Crypto World
Lazarus-linked macOS malware targets crypto and fintech sectors
Security researchers have linked a fresh macOS malware campaign to the Lazarus Group, the North Korea-linked hacking outfit responsible for some of the crypto sector’s most consequential losses. The campaign, tracked by researchers as the Mach-O Man kit, is deployed through the ClickFix social-engineering framework that targets a broad spectrum of firms, including crypto companies.
According to Mauro Eldritch, an offensive security expert and founder of threat-intelligence outfit BCA Ltd., the Mach-O Man campaign leverages convincing calls to lure victims into executing commands that quietly pull down the malware in the background. The tactic enables attackers to bypass conventional security controls and slip into credentials and broader corporate environments, a pattern documented in a Tuesday report that cites the Any.run macOS analysis sandbox as a primary source of insight.
The operation culminates in a stealer payload designed to harvest a wide range of sensitive data, from browser extension data and stored credentials to cookies and macOS Keychain entries. Once collected, the information is zipped and exfiltrated through Telegram, after which the toolkit performs a self-deletion routine using the system rm command to erase traces without requiring user confirmation.
The emergence of Mach-O Man fits into a broader narrative around Lazarus’ evolving targeting beyond purely crypto-native incidents, underscoring the risk to corporate networks and supply chains alike. The group has long been associated with some of the industry’s largest heists, including the $1.4 billion attack on the Bybit exchange in 2025, cited as the era’s largest cryptocurrency breach to date.
For context, researchers emphasize that Lazarus has continued to widen its toolkit and attack surface in recent months. In April, the group was tied to AI-enabled social-engineering campaigns that breached Zerion by gaining access to team members’ sessions, credentials and private keys. The Zerion incident illustrated how attackers can blend social engineering with credential theft to reach privileged accounts and sensitive assets. Further coverage on that event is available from Cointelegraph.
Key takeaways
- Mach-O Man, a macOS malware kit attributed to Lazarus by researchers, is distributed via ClickFix social-engineering campaigns that reach traditional businesses and crypto firms alike.
- The final payload acts as a stealer, extracting browser data, credentials, cookies and macOS Keychain entries, with data zipped and exfiltrated through Telegram before the kit self-destructs using rm to erase traces.
- Victims are lured into fake Zoom or Google Meet calls, where they are prompted to run commands that trigger malware installation and deeper access, bypassing typical endpoint protections.
- The Lazarus operation continues to broaden its target scope beyond crypto-native companies, aligning with broader industry observations of the group’s expanding playbook and infrastructure access.
- Contextual benchmarks include the Bybit hack in 2025 and the Zerion breach in April, illustrating a pattern of high-stakes intrusions that blend phishing, social engineering and credential theft.
Mach-O Man: unraveling the attack sequence
At the core of the Mach-O Man campaign is a staged social-engineering flow centered on convincing calendar invites for popular virtual-meeting platforms. Victims receive a prompt that resembles a legitimate meeting notification, prompting them to join a so-called “Zoom” or “Google Meet” session. In the guise of a routine setup, victims are then steered to execute commands that quietly download and install the Mach-O Man components in the background. This stealthy delivery pathway helps attackers sidestep many traditional controls and allows credential harvesting to proceed with limited user friction.
Once the stealer is deployed, the toolkit targets data of high value to attackers. It raids browser extension data, stored credentials, cookies and Keychain entries, among other sensitive locally stored information. The extracted material is packaged into a zip archive and sent to the operators via Telegram, a channel chosen for its speed and relative resilience against standard enforcement actions. Following data exfiltration, the malware deploys a self-deletion routine, removing the entire kit from the host using the rm command—effectively leaving minimal traces and complicating post-incident forensics.
Context and implications for the crypto security landscape
The Lazarus Group’s alleged involvement in Mach-O Man extends a well-documented pattern of sophisticated, long-running campaigns that intensify the risk profile for crypto firms and their ecosystems. The group has become a persistent thorn in the side of exchanges, wallet providers and project teams, with past operations demonstrating a capacity to scale beyond traditional targets and adapt to evolving defense postures.
Bybit’s stunning $1.4 billion breach in 2025 stands as a benchmark for the scale of Lazarus-driven intrusions, underscoring not only the capital at risk but the potential for cascading effects across liquidity, market making and user trust. In parallel, the Zerion incident in April showcased how AI-augmented social engineering can accelerate the theft of credentials and private keys by exploiting legitimate team workflows and authorized sessions. The combination of social engineering with credential access remains among the most challenging vectors for defenders to preempt, particularly on macOS environments where threat actors have previously found gaps in application controls and user vigilance. Related reporting on Lazarus-linked activity continues to surface across industry coverage.
Defensive lessons and what to watch next
Mach-O Man reinforces the need for macOS-specific defense postures that blend user-education, application-control policies and robust-measurement of endpoint behavior. Key mitigations include enforcing least-privilege execution, deploying application allowlists, monitoring for anomalous download-and-execute sequences triggered from trusted apps, and tightening the wing of endpoint detection to catch command-and-control-like behaviors associated with staged infection chains. Given that the exfiltration route leverages Telegram, security teams should review outbound intelligence on uncommon channels used for data transfer and consider network-level constraints that challenge rapid egress of sensitive information.
For practitioners, the takeaway is clear: even as crypto-specific threats remain high-profile, attackers are expanding their targeting to encompass traditional businesses and cross-sector networks. This broadening of Lazarus’ reach increases the potential attack surface for exchanges, custodians and infrastructure providers alike, reinforcing the case for comprehensive, cross-platform threat intelligence integration and rapid response playbooks that can pivot as new malware kits surface. Any.run analysis provides a technical backdrop for understanding the Mach-O Man kit’s behavior and evolution.
As the industry absorbs these developments, observers will be watching for how defenders adapt to macOS-focused campaigns and whether new variants of Mach-O Man emerge with enhanced evasion techniques or more aggressive data-collection capabilities. The convergence of social engineering, credential theft and automated self-deletion marks a troubling trend—one that demands renewed emphasis on user education, secure access controls and vigilant incident-response strategies.
Readers should keep an eye on any updates about Lazarus’ tactics across platforms, especially as security teams track potential shifts in the group’s tooling, command channels and preferred data-exfiltration methods. The coming weeks may reveal whether Mach-O Man is a standalone spike or part of a broader, ongoing shift in the threat landscape facing the crypto ecosystem.
The $3 trillion crypto industry’s compliance infrastructure runs on a small group of RegTech firms. From blockchain analytics and travel rule networks to KYC, sanctions screening, and government intelligence, these companies allow institutions to operate in digital assets under regulatory scrutiny.
Here are the 15 companies holding digital asset compliance together in 2026.
Entry
Company
Founded · HQ
Key People
Scale & Funding
Core Capability
Signature Matter
1
Chainalysis
2014 · New York
Michael Gronager (CEO)
Jonathan Levin (Co-founder, CSO)$8.6B valuation; 763 employees
$537M+ raised (Accel, GIC, Blackstone, BNY)Blockchain analytics, investigations, KYT
Standard for global agencies including FBI, IRS, Europol.
Tracing linked to Colonial Pipeline and Bitfinex recoveries
2
TRM Labs
2018 · San Francisco
Esteban Castaño (CEO)
Ari Redbord (Policy Head)$1B valuation (Series C, 2026)
$220M raised; 383 employeesAI-driven blockchain intelligence
Clients include Coinbase, Visa, PayPal.
$300M+ illicit assets frozen via T3 Unit
3
Elliptic
2013 · London
Simone Maini (CEO)
Richard May (ex-HSBC)Backed by HSBC, JPMorgan, Santander
99.99% uptime (company claim)Blockchain analytics, stablecoin risk
Issuer due diligence for stablecoins (2025)
Data used in Garantex takedown
4
ComplyAdvantage
2014 · London
Charles Delingpole (Founder)
$158M raised; 474 employees
ISO 27001 + SOC 2 certifiedAML, sanctions screening, monitoring
AI resolves 85% of alerts (company claim).
1,000+ clients across 80+ countries
5
Sumsub
2015 · Limassol
Andrew Sever (CEO)
Ilya Brovin (CGO)500–1,000 employees
14,000+ document types globallyKYC, KYB, travel rule, monitoring
1,800+ VASPs in network
23,000+ fraud checks daily
6
Notabene
2020 · New York
Pelle Braendgaard (CEO)
Catarina Veloso (Regulatory)$26.6M raised
2,000+ VASPs in networkTravel rule compliance
Leading global VASP network
Brazil regulatory playbook (2026)
7
Merkle Science
2018 · Singapore / NY
Mriganka Pattnaik (CEO)
Nirmal Ak (Co-founder)$25.6M raised
41 investors incl. DCGPredictive crypto risk analytics
Behavioral ML engine for pre-risk detection
10,000+ assets tracked
8
Crystal Intelligence
2018 · Amsterdam
Navin Gupta (CEO)
Marina Khaustova (COO)1,900+ clients
Backed by Bitfury, TetherBlockchain investigations, analytics
330+ blockchains covered
Used in ransomware and terror finance tracking
9
Scorechain
2015 · Luxembourg
Founding leadership team
350+ compliance teams
250+ institutions across 40+ countriesAML, wallet screening, MiCA compliance
Core EU MiCA compliance coverage
UNICEF Luxembourg deployment
10
Solidus Labs
2017 · NY / Tel Aviv
Asaf Meir (CEO)
Backed by Evolution Equity, Hanaco
Category-defining positioningMarket surveillance, threat intelligence
Staking Guard (2024) with Figment
Pre-chain validator compliance
11
Lukka
2014 · New York
Robert Materazzi (CEO)
Used by Big Four firms
Institutional data infrastructureCrypto tax, accounting, compliance
Acquired Coinfirm (2023)
AICPA standards partnership
12
Jumio
2010 · Palo Alto
Robert Prigge (CEO)
700+ employees
Backed by Centerbridge PartnersIdentity verification, KYX
Dedicated crypto vertical
Supports exchanges and on-ramps
13
CipherTrace
2015 · Menlo Park
Mastercard Crypto division
Acquired by Mastercard (2021)
Integrated into Crypto SecureBlockchain analytics, travel rule
TRISA co-founder
Embedded in Mastercard network stack
14
Onfido
2012 · London
Entrust (parent company)
300M+ identity checks
Acquired by Entrust (2024)Identity verification, CDD workflows
FATF-aligned compliance flows
Integrated with IAM systems
15
Inca Digital
2018 · Washington DC
Adam Zarazinski (CEO)
US government contracts (DARPA, SEC)
National security focusGovernment analytics, threat intelligence
Supports federal agencies
Regulatory and congressional engagement
About This List
This list is compiled by the BeInCrypto Research Division as part of the BeInCrypto Institutional 100 Awards 2026.
These companies provide the infrastructure behind AML enforcement, travel rule compliance, sanctions screening, identity verification, and blockchain intelligence across global jurisdictions.
Methodology
This category evaluates compliance technology providers under Track B of the BeInCrypto 100 methodology: 30% quantitative metrics, 50% Advisory Council input, and 20% disclosed data analysis.
Assessment spans seven criteria: technology capability, client adoption, regulatory recognition, innovation, funding maturity, effectiveness, and reputation.
Data points were verified using company disclosures, press releases, regulatory filings, and private market platforms including PitchBook and Tracxn. Figures reflect the most recent available information at the time of publication and may change.
The post BeInCrypto Institutional Research: 15 Companies Behind Digital Asset Compliance appeared first on BeInCrypto.
TLDR
- Bitwise launched a new Avalanche-focused fund on April 15 to expand its crypto product lineup.
- CIO Matt Hougan said Avalanche offers differentiated exposure within the Layer 1 blockchain market.
- Hougan explained that Avalanche allows institutions to launch customizable blockchains with their own rules and validators.
- He linked the AVAX ETF thesis to long-term growth in tokenized assets, stablecoins, and onchain finance.
- Hougan cited partners including BlackRock, Apollo, Toyota, the State of Wyoming, and FIFA as part of Avalanche’s ecosystem.
Bitwise Asset Management has launched an Avalanche-focused fund and outlined its investment rationale. Chief Investment Officer Matt Hougan presented the case in a recent memo. He argued that Avalanche offers differentiated exposure within the Layer 1 market.
Hougan said the firm launched its Avalanche fund on April 15 to expand its crypto lineup. He explained that Avalanche approaches blockchain design differently from Ethereum and Solana. He stated that this structural difference supports the case for broader portfolio inclusion.
AVAX ETF Thesis Centers on Differentiated Blockchain Structure
Hougan wrote that Avalanche does not operate as a single shared chain like many rivals. Instead, it allows institutions to launch customizable blockchains with tailored rules and validators. He said this structure supports regulated entities seeking controlled blockchain environments.
He stated, “Avalanche is attractive not because it dominates Layer 1, but because it approaches blockchain design differently.” He added that banks and governments may prefer infrastructure without adopting a fully public chain model. He linked this flexibility to long-term growth in tokenized assets and onchain finance.
Hougan connected the AVAX ETF thesis to expanding tokenization trends across financial markets. He said tokenized real-world assets on Avalanche have climbed sharply in recent months. He cited activity from partners including BlackRock, Apollo, Toyota, the State of Wyoming, and FIFA.
He wrote that Avalanche could capture part of the market if hundreds of trillions of dollars move onchain. He framed this opportunity as tied to institutional blockchain adoption. He maintained that the fund provides targeted exposure to that theme.
Ethereum, Solana, XRP, and Avalanche Form Core Layer 1 Group
Hougan used the memo to outline Bitwise’s broader Layer 1 allocation strategy. He said the market remains early and fast-moving across competing networks. He argued that predicting a single long-term winner remains difficult.
He wrote that the most sensible approach focuses on networks with clear structural differences. He identified Ethereum, Solana, and XRP as core platforms within that group. He added that Avalanche extends that list due to its customizable model.
Hougan said Ethereum leads in smart contracts and decentralized applications. He described Solana as optimized for high-speed and low-cost transactions. He included XRP for its focus on payments infrastructure.
He explained that Avalanche offers exposure to a different segment of blockchain demand. He said its design supports private and public use cases within one ecosystem. He positioned the Avalanche fund as aligned with that framework.
TLDR
- U.S. banking groups asked the Treasury Department to extend comment periods on GENIUS Act stablecoin rule proposals.
- The associations requested at least 60 additional days after the OCC finalizes its supervisory framework.
- Bankers said the related rule proposals depend directly on the OCC’s final approach.
- The letter addressed rulemaking efforts at OFAC, FinCEN, and the FDIC.
- The GENIUS Act aims to establish a national stablecoin oversight framework before 2027.
U.S. banking groups have urged federal regulators to extend comment periods tied to stablecoin rules under the GENIUS Act. They argue that overlapping proposals require more review time before agencies finalize frameworks. The request centers on aligning rulemaking schedules across multiple banking regulators.
Banking Groups Call for More Time on GENIUS Act Rules
Several major bank trade associations submitted a letter to the U.S. Department of the Treasury and the Federal Deposit Insurance Corp. They asked regulators to extend three proposed rule comment periods linked to the GENIUS Act. They requested at least 60 additional days after the Office of the Comptroller of the Currency completes its framework.
The American Bankers Association and the Bank Policy Institute signed the letter with other organizations. They stated that all related proposals remain “directly contingent on the OCC’s final framework.” They argued that agencies should allow coordinated review before moving forward.
The Office of the Comptroller of the Currency is drafting standards for supervising stablecoin issuers. Bankers said the OCC’s final approach will shape related rules under development at other agencies. They stressed that agencies should not finalize separate rules without considering the OCC’s decisions.
The letter addressed rulemaking efforts at the Treasury’s Office of Foreign Assets Control and the Financial Crimes Enforcement Network. It also referenced a related proposal at the FDIC. The groups said these efforts together represent a “body of regulatory work of extraordinary scope and complexity.”
Bankers explained that they plan to provide detailed feedback on each proposal. However, they said agencies must first finalize the OCC’s supervisory structure. They wrote that their comments “will necessarily be more comprehensive” with more time.
Coordinated Oversight and Ongoing Stablecoin Debate
The GENIUS Act aims to establish a national framework for stablecoin oversight before 2027. Lawmakers designed the measure to coordinate federal supervision across banking and financial regulators. Agencies have begun drafting rules to meet the law’s timeline.
Federal agencies often extend comment windows for complex rule proposals. Banking groups cited that precedent in their request. They said regulators should synchronize review periods to avoid inconsistent standards.
At the same time, the same banking organizations remain engaged in discussions over the Digital Asset Market Clarity Act. That proposal seeks to define oversight roles for digital asset markets. Disagreements between banks and crypto industry participants have slowed its progress in Congress.
PUSD, a Shariah-compliant stablecoin backed by Gulf currencies, is set to deploy on ADI Chain, a Layer 2 network focused on institutional settlement in the Middle East.
According to an announcement shared with Cointelegraph, the stablecoin has about $2.3 billion in circulation and is backed 1:1 by reserves held in Saudi riyals and UAE dirhams, which are pegged to the US dollar.
It is already available on multiple blockchains, including Ethereum, BNB Chain, Solana and Tron, with ADI Chain marking its latest integration. The stablecoin is positioned to provide access to Islamic finance markets, which represent more than $3 trillion in assets globally, according to the announcement from the ADI Foundation.
ADI Chain is the settlement layer for a dirham-backed stablecoin initiated by International Holding Company and First Abu Dhabi Bank and licensed by the Central Bank of the UAE, according to the announcement.
The addition of PUSD introduces a second stablecoin to the network, allowing institutions to settle transactions using either a dollar-linked asset or a dirham-denominated token on the same infrastructure.
Transactions on the network require its native token for fees and are expected to support settlement across corridors linking the Gulf, the Middle East and parts of Africa.
PUSD is issued by Palm Azgar Finance and is designed for institutional use, including corporate treasuries, exchanges and payment processors.
Related: Here’s why crypto is moving to Dubai and Abu Dhabi
UAE builds out stablecoin framework
The United Arab Emirates has developed a multi-layered regulatory framework for digital assets, with authorities including the Central Bank of the UAE and Abu Dhabi Global Market (ADGM) establishing rules for stablecoins and virtual asset providers. Within that framework, dirham-pegged payment tokens are being explored as a way to modernize domestic payments and improve cross-border settlement.
In December, UAE telecom giant e& signed an agreement with Al Maryah Community Bank to test a dirham-pegged stablecoin licensed by the UAE central bank for consumer payments across its digital platforms in an early-stage pilot.
The following month, RAKBank received in-principle approval from the central bank to issue a dirham-backed stablecoin, with the planned token expected to be fully backed 1:1 by reserves held in regulated accounts. The approval is subject to final regulatory and operational conditions before any live issuance.
The push has also expanded to dollar-denominated tokens operating under local rules. In January, Universal Digital launched USDU, a US dollar-backed stablecoin registered by the UAE central bank under its Payment Token Services Regulation, making it the first dollar-denominated token approved for payment use within the framework.
Separately, the Financial Services Regulatory Authority has granted approvals to several crypto firms, including Tether (USDT), Ripple USD and Circle, to operate inside the ADGM’s financial zone.
TLDR
- Thailand SEC has proposed new rules to allow digital asset firms to apply for derivatives licenses within existing entities.
- The proposal removes the requirement for crypto firms to establish separate companies for derivatives operations.
- The regulator aims to expand access to crypto futures while strengthening oversight and compliance standards.
- The consultation period will remain open until May 20 for industry feedback.
- Blockchain.com launched perpetual futures trading with up to 40% leverage using Bitcoin as collateral.
Thailand’s securities regulator has opened consultation on new licensing rules for digital asset firms. The proposal allows firms to seek derivatives licenses within existing entities. The move targets broader access to crypto futures while tightening oversight standards.
Thailand Crypto Futures Framework Shifts Under Proposed SEC Rule Changes
Thailand’s Securities and Exchange Commission has proposed rule updates for digital asset operators. The agency aims to streamline licensing and expand derivatives offerings. Officials said the plan supports market growth and regulatory clarity.
The proposal removes the need for separate entities when applying for derivatives licenses. Licensed crypto firms could apply directly within current structures. This approach could lower operational barriers for market participants.
The regulator confirmed that earlier changes recognized digital assets as valid underlying assets. Futures contracts can now reference these assets under approved frameworks. The new proposal builds on that regulatory base.
Officials also introduced safeguards to address conflicts of interest within firms. They outlined stronger compliance and reporting standards for licensed entities. These measures aim to align with international derivatives practices.
The SEC said the consultation period will run until May 20. Industry participants can submit feedback during this period. Authorities will use responses to finalize the regulatory framework.
Global Crypto Derivatives Expansion Accelerates Alongside Regulatory Moves
Crypto derivatives activity has increased across major markets in recent months. Exchanges continue to expand offerings tied to digital assets and traditional markets. This trend reflects growing demand for leveraged trading tools.
Blockchain.com recently launched perpetual futures trading within its self-custody wallet. Users can open leveraged positions using Bitcoin as collateral. The system supports over 190 markets with leverage up to 40%.
The platform relies on infrastructure provided by Hyperliquid for execution. It allows traders to maintain custody of assets during trading. This structure reduces reliance on centralized exchanges.
Other platforms have introduced similar products targeting global users. Kraken and Coinbase launched perpetual futures linked to equities earlier this year. These products target non-US clients seeking continuous trading access.
Both exchanges continue to expand multi-asset trading environments. Their offerings support round-the-clock trading across different asset classes. This approach aligns with growing global trading demand.
Regulatory discussions in the United States may influence future availability. In March, official statements suggested progress on crypto perpetual futures approvals. Authorities indicated movement could occur within a short timeframe.
Bitcoin (BTC) reached a monthly high of $79,472 on Wednesday, marking its strongest 28-day return since April 2025. The rally aligns with a shift in a market positioning metric and a surge in leverage use.
A combined view of the market positioning metric and open interest shows new positions are being added, potentially influencing BTC’s push toward new highs.
BTC positioning builds with rising leverage
Bitcoin researcher Axel Adler Jr. said that the Bitcoin positioning index has turned higher, with its 30-day average rising to 4.5 from -10.9 in February. The indicator blends net taker flow direction, open interest trends, funding and the exchange balance into a single metric.
Its steady climb since late March, from 0.4 to current levels, shows a consistent improvement without breaking the price trend.
The growth in open interest confirms the same trend. The 30-day change stands at +14.5%, with 23 of the past 30 sessions closing positive. The rising positioning alongside expanding open interest signals new capital entering derivatives markets.
Over the past 24 hours, the aggregated open interest also rose 6.7% to 260,000 BTC, while the price experienced a 10.7% drop in leverage over the weekend.
Related: Bitcoin Bull Score hits six-month high as 2022 bear-market fears linger
Key BTC levels to watch
Bitcoin has moved above a descending trendline dating back to the October 2025 peak near $126,000 and has reclaimed the 100-day exponential moving average (EMA). This indicates a strong shift in trend from bearish to neutral-to-bullish on the higher time frame.
The $81,000 level now serves as the first test area, with a small fair-value gap indicating a liquidity imbalance, where a price hold would signal that buyers are accepting higher prices.
Above that, $88,000 stands as the supply zone tied to prior distribution. The $88,000–$91,000 range stands out as a key supply zone, shaped by a prior distribution phase when large volumes of Bitcoin last changed hands.
Many of those holders are now sitting near break-even or in slight profit, which typically increases activity when the price revisits that area.
Adding to this, the realized price of the three–to-six–month holder cohort sits at $91,600, further reinforcing this zone as a major decision point.
A sustained move through this range would signal strong demand, showing that buyers are absorbing overhead supply and setting the stage for Bitcoin price to move higher.
Crypto analyst Crazzyblockk highlighted a tight range, with the $72,000–$75,000 zone acting as a floor, supported by clusters of realized prices from mid-term holders. A break below this band would push more supply into loss, increasing the risk of reactive selling.
On the upside, the $83,000–$85,000 marks a profit-taking zone for recent short-term holders. Price strength through this range would signal that buyers are absorbing the supply, allowing momentum to build.
Related: ‘Powerful move’ looms for Bitcoin price, says Bollinger Bands indicator
This article is produced in accordance with Cointelegraph’s Editorial Policy and is intended for informational purposes only. It does not constitute investment advice or recommendations. All investments and trades carry risk; readers are encouraged to conduct independent research before making any decisions. Cointelegraph makes no guarantees regarding the accuracy or completeness of the information presented, including forward-looking statements, and will not be liable for any loss or damage arising from reliance on this content.
At the LONGITUDE crypto conference in Paris, industry leaders gathered to map the path from regulatory clarity to practical adoption of digital assets. In a fireside chat, Blockstream CEO Adam Back—an enduring figure in Bitcoin lore—addressed renewed speculation that he might be Satoshi Nakamoto, offering a measured denial while reflecting on why the mystery still captures the imagination of the space.
Back told Cointelegraph that the Satoshi rumor is flattering in some sense, but not accurate. He pointed to his long-running presence on early cypherpunk forums as a likely fuel for the assumption that he could have penned Bitcoin. “It is flattering in some sense that they think you could have done it,” he said, noting that he was “the reply guy” when electronic cash was a hot topic on the Cryptography Mailing List in the 1990s. When the Bitcoin white paper appeared in October 2008, he said, the public’s curiosity about Satoshi’s identity became a persistent talking point in the industry.
Beyond the personal intrigue, Back described the Satoshi mystery as an “interesting question” that the community has lingered on for years, without any conclusive answer. The exchange of ideas at LONGITUDE underscored a broader shift in crypto discourse—from secrecy and novelty to questions of regulation, market structure, and the practical growth of stablecoins.
Key takeaways
- Adam Back acknowledges the Satoshi speculation but firmly denies being the Bitcoin creator, attributing much of the conjecture to his historic participation in early cypherpunk discussions.
- MiCA is widely seen as a watershed for regulatory clarity, but industry leaders warn that heavy oversight could slow innovation if not balanced with global coherence.
- Proponents of a U.S. framework, including the CLARITY Act, expect a more stable environment for crypto firms, though terms remain unsettled, and some voices urge caution about implementation details.
- Major players in payments view stablecoins as well-suited for settlement, provided regulatory clarity, while last-mile integration into local economies remains the key hurdle for widespread adoption.
- Stablecoin circulation sits around $317 billion and has surged roughly 50% year over year, signaling continued growth but also a need to solve local adoption challenges beyond cross-border use cases.
Regulatory clarity and the competition for global coherence
Onstage conversations at LONGITUDE highlighted a regulatory landscape that many in the industry view as progressively clearer, yet uneven in its global reach. Erald Ghoos, CEO of OKX Europe, participated in a discussion asserting that the Markets in Crypto-Assets (MiCA) framework has been “extremely beneficial for the industry.” He argued that MiCA’s framework helps build trust by treating crypto as a regulated asset class and ensuring participants “will be vetted and held up to the highest standards.”
Yet Ghoos also cautioned that the heavy regulatory overhead could dampen entrepreneurial momentum in Europe. He warned that the burden might drive startups to seek more permissive jurisdictions, potentially slowing local innovation. That sentiment echoed broader industry concerns about fragmentation in global regulatory regimes—an issue voiced by CertiK CEO Ronghui Gu, who noted that developers and crypto firms still operate under divergent compliance standards depending on their region.
Industry observers also weighed the U.S. policy horizon. The CLARITY Act—posed as a framework to bring structure to the crypto sector—was discussed as a potential catalyst for adoption beyond traditional financial channels. Cardano Foundation CEO Frederik Gregaard argued that the act is “extremely important,” adding that policymakers appear eager to advance it. He predicted that once the CLARITY Act passes, non-TradFi adoption could accelerate dramatically, claiming a “100X” acceleration as classical industries begin to embrace the technology once regulatory clarity is in place.
However, not everyone shares the same level of optimism about timeline and interpretation. U.S. Senator Thom Tillis indicated that he does not expect the Senate Banking Committee to mark up the CLARITY Act in April and suggested scheduling for the following month. The evolving political process underscores a broader tension: the sector seeks rapid clarity, while lawmakers balance consumer protections, stablecoin risk, and financial-system resilience.
Ronghui Gu of CertiK framed the broader challenge as a call for a unified, global framework. Without one, developers and crypto companies must navigate a mosaic of national standards, creating friction for cross-border projects and complicating risk management and compliance in multinational deployments. The dialog at LONGITUDE thus underscored a central truth: regulatory clarity matters to players across the ecosystem, but it must be congruent across borders to unlock scalable growth.
Payments rails and the march of stablecoins: benefits, burdens, and the last mile
Another thread at the event explored how stablecoins fit into real-world payments—and the friction that remains before they reach everyday users. Mastercard’s Christian Rau, speaking on a panel with Stella Development Foundation’s Raja Chakravorti and Ethereum Foundation enterprise lead Matthew Dawson, framed stablecoins as particularly well-suited for payments when backed by regulatory clarity. He described stablecoins as having more predictable behavior than other digital assets, which helps them function effectively in settlement and commerce, while acknowledging that most real-time payment experiences still rely on traditional rails.
Rau characterized the current payments landscape as one where real-time-like experiences are possible in practice but not yet achieved end-to-end in a fully digital sense. He noted that the existing card- and bank-based systems still require steps of authorization, clearing, and settlement, which introduces latency and costs—albeit with a degree of immediacy that resembles real-time payments in many cases. The implication is that stablecoins, if properly integrated with clear regulatory guardrails, could streamline settlement in certain use cases, particularly cross-border and cross-ecosystem transactions.
On the adoption front, Chakravorti pointed to the roughly $317 billion in stablecoin circulation as of the event, up about 50% from a year prior. He observed early signs of cooling, a healthy signal that infrastructure is maturing. The larger takeaway, he said, is that the next frontier for stablecoins lies in “local stablecoins”—efforts to embed digital assets into domestic economies and legal tender ecosystems. The last mile, he emphasized, remains the principal barrier: turning digital assets into something that works smoothly within local financial systems and everyday commerce.
That last-mile bottleneck aligns with a broader assessment that widespread adoption hinges on bridging on-chain activity with off-chain financial systems. In this view, robust on- and off-ramp infrastructure, clear regulatory expectations, and interoperable standards will determine whether stablecoins transition from a mainly cross-border instrument to a pervasive domestic payments layer.
For readers watching regulatory developments, the LONGITUDE conversations offered a clear signal: clarity is not enough. The rules must be practical, globally coherent, and paired with the kind of interoperable infrastructure that makes digital assets usable in day-to-day life. The path forward will likely hinge on coordinating policy globally while continuing to build the technical and regulatory guardrails that give institutions, developers, and users confidence to participate at scale.
Overall, the event illustrated a crypto ecosystem at a crossroads: maintain the momentum of innovation while embracing a framework that both protects consumers and accelerates real-world adoption. As policymakers weigh fresh measures and industry players push for cross-border harmonization, readers should monitor how quick regulatory signals translate into tangible, usable solutions—especially in the crucial last mile that connects digital assets to everyday commerce.
Readers should watch for updates on MiCA’s rollout across Europe, the CLARITY Act’s path through U.S. channels, and how large-scale stablecoin deployments evolve in local economies. The next phase will reveal whether regulatory clarity translates into faster, broader adoption or if the pace of policy development outstrips practical deployment.
Iran’s Revolutionary Guard seized two container ships in the Strait of Hormuz on April 22, hours after President Trump extended the ceasefire with Tehran indefinitely, while confirming the US naval blockade of Iranian ports would remain in place.
Summary
- Iran’s Revolutionary Guard seized two ships in the Strait of Hormuz and fired on a third, citing maritime violations.
- Trump extended the ceasefire with Iran to allow for further peace talks but kept the US naval blockade active.
- Brent crude surged past $100 per barrel following the incidents, adding pressure to global energy markets and crypto assets.
Iran’s Islamic Revolutionary Guard Corps Navy announced on April 22 that it had seized two container ships transiting the Strait of Hormuz, citing what it described as maritime violations, according to NBC News and CNBC. The seizures came hours after President Trump announced an indefinite extension of the ceasefire with Iran, saying he was giving Tehran’s leaders time to produce a unified peace proposal, while making clear the US naval blockade of Iranian ports would not be lifted.
Iran Strait of Hormuz Seizures Shake the Fragile Ceasefire
The two vessels, the MSC Francesca and the Epaminondas, were escorted to Iranian waters after being intercepted by the IRGC Navy, with the Guard claiming one of the ships was linked to Israel without providing supporting evidence. A third vessel was also reportedly targeted and disabled off Iran’s coast. CNBC reported that Brent crude briefly surpassed $100 per barrel following the incidents, with international benchmark prices rising more than 1.8% as markets weighed the impact on a waterway that normally carries roughly 20% of global oil and liquefied natural gas supply.
Trump Extends the Ceasefire But Keeps the Blockade
Trump had previously vowed not to extend the ceasefire beyond its original deadline, but reversed course on April 21, announcing the extension to give Iranian leaders time to produce a unified response to US terms. NPR reported that Trump posted on Truth Social that Iran is “collapsing financially,” losing $500 million a day under the blockade, and that the US loses nothing by maintaining it. Iranian Foreign Minister Seyed Abbas Araghchi has rejected the administration’s framing, calling the blockade “an act of war” and a violation of the ceasefire agreement in its own right. Peace talks scheduled for Islamabad have stalled, with Iran’s negotiating team declining to participate while the blockade continues.
What the Hormuz Crisis Means for Bitcoin and Crypto Markets
The Strait of Hormuz has been a direct driver of Bitcoin volatility since the conflict began in February. As crypto.news has tracked, each escalation event in the strait has triggered immediate Bitcoin selling rather than safe-haven buying, with BTC dropping below $74,000 earlier this week as peace talk prospects faded. Oil prices remaining above $100 per barrel sustains the inflation narrative that has suppressed Federal Reserve rate cut expectations, creating a prolonged headwind for risk assets including crypto. Any resolution that reopens the strait and brings oil back toward pre-war levels near $65 to $70 a barrel would, according to analysts covered by crypto.news, represent the largest positive catalyst for digital asset markets since Bitcoin’s all-time high of $126,000 in October 2025.
The situation in the Strait of Hormuz remains highly fluid, with Iran’s seizure of the two vessels and the breakdown of Islamabad talks raising the risk of further escalation before any diplomatic resolution is reached.
North Korea’s Lazarus Group has launched a new macOS malware campaign called Mach-O Man that uses fake online meeting invitations to trick crypto and fintech executives into executing malicious commands on their own devices, according to blockchain security firm CertiK.
Summary
- Lazarus Group’s new Mach-O Man campaign uses fake meeting invites to lure executives into pasting malicious terminal commands on their Macs.
- The malware auto-deletes after execution, making the breach nearly impossible to detect through standard forensic methods.
- CertiK links the same Lazarus push to over $500 million stolen from DeFi platforms Drift and KelpDAO in the past two weeks.
North Korea’s Lazarus Group is running a new campaign dubbed Mach-O Man that targets executives at crypto, fintech, and other high-value firms by disguising malware delivery as a routine technical fix during a fake business meeting, according to CertiK senior blockchain security researcher Natalie Newson. The campaign was disclosed on April 22 and represents one of the group’s most operationally sophisticated social engineering methods to date.
Lazarus Group Crypto Hack Hides Behind Routine Business Communications
The attack chain begins with an urgent-looking meeting invitation sent over Telegram, impersonating a Zoom, Microsoft Teams, or Google Meet call. The link leads to a convincing but fake website that tells the victim to paste a single command into their Mac terminal to resolve an apparent connection issue, a technique CertiK identifies as ClickFix. Once executed, the command installs a modular malware kit built from native Mach-O binaries tailored for Apple environments, which profiles the host, establishes persistence, and exfiltrates credentials and browser data through a Telegram-based command-and-control channel. Critically, the toolkit auto-deletes after completing its task, making detection and forensic analysis extremely difficult. “These fake verification steps guide victims through keyboard shortcuts that run a harmful command,” CertiK’s Newson told CoinDesk. “The page looks real, the instructions seem normal, and the victim initiates the action themselves, which is why traditional security controls often miss it.”
Why This Attack Is Harder to Catch Than Standard Phishing
Unlike traditional phishing attacks that rely on urgency cues or suspicious sender addresses, the Mach-O Man campaign is designed to look entirely routine at the moment of delivery. Executives in crypto and fintech routinely receive cold outreach from investors, researchers, and business partners, making the fake meeting invitation format a credible lure in a way that generalized phishing often is not. CertiK’s analysis notes that the Mach-O Man framework is tied to Lazarus’ Famous Chollima unit and distributed through compromised Telegram accounts specifically targeting high-value organizations in the digital asset space. Most victims will not realize they have been compromised until well after the malware has erased itself. “They likely don’t know it yet,” Newson said. “If they do, they probably can’t identify which variant affected them.”
The Scale of the Lazarus Threat to Crypto in 2026
CertiK has linked the Mach-O Man campaign to a broader Lazarus offensive that has siphoned more than $500 million from DeFi platforms Drift and KelpDAO in under two weeks, adding to a cumulative theft total estimated at $6.7 billion since 2017. The United Nations has previously estimated that North Korean hackers have stolen several billion dollars in digital assets to fund the country’s weapons programs. “What makes Lazarus especially dangerous right now is their activity level,” Newson said. “This isn’t random hacking. It’s a state-directed financial operation running at a scale and speed typical of institutions.” CertiK is advising crypto professionals to independently verify all meeting requests through a separate channel before clicking any link or downloading any attachment from an unsolicited invitation.
CertiK has shared indicators of compromise tied to the Mach-O Man campaign with the broader security community to support detection and defense efforts across the industry.
Key takeaways:
-
US government bailout plans and currency swap lines with the UAE are easing global liquidity fears and lowering credit crisis risks.
-
Record Bitcoin ETF inflows and rising BTC miner profits suggest strong bullish momentum despite the ongoing war in Iran.
The total cryptocurrency market capitalization surged to an 11-week high on Wednesday as Bitcoin (BTC) climbed to $79,000 and Ether (ETH) reached $2,400. The bullish momentum occurred as investors grew more confident that immediate US recession risks were fading, despite sustained high oil prices resulting from the war in Iran.
Traders are now weighing whether Bitcoin and Ether are destined for further gains or if a short-term correction is imminent given that economic recession risks persist.
The tech-heavy Nasdaq-100 index reached a record high on Wednesday as traders awaited Tesla (TSLA US) quarterly earnings. Brent crude prices rose 9% over two days after reports indicated Iran targeted two vessels in the Strait of Hormuz. Elevated energy costs increase the likelihood of economic stimulus, providing a temporary buffer for risk assets.
US liquidity plans and Bitcoin ETF inflows may offset recession fears
US President Donald Trump reportedly stated during a CNBC interview that “the federal government should help” Spirit Airlines, a budget carrier that has experienced bankruptcy twice since 2025. The Trump administration previously provided capital to chipmaker Intel (INTC US), utility Southern Company (SO US) and defense contractor L3Harris (LHX US).
Direct US government intervention in private firms and the US Treasury signals that credit lines for allies have eased liquidity concerns. US Treasury Secretary Scott Bessent noted Wednesday that both the US and the United Arab Emirates would benefit from a currency swap line intended to “maintain order in the dollar funding markets.”
US allies are facing pressure to sell US bonds to raise dollars for local defense, imports and liquidity amid the collapse of oil revenue and disruptions in the Strait of Hormuz. Potential currency swaps ease these dollar shortages, preventing a spike in US Treasury yields. The overall impact includes lower borrowing costs and a reduced risk of an immediate credit crisis.
Six consecutive days of inflows into US-listed Bitcoin exchange-traded funds (ETFs), totaling $1.54 billion, have likely boosted sentiment. The successful launch of the Morgan Stanley Bitcoin Trust (MSBT US), which reached $145 million in total net assets in under three weeks, improved Bitcoin’s risk perception despite global socio-economic uncertainty.
Related: Bitcoin inflows to Binance fall to 2023 low as BTC bulls set target on $80K
Bitcoin miner profitability eases short-term sell pressure
As Bitcoin price neared $79,000, miner profitability hit its highest level since January, according to Luxor’s Hashprice Index.
Miners recently gained attention as firms sold significant Bitcoin holdings to fund investments in data centers and AI infrastructure. Examples include MARA Holdings (MARA US), Riot Platforms (RIOT US), Core Scientific (CORZ US) and Cango (CANG US). While higher profitability does not guarantee reduced selling pressure from miners, the bullish momentum creates an incentive to accumulate.
Ultimately, a short-term correlation with US stock markets continues to dictate cryptocurrency trends; therefore, the war in Iran and tech earnings remain decisive for trader sentiment.
As the US government signals that stimulus measures will be used to secure liquidity and address credit concerns, Bitcoin and Ether appear primed to sustain their upward momentum.
This article is produced in accordance with Cointelegraph’s Editorial Policy and is intended for informational purposes only. It does not constitute investment advice or recommendations. All investments and trades carry risk; readers are encouraged to conduct independent research before making any decisions. Cointelegraph makes no guarantees regarding the accuracy or completeness of the information presented, including forward-looking statements, and will not be liable for any loss or damage arising from reliance on this content.
BeInCrypto Institutional Research: 15 Companies Behind Digital Asset Compliance
How A Sci-Fi Series Defied Cancelation To Become A Netflix Streaming Hit
Manchester United have a young striker for next season despite cup final heartbreak
Manchester United reach agreement with Casemiro over contract clause amid transfer speculation
Steven Gerrard disagrees with Gary Neville over ‘shock’ Chelsea and Arsenal claim | Football
US brings back mandatory military draft registration
-
Sports6 days agoNWFL Suspends Two Players Over Post-Match Clash in Ado-Ekiti
-
Fashion5 days agoWeekend Open Thread: Theodora Dress
-
Politics5 days agoPalestine barred from entering Canada for FIFA Congress
-
Entertainment3 days ago
NBA Analyst Charles Barkley Chimes in on Ice Spice McDonald’s Fiasco
-
Business3 days agoPowerball Result April 18, 2026: No Jackpot Winner in Powerball Draw: $75 Million Rolls Over
-
Tech4 days agoAuto Enthusiast Scores Running Tesla Model 3 for Two Grand and Turns It Into Bare-Bones Go-Kart
-
Politics4 days agoZack Polanski demands ‘council homes not luxury flats for foreign investors’
-
Crypto World5 days agoRussia Pushes Bill to Criminalize Unregistered Crypto Services
-
Politics2 days agoGary Stevenson delivers timely reminder to register to vote as deadline TODAY
-
Politics8 hours agoDisabled people challenge government SEND proposals over segregation concerns
-
Business17 hours agoRolls-Royce Voted UK’s Most Iconic Trade Mark as IPO Register Hits 150
-
Politics8 hours agoMaking troops accountable for war crimes threatens US alliance, ex-SAS colonel warns
-
Business6 days agoCreo Medical agree sale of its manufacturing operation
-
Crypto World5 days agoRussia Introduces Bill To Criminalize Unregistered Crypto Services
-
Politics9 hours agoStarmer handler McSweeney to be dragged from shadows by Foreign Affairs Committee
-
Politics9 hours agoZack Polanski responds to home secretary’s taser threat
-
Politics10 hours ago
Wings Over Scotland | How To Get Away With Crimes
-
Crypto World4 days ago
Kelp DAO rsETH Bridge Hack Drains $292M as DeFi Losses Top $600M in Two Weeks
-
Politics7 hours ago‘Iran is still a nuclear threat’
-
Tech7 days agoFord EV and tech chief leaving automaker
You must be logged in to post a comment Login