Crypto World
Lazarus-linked macOS malware targets crypto and fintech sectors
Security researchers have linked a fresh macOS malware campaign to the Lazarus Group, the North Korea-linked hacking outfit responsible for some of the crypto sector’s most consequential losses. The campaign, tracked by researchers as the Mach-O Man kit, is deployed through the ClickFix social-engineering framework that targets a broad spectrum of firms, including crypto companies.
According to Mauro Eldritch, an offensive security expert and founder of threat-intelligence outfit BCA Ltd., the Mach-O Man campaign leverages convincing calls to lure victims into executing commands that quietly pull down the malware in the background. The tactic enables attackers to bypass conventional security controls and slip into credentials and broader corporate environments, a pattern documented in a Tuesday report that cites the Any.run macOS analysis sandbox as a primary source of insight.
The operation culminates in a stealer payload designed to harvest a wide range of sensitive data, from browser extension data and stored credentials to cookies and macOS Keychain entries. Once collected, the information is zipped and exfiltrated through Telegram, after which the toolkit performs a self-deletion routine using the system rm command to erase traces without requiring user confirmation.
The emergence of Mach-O Man fits into a broader narrative around Lazarus’ evolving targeting beyond purely crypto-native incidents, underscoring the risk to corporate networks and supply chains alike. The group has long been associated with some of the industry’s largest heists, including the $1.4 billion attack on the Bybit exchange in 2025, cited as the era’s largest cryptocurrency breach to date.
For context, researchers emphasize that Lazarus has continued to widen its toolkit and attack surface in recent months. In April, the group was tied to AI-enabled social-engineering campaigns that breached Zerion by gaining access to team members’ sessions, credentials and private keys. The Zerion incident illustrated how attackers can blend social engineering with credential theft to reach privileged accounts and sensitive assets. Further coverage on that event is available from Cointelegraph.
Key takeaways
- Mach-O Man, a macOS malware kit attributed to Lazarus by researchers, is distributed via ClickFix social-engineering campaigns that reach traditional businesses and crypto firms alike.
- The final payload acts as a stealer, extracting browser data, credentials, cookies and macOS Keychain entries, with data zipped and exfiltrated through Telegram before the kit self-destructs using rm to erase traces.
- Victims are lured into fake Zoom or Google Meet calls, where they are prompted to run commands that trigger malware installation and deeper access, bypassing typical endpoint protections.
- The Lazarus operation continues to broaden its target scope beyond crypto-native companies, aligning with broader industry observations of the group’s expanding playbook and infrastructure access.
- Contextual benchmarks include the Bybit hack in 2025 and the Zerion breach in April, illustrating a pattern of high-stakes intrusions that blend phishing, social engineering and credential theft.
Mach-O Man: unraveling the attack sequence
At the core of the Mach-O Man campaign is a staged social-engineering flow centered on convincing calendar invites for popular virtual-meeting platforms. Victims receive a prompt that resembles a legitimate meeting notification, prompting them to join a so-called “Zoom” or “Google Meet” session. In the guise of a routine setup, victims are then steered to execute commands that quietly download and install the Mach-O Man components in the background. This stealthy delivery pathway helps attackers sidestep many traditional controls and allows credential harvesting to proceed with limited user friction.
Once the stealer is deployed, the toolkit targets data of high value to attackers. It raids browser extension data, stored credentials, cookies and Keychain entries, among other sensitive locally stored information. The extracted material is packaged into a zip archive and sent to the operators via Telegram, a channel chosen for its speed and relative resilience against standard enforcement actions. Following data exfiltration, the malware deploys a self-deletion routine, removing the entire kit from the host using the rm command—effectively leaving minimal traces and complicating post-incident forensics.
Context and implications for the crypto security landscape
The Lazarus Group’s alleged involvement in Mach-O Man extends a well-documented pattern of sophisticated, long-running campaigns that intensify the risk profile for crypto firms and their ecosystems. The group has become a persistent thorn in the side of exchanges, wallet providers and project teams, with past operations demonstrating a capacity to scale beyond traditional targets and adapt to evolving defense postures.
Bybit’s stunning $1.4 billion breach in 2025 stands as a benchmark for the scale of Lazarus-driven intrusions, underscoring not only the capital at risk but the potential for cascading effects across liquidity, market making and user trust. In parallel, the Zerion incident in April showcased how AI-augmented social engineering can accelerate the theft of credentials and private keys by exploiting legitimate team workflows and authorized sessions. The combination of social engineering with credential access remains among the most challenging vectors for defenders to preempt, particularly on macOS environments where threat actors have previously found gaps in application controls and user vigilance. Related reporting on Lazarus-linked activity continues to surface across industry coverage.
Defensive lessons and what to watch next
Mach-O Man reinforces the need for macOS-specific defense postures that blend user-education, application-control policies and robust-measurement of endpoint behavior. Key mitigations include enforcing least-privilege execution, deploying application allowlists, monitoring for anomalous download-and-execute sequences triggered from trusted apps, and tightening the wing of endpoint detection to catch command-and-control-like behaviors associated with staged infection chains. Given that the exfiltration route leverages Telegram, security teams should review outbound intelligence on uncommon channels used for data transfer and consider network-level constraints that challenge rapid egress of sensitive information.
For practitioners, the takeaway is clear: even as crypto-specific threats remain high-profile, attackers are expanding their targeting to encompass traditional businesses and cross-sector networks. This broadening of Lazarus’ reach increases the potential attack surface for exchanges, custodians and infrastructure providers alike, reinforcing the case for comprehensive, cross-platform threat intelligence integration and rapid response playbooks that can pivot as new malware kits surface. Any.run analysis provides a technical backdrop for understanding the Mach-O Man kit’s behavior and evolution.
As the industry absorbs these developments, observers will be watching for how defenders adapt to macOS-focused campaigns and whether new variants of Mach-O Man emerge with enhanced evasion techniques or more aggressive data-collection capabilities. The convergence of social engineering, credential theft and automated self-deletion marks a troubling trend—one that demands renewed emphasis on user education, secure access controls and vigilant incident-response strategies.
Readers should keep an eye on any updates about Lazarus’ tactics across platforms, especially as security teams track potential shifts in the group’s tooling, command channels and preferred data-exfiltration methods. The coming weeks may reveal whether Mach-O Man is a standalone spike or part of a broader, ongoing shift in the threat landscape facing the crypto ecosystem.
Input Output, the private engineering company that built and continues to develop the Cardano blockchain, is seeking about half the funding it requested last year from the project’s community treasury.
The company submitted nine proposals totaling $46.8 million for 2026 on Tuesday, down from $97.5 million in 2025. Several of the proposals focus on scaling Cardano to increase its transaction processing capacity and expanding into Bitcoin DeFi.
Cardano, like most major blockchains, maintains a shared pool of money funded by network fees, which community representatives vote to allocate toward development work. Input Output historically has been the largest recipient because it employs most of the engineers building the underlying software.
The reduced ask is the first concrete step in a plan to phase out that dependency. Input Output said it now aims to shrink its annual request each year until the company can sustain itself on its own revenue, with community funds going instead to a broader set of smaller engineering groups.
By the end of 2026, Input Output expects smaller, more specialized teams to take on most of the work it currently does in-house, including firms such as VacuumLabs and Midgard Labs that focus on specific layers of the Cardano software.
Scaling and bitcoin DeFi
The nine proposals group into two themes. The larger funds a consensus upgrade called Leios, which Input Output claims will increase Cardano’s transaction processing capacity by 10 to 65 times, targeting more than 1,000 transactions per second.
For context, that would move Cardano from a relatively slower chain to one competitive with Solana and the fastest Ethereum layer-2 networks on throughput alone. Leios is scheduled for a test release in June and full deployment by year-end.
The second flagship proposal funds a system called Pogun, which aims to bring Bitcoin-based decentralized finance to Cardano. In practice, it would let bitcoin holders borrow and earn yield on their holdings through Cardano without giving custody to a centralized intermediary. Pogun’s lending component is targeted for public release in the second quarter.
Smaller proposals cover performance improvements to Cardano’s smart contract engine, security testing infrastructure, developer tools, and expanded API services.
Each proposal names specific delivery leads and ties funding to delivery milestones rather than releasing money upfront. Imagine paying a contractor in stages as different parts of a house are completed, instead of handing over the full budget at the start of construction.
Voting opens Tuesday and runs through May 24. The decisions are made by roughly 1,000 elected delegates known as DReps, who represent ADA holders much as proxy representatives do in a publicly traded company. Charles Hoskinson, the founder of Input Output, is scheduled to release a video this week making the case directly to those delegates.
The vote will test whether Cardano’s governance, which has expanded significantly over the past two years, treats Input Output like any other grant applicant or continues to approve its requests largely on a basis of deference.
Last year’s $97.5 million proposal passed, but in the interim the Cardano Foundation has taken over the project’s grant-funding arm, and Intersect, the governance organization running this vote, has assumed stewardship of core Cardano software. Both shifts mean alternatives to Input Output now exist in a way they did not when previous votes went through.
Meanwhile, Input Output also cited progress in the ecosystem in its release. A new Cardano stablecoin, USDCx, reached 14.6 million tokens in circulation within weeks of its launch. Total assets deposited on Cardano, a common measure of a network’s usage, rose from $137.5 million to $142.7 million over the same period.
Whether the full slate passes, gets partially funded, or is reshaped entirely by DReps will signal how much the Cardano community’s thinking has shifted now that the tools to fund development without Input Output exist.
Real-time deepfakes, phishing attacks, supply chain compromises and cross-chain vulnerabilities will likely be the root of some of the biggest hacks in 2026, according to CertiK senior blockchain investigator Natalie Newson.
The industry has already lost over $600 million to hacks in 2026, due largely to two North Korea-linked crypto thefts in April, including the $293 million Kelp DAO exploit on Saturday involving a single point-of-trust failure in cross-chain messaging protocol LayerZero’s infrastructure, and the $280 million exploit of the Drift Protocol.
Another DPRK-linked attack involved the use of AI for social engineering. Crypto wallet Zerion revealed on April 15 that North Korean-affiliated hackers used AI in a long-term social engineering attack to steal about $100,000 from the company’s hot wallets.
Newson warned that, in “some aspects,” the acceleration of AI will only worsen crypto attacks.
“The best way for investors to protect themselves is to be aware of the current threats they may face… For instance, to protect yourself against phishing, always verify the authenticity of URLs and smart contracts,” Newson said.
Newson said that as exploits become more sophisticated, retail investors should explore storage options outside of crypto exchanges.
“Using cold wallets can help keep assets that you don’t use regularly safe and allows you to sign transactions without ever exposing your private keys,” she said.
AI could be used to defend against attacks
“There are now more convincing deepfakes, autonomous attack agents, and ‘agentic AI’ that can autonomously scan smart contracts for bugs, draft exploit code and execute attacks at machine speed,” she said.
On April 6, Cointelegraph reported that a threat actor known as “Jinkusu” was allegedly selling cybercrime tools designed to bypass Know Your Customer (KYC) checks at banks and crypto platforms, using deepfakes and voice manipulation.
“At the same time, AI can also be one of the biggest defenses,” said Newson.
Cointelegraph recently reported that an increase in AI use has led to a flood of bug bounty submissions, both valid and invalid. Anthropic’s AI model Claude Mythos, claimed to have the ability to find vulnerabilities in major operating systems, has been deployed defensively with a release to a limited set of tech firms.
Regulators are escalating in response
CertiK shared with Cointelegraph in December 2025 that crypto hackers stole $3.3 billion in 2025.
The company said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February 2025.
Related: Telegram CEO Durov warns EU age-verification app could enable wider tracking
“The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem,” the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.
Regulators are responding. On April 9, the US Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) announced on Thursday that it is expanding its cybersecurity threat identification program to include digital asset companies.
Magazine: Adam Back says current demand is ‘almost’ enough to send Bitcoin to $1M
Institutional crypto trading platform GSR launched its first crypto exchange-traded fund on Wednesday, recording nearly $5 million in trading volume on its first trading day.
The GSR Crypto Core3 ETF (BESO) tracks the spot price of Bitcoin (BTC), Ether (ETH) and Solana (SOL) and offers staking rewards, GSR said in a statement on Wednesday.
In a separate post on X, GSR said it will be adopting a “dynamic allocation strategy” to optimize returns for the fund, which carries a 1% management fee.
BESO saw 185,574 shares traded worth about $4.8 million on its opening day, Nasdaq data shows. The fund closed at $26.04 but rose to $33 in after-hours trading.
GSR’s market entry coincides with a wave of Wall Street firms that have recently launched or signaled their intention to launch a crypto ETF.
Among them is investment bank Morgan Stanley, which launched a spot Bitcoin ETF on April 8 that has already attracted $163.8 million in net inflows.
On April 14, Goldman Sachs filed for a Bitcoin Premium Income ETF, enabling investors to earn passive income while still benefiting from potential price appreciation in Bitcoin.
GSR was founded by former Goldman Sachs traders Cristian Gil and Richard Rosenblum in 2013, making it one of the most established crypto market-making platforms in the industry.
Related: Charles Schwab to roll out spot Bitcoin, Ether trading for retail clients
GSR CEO Xin Song said the company expanded into the crypto ETF market to make its services available to a broader range of investors, adding:
“Our ETF strategy reflects our deep understanding of how this asset class is evolving.”
Bitcoin takes back seat in GSR fund model portfolio
GSR said allocations between Bitcoin, Ether and Solana for BESO will be rebalanced weekly based on “research-driven signals designed to pursue additional returns.“
GSR published a model portfolio analysis on Wednesday showing an optimized allocation between the cryptocurrencies, with Ether and Solana dominating at 51.4% and 41.67% respectively, while Bitcoin holds a smaller position at 6.93%.
Magazine: Adam Back says current demand is ‘almost’ enough to send Bitcoin to $1M
Binance.US has reduced its spot trading fees to 0% for makers and 0.02% for takers across all trading pairs.
Summary
- Binance.US now charges 0% maker fees and 0.02% taker fees across all spot trading pairs.
- The exchange removed volume tiers and subscription rules, making near-zero spot fees available to every user.
- The move increases pressure on Coinbase, Kraken, and Schwab as crypto trading competition grows faster.
The exchange said the new pricing applies to every user and does not depend on trading volume, account size, or subscription plans.
The move replaces the platform’s earlier tiered structure and expands zero-fee access beyond a limited number of Bitcoin pairs. Binance.US said the change takes effect immediately and is designed to lower costs for retail traders using the platform.
New pricing targets pressure from rivals
The updated fee model puts Binance.US below many major rivals in the US market. The company said the new structure could cut trading costs by as much as 98% compared with some competing platforms, where lower-volume users often face higher charges.
Coinbase’s public pricing shows spot fees for lower-volume traders can range from about 0.40% to 0.60%. Kraken also uses a volume-based model, with entry-level fees starting near 0.25% for makers and 0.40% for takers.
Charles Schwab also said last week that it plans to launch spot crypto trading for retail clients, starting with Bitcoin and Ether at a fee of 75 basis points per transaction.
Moreover, Binance.US said the reduced fees are backed by its trading infrastructure and recent internal controls work. The company stated that it completed a SOC 2 Type II audit covering its systems and controls before rolling out the new pricing model.
The change also follows the appointment of Stephen Gregory as chief executive. Binance.US said the broader fee cut builds on its earlier strategy of offering zero-fee trading on selected pairs, but now extends that approach to all spot markets on the platform.
Exchange remains under US scrutiny
The fee cut comes as Binance-related operations continue to face political and regulatory attention in the United States. Binance reached a $4.3 billion settlement with US authorities in 2023 over anti-money laundering and sanctions violations. Former chief executive Changpeng “CZ” Zhao also pleaded guilty to a felony charge as part of that case.
Binance.US has said it operates as a separate legal entity from Binance. A company spokesperson said Binance.US “operates independently from Binance.” Even so, pressure on the broader Binance brand has continued.
In 2026, lawmakers asked federal agencies to review whether Binance is meeting its obligations under a court-ordered monitoring program. Binance denied claims tied to Iran-linked transactions and called the reports “false” and unsupported by evidence.
Fee cut comes as US crypto market gets more competitive
The new pricing shows Binance.US is trying to compete more directly for spot market share at a time when more firms are entering or expanding in the US crypto sector. Lower fees may help the platform appeal to cost-conscious users who trade often and want simpler pricing.
At the same time, the exchange is making that move while the wider Binance group remains under close watch in Washington. That leaves Binance.US trying to balance aggressive pricing with the need to reassure users and regulators about its operating standards.
ETH derivatives show strong buyer dominance, leading traders to target $2,500 to $2,600 as the next crucial rally.
Ether (ETH) futures on Binance have risen to a near two-month high as aggressive buyers stepped into the market over the past week. Buy-taker volume rose above $5 billion, and the current setup suggests the ETH rally is poised to continue.
On Binance, the 24-hour cumulative net taker volume reached $5.5 billion, rising 72% from $3.2 billion earlier in the month. The metric tracks the difference between market buy and sell orders, indicating who is driving price action.
The 30-day average has stayed positive since March 1, returning to levels last seen in July 2022. The positive readings point to consistent buyer aggression.
Crypto analyst Amr Taha explained that when the buying spikes near local highs, it signals stronger conviction from participants. The sustained demand of this kind often keeps buyers in control of the short-term price direction.
Related: The quantum gap: Why Bitcoin and Ethereum are taking different paths on security
Ether’s $2,400 resistance hits a liquidity gap
The ETH price is compressing under the $2,400 level, a resistance that has been tested three times since Feb. 6. Each rejection has reduced the density of the overhead sell orders. A clean move above this level exposes the $2,475–$2,634 range, where a daily fair-value gap lies.
The gap formed during February’s sell-off marks an area where price moved quickly, leaving unfilled orders. ETH’s price may revisit these zones to rebalance flows as the momentum builds.
Ether is also attempting to reclaim the 100-day exponential moving average (EMA), a level associated with trend-continuation phases. The stability above this trend would reinforce the upward rally. The 200-day EMA is drifting toward the upper end of the imbalance zone near $2,634, creating a technical overlap with liquidity.
The derivatives positioning adds context. The futures cumulative volume delta (CVD) continues to climb toward $12.6 billion, while funding rates remain near neutral.
This indicates leverage has not expanded aggressively alongside price. The balance between buyers’ demand and measured leverage keeps the $2,475–$2,634 zone in focus as a near-term liquidity cluster.
Related: Singapore’s OCBC launches tokenized gold fund on Ethereum and Solana
This article is produced in accordance with Cointelegraph’s Editorial Policy and is intended for informational purposes only. It does not constitute investment advice or recommendations. All investments and trades carry risk; readers are encouraged to conduct independent research before making any decisions. Cointelegraph makes no guarantees regarding the accuracy or completeness of the information presented, including forward-looking statements, and will not be liable for any loss or damage arising from reliance on this content.
Key Highlights
- BTC surged to $79,472 on Wednesday, marking its strongest monthly performance since April 2025
- The positioning index for Bitcoin climbed to 4.5 from February’s -10.9, indicating strengthening market sentiment
- Total open interest increased 6.7% within 24 hours to reach 260,000 BTC, while futures OI jumped nearly 9% to $62B
- Optimism surrounding potential US-Iran peace negotiations lifted risk-on assets across markets
- Critical resistance levels are positioned at $83,000–$88,000, while support maintains around $72,000–$75,000
Bitcoin achieved a monthly peak of $79,472 during Wednesday’s trading session, representing its most robust 28-day gain since April 2025. The flagship cryptocurrency advanced more than 4% within a single day, approaching the psychologically significant $80,000 threshold as various blockchain analytics and derivatives indicators exhibited positive momentum.
Cryptocurrency analyst Axel Adler Jr. highlighted that the Bitcoin positioning index advanced to 4.5, a substantial improvement from February’s reading of -10.9. This composite indicator monitors net taker flow patterns, open interest dynamics, funding rate behavior, and exchange balance shifts through a unified measurement.
Total open interest expanded by 6.7% across a 24-hour period, reaching 260,000 BTC. The rolling 30-day change in open interest currently registers at +14.5%, with 23 out of the last 30 trading sessions concluding in positive territory.
Futures open interest for BTC experienced a dramatic surge of nearly 9%, pushing above the $62 billion threshold. CME’s open interest advanced 0.50% while Binance registered close to 2% growth following President Trump’s remarks regarding diplomatic negotiations.
President Donald Trump indicated that diplomatic discussions between the United States and Iran could potentially commence as early as Friday, as reported by the New York Post. This announcement followed his determination to extend the Iran ceasefire agreement without a defined endpoint.
Equity markets in the United States also registered approximately 1% gains on Wednesday, with the S&P 500, Nasdaq 100, and Dow Jones Industrial Average all posting advances. Risk-oriented assets responded favorably across the board to the geopolitical developments.
Iranian officials have yet to confirm their participation in the proposed negotiations. Complicating matters, Iranian military forces reportedly seized two commercial cargo vessels near the strategically important Strait of Hormuz just hours following the ceasefire extension announcement, introducing additional uncertainty.
Critical Price Zones Under Observation
Bitcoin has successfully breached a downward-sloping trendline originating from its October 2025 all-time high near $126,000 and recaptured the 100-day exponential moving average. The immediate test zone sits at $81,000, where a fair-value gap indicates potential liquidity imbalances.
The $83,000–$85,000 range represents a probable profit-realization zone for short-term position holders. Beyond that threshold, the $88,000–$91,000 corridor marks a significant supply concentration where substantial trading volumes previously occurred.
The realized price for holders in the three-to-six-month cohort currently stands at $91,600, reinforcing this range as a pivotal decision zone for market participants.
Market analyst Ali Charts identified a Morning Star candlestick formation developing on Bitcoin’s monthly timeframe — a three-candle reversal pattern that he interprets as evidence of seller exhaustion and emerging buyer dominance. According to his historical analysis, price action typically experiences an approximate 8% retracement before the primary upward movement initiates.
Support Zones and Downside Scenarios
Analyst Crazzyblockk pinpointed the $72,000–$75,000 range as a robust support foundation, reinforced by realized price concentrations from intermediate-term holders. A decisive break beneath this band could force additional supply into underwater positions.
Grayscale Research had previously indicated that Bitcoin most likely established a bottom formation within the $65,000–$70,000 corridor. The Bitcoin Bull Index shifted to neutral territory for the first time in half a year, according to CryptoQuant’s head of research, Julio Moreno.
Trading volumes contracted by 32% throughout the price recovery, suggesting measured caution among market participants despite the upward price movement.
BTC futures open interest across both CME and Binance platforms continued their upward trajectory as of Wednesday afternoon, reflecting sustained positioning activity in derivatives markets.
The U.S. Securities and Exchange Commission is approaching the release of an innovation-focused exemption intended to enable limited onchain trading of tokenized securities within a clearly cabined and compliant framework. The revelation comes from remarks by SEC Chair Paul Atkins at the Economic Club of Washington, signaling a deliberate step toward regulated experimentation in tokenized markets while the agency continues to flesh out longer-term rules. According to Cointelegraph’s coverage of the remarks, the exemption would provide a structured pathway for market participants to facilitate trading of blockchain-based securities without altering the agency’s broader securities framework.
In remarks that have drawn attention across regulatory and market circles, Atkins described the move as a pragmatic mechanism to facilitate regulated activity in tokenized markets in the near term, even as the commission works toward more comprehensive, future rules. “We are on the cusp of releasing what I call an ‘innovation exemption,’ which will provide market participants with a cabined framework to begin facilitating the trading of tokenized securities onchain in a compliant fashion as the Commission works toward long-term rules of the road,” he said. The November timing and the framing as a temporary, work-in-progress measure reflect a balance between investor protection and practical market development.
The exemption would not grant a broad license to tokenize securities, but would establish a controlled pathway for entities seeking to support onchain trading of digital securities. It aims to unblock limited pilot activities that could yield insights into how existing securities laws apply to blockchain-enabled markets, while preserving a strong supervisory framework. Atkins’ comments come after months of SEC deliberations on how tokenized securities should fit within the agency’s jurisdiction and how markets might operate under a clearer, interim structure. As context, he noted in July 2025 that the agency had been weighing targeted relief to support tokenization and new trading methods, underscoring a phased approach rather than an immediate overhaul of securities law.
Earlier, Commissioner Hester Peirce indicated that staff were still developing the exemption, seeking to balance experimentation with careful assessment of how onchain markets interact with current securities statutes. These discussions are part of the SEC’s larger project to clarify digital asset classifications and their regulatory treatment, as the agency continues to refine its approach to tokenized instruments while pursuing longer-term policy objectives.
Key takeaways
- The SEC is nearing an “innovation exemption” to permit cabined, onchain trading of tokenized securities within a compliant framework.
- The exemption would create a structured pathway for firms to facilitate tokenized securities trading as the SEC develops longer-term rules.
- The move builds on the agency’s token taxonomy guidance and its broader effort to delineate which digital assets fall under securities laws.
- The White House is reviewing the related interpretive guidance, with a formal decision still pending as of the latest updates.
- Market participants—exchanges, issuers, broker-dealers, and banks—will need to align compliance programs, licensing considerations, and AML/KYC processes with the evolving framework.
Strategic rationale behind the innovation exemption
The proposed exemption represents a measured attempt to address real-world constraints that have limited the growth of tokenized securities in the United States. By providing a cabined framework, the SEC seeks to enable permissible experimentation with blockchain-based trading while ensuring investor protection, auditability, and ongoing regulatory oversight. The approach acknowledges a regulatory gap: tokenized securities can leverage the benefits of distributed ledgers and programmable settlement, yet lack a clear, interim path for compliant operation. The exemption is intended as a practical stepping stone, allowing market participants to explore onchain mechanics, settlement, disclosure, and oversight within defined guardrails as the SEC implements longer-term rulemaking.
We are on the cusp of releasing what I call an “innovation exemption,” which will provide market participants with a cabined framework to begin facilitating the trading of tokenized securities onchain in a compliant fashion as the Commission works toward long-term rules of the road.
According to Cointelegraph’s reporting on Atkins’ remarks, the emphasis is on a controlled, up-and-running pilot path rather than an open-ended market license. The approach is intended to reduce regulatory ambiguity, support orderly transitions from traditional markets to tokenized equivalents, and inform subsequent rulemaking through practical experience. In this framing, the exemption serves as a bridge between today’s securities framework and tomorrow’s potentially tokenized market structure.
Regulatory scaffolding: taxonomy, guidance, and interagency process
The development of an innovation exemption sits within the SEC’s broader effort to clarify how digital assets are treated under federal securities laws. In March, the agency issued interpretive guidance that outlined a token taxonomy, categorizing digital assets into digital commodities, collectibles, tools, and stablecoins, with tokenized securities placed under the SEC’s core jurisdiction. The taxonomy was described as a long-overdue clarifying step intended to delineate when securities laws apply to onchain activities and how the SEC intends to coordinate with other regulators, notably the Commodity Futures Trading Commission.
The interpretive guidance was presented as a transitional tool ahead of potential market-structure legislation and as a means to establish clearer lines of authority in the evolving digital-asset landscape. In late March, the agency circulated the proposed interpretation to the White House for review, a step that regulators commonly take before formal publication. As of the latest records, the proposal remained under White House consideration, illustrating the cross-cutting nature of tokenized markets and the need for interagency alignment. The ongoing review underscores the regulatory complexity and the potential for cross-border differences in treatment of digital assets, including how MiCA and similar frameworks may interact with U.S. policy goals.
In parallel, SEC officials and commentators have framed the taxonomy as a bridge to future market structure legislation and as a means to delineate the SEC’s role relative to the CFTC. Atkins has described the taxonomy as a necessary, long-overdue step toward clearer rules for digital assets, signaling that the agency’s stance is moving toward greater clarity even as it pursues incremental, testable reforms in the near term. The White House review and potential alignment with broader international standards are likely to influence the precise scope and conditions of any innovation exemption.
Implications for market participants and compliance programs
For exchanges, broker-dealers, asset managers, and banking counterparts, the proposed exemption signals a shift from theoretical policy debates to pragmatic, rules-based experimentation. If adopted, the cabined framework would require firms to implement enhanced controls around onboarding, AML/KYC, trade reporting, collateral management, and disclosures—areas where the SEC has consistently emphasized investor protection and market integrity. Compliance programs would need to stay adaptable, balancing rapid experimentation with robust risk management, and ensuring alignment with continuing rulemaking and enforcement priorities.
The exemption would also have implications for licensing and supervisory oversight. As tokenized securities trading onchain expands, firms may require specific registrations or exemptions under the Securities Act, along with ongoing supervision by the SEC. Cross-border participants could face additional considerations, given diverging regulatory approaches in other jurisdictions and the EU’s MiCA framework, which adds another layer to global coordination on tokenized markets. The approach aims to reduce the risk of regulatory gaps, but it also raises questions about the timing, scope, and sequencing of enforcement actions as activities scale beyond pilot phases.
From an enforcement and compliance perspective, the interim nature of the exemption means firms should monitor evolving guidance, interpretive interpretations, and White House decisions closely. The pathway emphasizes transparency, recordkeeping, and clear delineation of the activities permitted under the cabined framework. Market participants may need to adjust internal controls to differentiate between permitted tokenized trading and activities that remain outside the exempted scope, ensuring that participation remains within regulatory boundaries while contributing data and experience to inform longer-term policy design.
Closing perspective
The push toward an innovation exemption highlights a deliberate, regulator-led balance between enabling structured experimentation in tokenized securities and preserving core investor protections. As White House review progresses and the SEC’s token taxonomy guidance continues to shape jurisdictional boundaries, market participants should prepare for a transitional period in which pilot activity informs future rulemaking, licensing requirements, and cross-agency coordination. The coming months will reveal how progressively clarified rules will interact with ongoing developments in both U.S. policy and global regulatory approaches, including MiCA considerations and cross-border supervision.
Crypto World
World Liberty accuses Justin Sun of ‘misconduct’ in response to Tron founder’s defamation claims
Ten months ago, Eric Trump was posting on X about how much he loved Justin Sun. This week, he’s likening a lawsuit from Sun to the infamous $6 million duct-taped banana.
Sun filed a complaint Monday in the Northern District of California, accusing World Liberty Financial of illegally freezing roughly four billion $WLFI tokens worth around $1 billion. The Trump-family-backed DeFi venture’s informal Tuesday response dismissed the suit as a “desperate” deflection and pledged to keep protecting its users, with co-founder Zach Witkoff accusing Sun of “misconduct.”
Justin Sun’s recent lawsuit against @worldlibertyfi is a desperate attempt to deflect attention from Sun’s own misconduct. His claims are entirely meritless, and World Liberty looks forward to getting the case thrown out promptly.
He engaged in misconduct that required World…
— Zach Witkoff (@ZachWitkoff) April 22, 2026
Neither he nor the company spelled out Sun’s alleged misconduct. A spokesperson for the firm declined to comment, instead referring CoinDesk to Witkoff and fellow co-founder Eric Trump’s posts on X.
The complaint itself may fill in the blanks. Sun alleged that World Liberty leveled a shifting set of accusations against him in private conversations and correspondence, none of which, he argued, the company has backed up with evidence.
According to the filing, World Liberty has at various points blamed Sun for the roughly 40% price crash $WLFI experienced on Sept. 1, 2025, the first day the token became tradable.
WLFI also claimed Sun drove down the price by short-selling perpetual futures on a centralized exchange, according to Sun’s complaint, an accusation Sun said is false, and that the complaint notes would be difficult to pin on him, given his transfers happened hours after the steepest drop.
World Liberty separately objected to Sun’s $100 million purchase of $TRUMP tokens from a different Trump-backed project, according to the filing, but Sun said this buy got the blessing of a Trump family member who is a partner in both ventures.
The company allegedly also accused Sun of acting as a straw purchaser for other investors in violation of his token purchase agreement, executing prohibited transfers to the exchanges HTX and Binance and submitting inadequate know-your-customer documentation, according to the filing.
“On September 25, 2025, Mr. Herro repeatedly threatened to report Mr. Sun to U.S. criminal authorities over these unspecified KYC issues — which Mr. Herro and World Liberty have refused to explain in anything other than the broadest terms despite repeated requests from Plaintiffs for additional information,” Tuesday’s filing said.
WLFI has yet to file a response to Sun’s suit.
Bitcoin has pulled back slightly after briefly approaching the $80,000 mark on Tuesday.
At the time of writing, it was trading at $77,794, still up 0.4% over the past 24 hours, after hitting a peak of $79,388 before gradually easing lower during the overnight session.
The 24-hour low of $77,464 was set Thursday morning, meaning the full range of the move was about $1,900. Ether (ETH) slipped 0.7% to $2,344, XRP (XRP) fell 1.7% to $1.42, solana (SOL) dropped 1.5% to $85.83, and BNB declined 0.6% to $635.
Brent crude held above $95 a barrel as the U.S. maintained its naval blockade on ships going to and from Iranian ports while Iran kept the Strait closed to almost all other international traffic. Iranian gunboats fired on commercial ships in the waterway on Wednesday.
Trump’s April 7 ceasefire remains in place “indefinitely,” but Vice President JD Vance’s planned Tuesday trip to Islamabad was called off after Iran declined to send a delegation. White House Press Secretary Karoline Leavitt said Trump has not set a firm deadline for an Iranian proposal.
The divergence in the top 10 backs the positioning read. Bitcoin is up 4% on the week, every other major is within 2% either direction, with ether and solana actually down.
When a rally concentrates in one asset while the rest of the complex fades, the source of the bid is usually narrow rather than broad.
Bitpanda CEO Lukas Enzersdorfer-Konrad took the opposite view, arguing the overnight push toward $80,000 signals digital asset industry maturity and resilience backed by institutional participation and clearer regulatory frameworks.
That framing is harder to reconcile with a market where bitcoin is leading alone amid thin altcoin participation and where funding rates have been negative for roughly 47 consecutive days, one of the longest stretches of bearish derivatives positioning on record.
A slide below $76,000 would mean the $79,388 high printed the top for this leg, and the next move requires either genuine Iran progress or a shift in the funding rate picture that pulls real capital back in.
TLDR
- SoFi Bank now allows customers to deposit XRP through its regulated crypto platform.
- Ripple stated that broader access supports long-term growth and strengthens XRP utility.
- SoFi operates under a nationally chartered bank regulated by the Office of the Comptroller of the Currency.
- The platform charges a flat 1% fee on every crypto trade executed within the app.
- Users must fund a SoFi Checking and Savings account before trading crypto assets.
SoFi Bank has enabled XRP deposits within its crypto platform, expanding regulated access for retail customers. Ripple welcomed the move and linked broader availability to long-term ecosystem growth. The update allows users to fund accounts, trade digital assets, and manage holdings in one app.
XRP Enters SoFi’s Regulated Crypto Platform
SoFi confirmed that customers can now deposit XRP through its crypto service. The platform already supports Bitcoin, Ethereum, and Solana. Therefore, users can manage multiple assets within a single mobile application.
The company operates through SoFi Bank, N.A., which the Office of the Comptroller of the Currency regulates. This structure places XRP access inside a federally chartered banking framework. As a result, customers interact with the asset through a regulated financial institution.
Ripple addressed the development in a post on X. The company stated that “broader access is key to long-term growth.” It added that availability through platforms like SoFi helps strengthen XRP’s utility and ecosystem participation.
SoFi explained that users must fund a SoFi Checking and Savings account before trading. After funding, the platform converts cash into stablecoins such as USDC to execute transactions. This process allows trades to settle efficiently within the system.
The company charges a flat 1% fee on every crypto trade. The execution price may include a small spread between market and transaction prices. This structure locks in rates when users place orders.
Customers can open accounts without monthly maintenance or opening fees. The process requires identity verification, including name, address, and Social Security number. Consequently, the onboarding process follows standard banking compliance procedures.
Broader XRP Adoption Expands Across Platforms
Ripple highlighted that expanding access supports long-term ecosystem development. The company said easier entry points encourage broader participation in the network. It maintained that utility grows as more platforms integrate the asset.
Rakuten recently added XRP support through Rakuten Wallet. The integration allows payments, trading, and loyalty point conversion within its ecosystem. Therefore, millions of users can access XRP services directly.
Exodus also expanded support for the XRP Ledger within its wallet services. The company introduced enhanced wallet tools and RLUSD integration. These updates increase functionality for users holding XRP-based assets.
Bitget Wallet integrated XRPL payment options and cross-chain features. The wallet also enabled QR-based payments and card transactions using XRPL infrastructure. Binance also expanded XRPL liquidity with RLUSD deposits, withdrawals, and new trading pairs.
SoFi’s integration now places XRP within another mainstream financial channel. The bank confirmed deposit support as part of its existing crypto offering. With this rollout, customers can access XRP directly through a regulated banking app.
UK mum flying to Switzerland for assisted dying after son’s tragic death: ‘I can’t wait’
Tesla lifts 2026 spending plans by a quarter as Musk funds AI and robotic dreams
Bitcoin DeFi pitched in $46 million proposal ask by Cardano team
Manchester United reach agreement with Casemiro over contract clause amid transfer speculation
Steven Gerrard disagrees with Gary Neville over ‘shock’ Chelsea and Arsenal claim | Football
US brings back mandatory military draft registration
-
Sports6 days agoNWFL Suspends Two Players Over Post-Match Clash in Ado-Ekiti
-
Fashion5 days agoWeekend Open Thread: Theodora Dress
-
Politics5 days agoPalestine barred from entering Canada for FIFA Congress
-
Entertainment3 days ago
NBA Analyst Charles Barkley Chimes in on Ice Spice McDonald’s Fiasco
-
Business4 days agoPowerball Result April 18, 2026: No Jackpot Winner in Powerball Draw: $75 Million Rolls Over
-
Tech4 days agoAuto Enthusiast Scores Running Tesla Model 3 for Two Grand and Turns It Into Bare-Bones Go-Kart
-
Politics4 days agoZack Polanski demands ‘council homes not luxury flats for foreign investors’
-
Crypto World5 days agoRussia Pushes Bill to Criminalize Unregistered Crypto Services
-
Politics2 days agoGary Stevenson delivers timely reminder to register to vote as deadline TODAY
-
Business20 hours agoRolls-Royce Voted UK’s Most Iconic Trade Mark as IPO Register Hits 150
-
Politics11 hours agoDisabled people challenge government SEND proposals over segregation concerns
-
Politics11 hours agoMaking troops accountable for war crimes threatens US alliance, ex-SAS colonel warns
-
Business6 days agoCreo Medical agree sale of its manufacturing operation
-
Crypto World5 days agoRussia Introduces Bill To Criminalize Unregistered Crypto Services
-
Politics12 hours agoStarmer handler McSweeney to be dragged from shadows by Foreign Affairs Committee
-
Politics12 hours agoZack Polanski responds to home secretary’s taser threat
-
Politics13 hours ago
Wings Over Scotland | How To Get Away With Crimes
-
Crypto World4 days ago
Kelp DAO rsETH Bridge Hack Drains $292M as DeFi Losses Top $600M in Two Weeks
-
Politics10 hours ago‘Iran is still a nuclear threat’
-
Business7 days agoCheaper Doritos and Lays helps PepsiCo win back struggling snackers
You must be logged in to post a comment Login