions, including changes in security practices, incident response playbooks, and cross-organization threat intelligence sharing.
Sources & verification
- Bitrefill’s official post on X detailing the breach, its scope, and immediate response
- Statements naming BlueNoroff Group and Lazarus Group as potential actors and their relation to the Lazarus ecosystem
- Public references to the security firms engaged in mitigating the incident: Security Alliance, FearsOff Security, Recoveris.io, zeroShadow
- Bitrefill’s note that the breach did not appear to access the entire customer database and that the losses will be absorbed from operational capital
Bitrefill breach highlights security lessons for the crypto retail ecosystem
Bitrefill’s experience is a stark reminder that cyber threats targeting crypto-enabled businesses are multifaceted, blending classic malware and credential theft with blockchain-focused reconnaissance. The company’s rapid containment, coupled with its collaboration with multiple security specialists, demonstrates a practical model for incident response that others in the space can emulate. While the attackers’ apparent objective seems financial, the exposure of tens of thousands of purchase records—under a platform that bridges crypto wallets with everyday purchases—serves as a cautionary note about data leakage, privacy considerations, and the ongoing need for rigorous access governance.
In the broader crypto market, the incident dovetails with a continuing pattern where high-profile breaches test the limits of security controls and force operators to balance customer trust with practical risk management. The Bybit event cited in industry chatter underscores a particularly aggressive threat landscape, where attackers leverage sophisticated techniques and persistent campaigns. As platforms expand services, including gift cards and fiat-onramps, the imperative to secure the end-to-end user journey—from authentication to transaction settlement—becomes more pronounced. Bitrefill’s commitment to a thorough security upgrade, including external audits and tightened internal processes, aligns with a prudent standard for the sector in 2026 and beyond.
Tokenization platform Theo has received $100 million for a structured investment facility backing its yield-bearing stablecoin, thUSD, underscoring growing institutional appetite for digital dollars tied to alternative yield sources beyond US Treasurys.
Theo co-founder Ari Pingle told Cointelegraph that the capital was committed through a structured facility known as the Genesis Vault, which reached its $100 million cap within 24 hours. The funds were deposited into the facility to support the launch of thUSD, rather than representing venture funding for the company.
The company uses the deposited funds to buy tokenized gold while simultaneously shorting gold futures on the CME to hedge price movements. The strategy is designed to reduce exposure to gold price volatility while generating yield from gold financing and futures market spreads.
Theo realized an average annual return of 8.27% in 2025 using that strategy and targets returns of 5% to 12%, depending on market conditions, Pingle said.
While gold-backed stablecoins remain relatively nascent, several blockchain projects have issued tokens backed by physical bullion, including Tether Gold and Paxos Gold. Unlike dollar-pegged stablecoins, these tokens track the market price of gold, with each token typically representing one troy ounce of vaulted bullion.
Investors in Theo include Hack VC and Anthos Capital, as well as angel investors from Jane Street, Optiver and JPMorgan, according to a company announcement.
Related: Gold is acting like the hedge Bitcoin promised to be
The tension over “yield” under US GENIUS Act
The launch comes as yield-bearing stablecoins have gained traction following recent regulatory developments in the United States.
The GENIUS Act restricts payment stablecoin issuers from distributing yield on reserve assets, such as Treasury bills. Theo says thUSD differs because returns are generated through the underlying trading and asset structure rather than issuer-paid interest.
“The GENIUS Act restricts issuers of payment stablecoins from paying yield to holders simply for holding the token. The intent is to prevent stablecoins from functioning like interest-bearing bank deposits,” Pingle told Cointelegraph, adding that this restriction applies to “issuer-paid yield on payment stablecoins backed by reserves like T-Bills.”
He added:
“Products structured around tokenized assets or separate financial primitives can generate yield differently, because the return comes from the underlying asset or system rather than from the issuer distributing reserve income. thUSD falls into that latter category.”
Nevertheless, debate over stablecoin yield in the United States continues to weigh on broader crypto-market structure talks in Washington, where lawmakers and banking groups remain divided over whether third parties should be allowed to offer yield on stablecoin holdings.
Related: SEC’s ‘Crypto Mom’ calls for simpler disclosure rules, flags tokenization debate
The no-action position taken by the US regulator under Chair Michael Selig will allow the company to engage in certain activities without registering as a broker.
The US Commodity Futures Trading Commission (CFTC) said Tuesday that its Market Participants Division issued a no-action letter in response to a request from crypto wallet provider Phantom Technologies.
A CFTC notice said that the no-action letter would, under certain circumstances, stop the division from recommending that the regulator take an enforcement action against Phantom or its staff for failure to register as a broker.
According to Phantom, the no-action position will allow the company to “act as a non-custodial interface connecting users to a registered exchange […] without taking on the regulatory obligations of an introducing broker.”
“With thanks to the CFTC’s willingness to open their doors to facilitate innovation, we proactively engaged with the CFTC to seek clarity on how a non-custodial interface like Phantom could offer access to regulated markets through a registered partner, without acting as an intermediary that needs its own registration,” said Phantom. “Rather than building first and seeking forgiveness later, we took a different approach to give our users safe and reliable ways to access traditional financial markets.”
The regulator’s no-action response for a crypto company was one of the first taken under the leadership of the CFTC Chair Michael Selig since his US Senate confirmation in December. Selig and former CFTC acting chair Caroline Pham led the commission under US President Donald Trump as it issued several no-action letters for crypto platforms, including Polymarket and Binomial.
Related: Prediction markets boom on Iran bets as Congress eyes ban
CFTC defends authority over prediction markets, plans coordinating with SEC
Selig continues to defend what he called the CFTC’s “exclusive jurisdiction” in overseeing prediction market platforms like Kalshi and Polymarket in the face of a slew of US state authorities filing lawsuits against companies for alleged violations of gambling laws. Last week, he, as the sole CFTC commissioner, proposed a rule that could amend or issue new regulations over event contracts on prediction markets platforms, opening it to public comment.
Amid the tussle over regulating prediction markets, the CFTC and Securities and Exchange Commission (SEC) last week signed a memorandum of understanding in an attempt to end “regulatory turf wars.” Both agencies agreed to adopt a “minimum effective dose” regulatory strategy.
Magazine: Metaplanet’s Japan Bitcoin bet, Bithumb ordered suspension: Asia Express
How To Buy Bitcoin Without KYC (2026 Masterclass)
Belfast classroom assistant’s six-year journey to support children with additional needs
Samsung Elec plans to produce Tesla chips starting late 2027
-
Tech7 days agoA 1,300-Pound NASA Spacecraft To Re-Enter Earth’s Atmosphere
-
Crypto World4 days agoHYPE Token Enters Net Deflation as HyperCore Buybacks Outpace Staking Rewards
-
Fashion4 days agoWeekend Open Thread: Addict Lip Glow
-
Tech2 days agoYour Legally Registered ‘Motorcycle’ Might Not Count Under Proposed US Law
-
Sports4 days ago
Why Duke and Michigan Are Dead Even Entering Selection Sunday
-
NewsBeat6 days agoResidents reaction as Shildon murder probe enters second day
-
Business2 days agoSearch for Savannah Guthrie’s Mother Enters Seventh Week with No Arrests
-
Business7 days agoSearch Enters Sixth Week With New Leads in Tucson Abduction Case
-
Sports6 days agoPWHL, Senators discussing plan to keep Charge in Ottawa
-
Business4 days agoUS Airports Launch Donation Drives for Unpaid TSA Workers as Partial Government Shutdown Enters Fifth Week
-
Tech10 hours agoAre Split Spacebars the Next Big Gaming Keyboard Trend?
-
Crypto World3 days ago
Coinbase and Bybit in Investment Talks: Could Bybit Finally Enter the US Crypto Market?
-
NewsBeat7 days agoI Entered The Manosphere. Nothing Could Prepare Me For What I Found.
-
Business4 days agoCountry star Brantley Gilbert enters growing non-alcoholic beer market
-
Business2 days agoAustralian shares drop as Iran war enters third week
-
Crypto World2 days agoCrypto Lender BlockFills Enters Chapter 11 with Up to $500M in Liabilities
-
Sports4 days agoCollege Basketball Best Bets: Conference Tournament Semifinal Picks
-
Politics7 days agoTrump Says Middle East Is ‘Very Lucky’ That He’s President
-
Crypto World6 days agoThree Binance Charts May Be Hinting at Bitcoin’s Next Move
-
Business5 days agoTrump demands Powell cut rates as Iran conflict raises energy prices
You must be logged in to post a comment Login