Crypto World
SEC’s Crypto Guidance Ends Years of Regulatory Ambiguity But Key Questions Remain
Lawyers say the joint SEC-CFTC framework is the most significant crypto regulatory development in years. But who decides when a token sheds its investment contract status, and what happens to DeFi, are still unanswered.
The SEC and CFTC’s landmark crypto taxonomy has been widely hailed as a decisive break from years of regulatory limbo but legal experts say one of its most consequential provisions raises more questions than it answers, with no formal process for issuers to find out if they’ve gotten it right.
At issue is the guidance’s framework for when a token initially sold as part of an investment contract can “separate” from that contract and trade freely.
Under the release, a non-security token becomes subject to an investment contract when an issuer sells it with promises to undertake “essential managerial efforts.” That investment contract ends when the issuer either fulfills those promises or publicly abandons the project.
But the document provides no mechanism for an issuer to obtain a definitive determination, leaving founders to make the call themselves, with enforcement as the backstop.
“This is the biggest open question in the entire 68 pages,” said Mike Katz, partner at law firm Manatt, Phelps & Phillip. “You are left to make that judgment yourself, and if the SEC disagrees, you find out in an enforcement action.”
Consider a team that launches a token promising a decentralized exchange, a governance module, and a cross-chain bridge. Two years later, the DEX and the governance module are live, but the bridge is still in development. Are the promises fulfilled? Partially? Does partial delivery count?
“The guidance does not say,” Katz said, “and there is no application process, no safe harbor letter, no bright-line test.”
Promising Less
Steve Yelderman, General Counsel of Etherealize, argues the provision inverts the incentive structure of the prior regime, where detailed roadmaps could be weaponized against founders in enforcement actions, and tokens could be stuck in regulatory limbo with no path out.
“Promising less can be a good thing,” he said. “A big point of the securities laws is to discourage managers from making false promises to investors,” Yelderman said. “If the law is making people think twice before making difficult promises, that’s not perverse, that’s the law working as intended.”
Yelderman also flagged a widely misread nuance in the provision.
“It’s not that the token sheds its security status,” he clarified. “We’re talking about when and how non-security tokens might be sold subject to an investment contract. The token itself was always a non-security — what changes is whether the surrounding transaction is a securities transaction.”
DeFi’s Hard Question
The guidance’s most notable silence is on fully permissionless DeFi protocols, platforms with no identifiable issuer, no pre-sale, and governance controlled entirely by on-chain token holders.
The SEC’s entire investment contract framework is built around an identifiable issuer making identifiable promises through official channels. That framework does not map when there is no one to hold responsible for “essential managerial efforts.”
Katz was direct.
“The SEC built a framework for the cases it knows how to analyze, centralized launches with identifiable actors. and deferred the cases it does not.” he said. “Silence from a regulator is not the same as approval.”
He expects a forthcoming rulemaking to include an “innovation exemption” that Chair Paul Atkins has referenced publicly, but said DeFi’s hard questions may not be resolved until that rulemaking arrives.
Yelderman said the document provides extensive characteristics for what constitutes a digital commodity, the category most mature DeFi governance tokens aspire to, and the 16 named examples give projects a concrete benchmark.
“Early on, a new DeFi protocol might need to navigate the investment contract guidance, depending on how it was initially funded and launched,” he said. “But the end game would be for the governance tokens to be recognized as a digital commodity. And there is a lot of guidance on the characteristics of digital commodities, which a project could use to get there with reasonable precision.”
Fractionalized NFTs
The guidance formally classifies NFTs and digital collectibles as non-securities, while flagging fractionalization as a potential securities offering.
Dividing a single NFT into fungible fractional shares, the document said, can constitute a securities offering because it introduces elements of shared investment and reliance on managerial efforts.
Yelderman said he thinks the market has overread the section. “Owning a digital collectible isn’t a security, any more than owning a physical Pokémon card would be,” he said. “But if you start doing things like fractionalizing the ownership, outsourcing management, and creating a fund to invest in collectibles, you need to do the full analysis. That’s all they’re saying, in my opinion.”
Katz was less sanguine.
“For protocols that have been offering fractionalization as a core product, this guidance is not ambiguous,” he said. “The SEC is saying: we see what you are doing, we get it, and it is a securities offering.”
Both Reg D and Reg A+ registration pathways exist, he noted, but represent a substantial compliance lift that most of these platforms have not taken on.
A Watershed Moment
Against that backdrop of open questions, experts were emphatic that the guidance represents a watershed moment for the industry. The core shift, according to Katz, is that the SEC has effectively reversed the presumption that defined the Gensler era.
“The Gensler-era position was that virtually every token was a security until proven otherwise,” Katz said. “This guidance inverts that presumption. Three of the five categories in the taxonomy are explicitly non-securities. The Commission is telling the market: we are regulating securities, not regulating crypto.”
For Yelderman, having any guidance at all is already significant.
“For years some in the government very openly used ambiguity and uncertainty to their strategic advantage,” he said. “It’s very good to see that era fully brought to a close.”
Arguably more important than any single classification, Katz said, is the fact that both agencies co-signed the taxonomy. It’s the first time the SEC and CFTC have publicly agreed on which assets belong to whom. “
David Carlisle, VP of Policy and Regulatory Affairs at Elliptic, said the guidance carries particular weight for traditional financial institutions that have been sitting on the sidelines.
“A more consistent taxonomy and aligned oversight give firms a clearer foundation to engage with digital assets in the US,” he said, “especially traditional financial institutions that have been reluctant to undertake certain activities owing to regulatory ambiguity.”
What Comes Next
The guidance is an interpretive release, not a formal rulemaking, which means it carries persuasive authority but does not bind future administrations. Chairman Atkins has signaled that formal rulemaking is forthcoming. Until that happens, Katz said, “this is a strong signal, not a guarantee.”
The SEC has invited public comment on the taxonomy and indicated it may refine the framework based on feedback, leaving open the possibility that some of the gray zones identified by legal experts could be addressed before the ink dries on a final rule.
For Carlisle, the shift in dynamic is already meaningful regardless of what comes next.
“The challenge now shifts to applying the SEC/CFTC interpretation in practice,” he said. “But there is now a more meaningful conceptual framework they can use to do so.”
Bitcoin searches for equilibrium at $70,000 while rising crude oil prices and tanking stock markets have investors worried over the future of inflation in the US.
Bitcoin’s (BTC) swift rejection from its $76,000 range high on Tuesday, and the subsequent sell-off below $70,000, raised concerns among traders that the bottom is not in for BTC.
Chartered market technician Aksel Kibar suggested that a bearish wedge pattern similar to the one seen from December 2025 to early January 2026 may be forming again.
Kibar said,
“Breakdown of the lower boundary will be the signal for a possible move towards $52.5K.”
Kibar also referenced an X social post from Jan. 18, 2026, where he explained that BTC would need to respect its year-long average as “part of the chop and search for a base.”
Kibar said that “the pattern can become a rising wedge, usually bearish in an attempt to test $73.7K-$76.5K support area.”
Bitcoin follows US stocks as high oil prices and rising inflation rock markets
Bitcoin’s tumble below $70,000 followed sharp selling in US stocks, where traders’ concerns over crude oil prices, the cost of the US and Israel-Iran war and its impact on inflation zapped investor confidence.
Related: Bitcoin vs gold shows potential bottom signals as BTC bulls defend $70K
In a post discussing how the current decisions by the Trump administration could impact inflation, The Kobeissi Letter said,
“The market now sees a 50% chance of a US Fed rate HIKE by the end of 2026. Just months ago, markets saw as many as four rate CUTS this year.”
In its BTC Options Weekly report, Glassnode analysts concluded that “Bitcoin has reintegrated its range after a short-lived deviation above the $75K level.”
The analysts explained that within the options market, Bitcoin’s “short gamma at $75K has been unwound.”
“Beneath the pullback, the breakout has lost momentum and range conditions are returning.”
This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision. While we strive to provide accurate and timely information, Cointelegraph does not guarantee the accuracy, completeness, or reliability of any information in this article. This article may contain forward-looking statements that are subject to risks and uncertainties. Cointelegraph will not be liable for any loss or damage arising from your reliance on this information.
The online gambling conversation used to revolve around a small group of major operators. DraftKings, along with a few other household names, dominated headlines, advertising, and player sign-ups. That has not changed entirely, but something else is happening alongside it. A growing number of players are actively searching for crypto-native alternatives, and platforms like ZunaBet are showing up in those searches with increasing frequency.
This does not mean ZunaBet is about to replace DraftKings. They serve different audiences in different ways. But understanding how they compare reveals a lot about where different segments of the gambling market are heading. Here is what each platform brings and where the differences matter most.
DraftKings: The Household Name
DraftKings grew from a daily fantasy sports startup into one of the biggest legal gambling operators in the United States. It is publicly traded, licensed across multiple US states, and backed by partnerships with major sports leagues and media companies. Its brand recognition is enormous, built on years of advertising during live sports broadcasts and integration into mainstream sports culture.
The sportsbook is the centrepiece. DraftKings covers NFL, NBA, MLB, NHL, soccer, tennis, golf, MMA, and just about every other sport with a significant American following. Live betting, same-game parlays, and regular promotional odds boosts keep the experience engaging for bettors who follow the major leagues closely.
Casino games are available in states that permit online casino gambling. The selection includes slots, table games, and live dealer options from recognized providers. The library is solid within each approved market, but availability and game count vary from state to state based on what local regulators allow.
All transactions at DraftKings run through traditional payment channels. Bank transfers, debit cards, and approved processors handle deposits and withdrawals. Full identity verification is required before any wagering can take place. These are standard conditions for any operator working within the US legal framework.
The loyalty program operates under the Dynasty Rewards banner. Players collect Crowns through wagering, which convert into DK Dollars at fixed rates. Multiple tiers exist, and the system provides some return on play. However, the actual percentage returned to players is modest, and the structure is designed more to encourage continued betting volume than to deliver substantial cashback.
DraftKings excels at what it was built for: serving American sports bettors within a regulated, fiat-based environment. For that specific audience, it is one of the best products available. But its design leaves gaps for players who want something different.
ZunaBet: Filling Those Gaps
ZunaBet launched in 2026 and was purpose-built for a different kind of player. It is operated by Strathvale Group Ltd, registered in Belize, and holds an Anjouan gaming license (ALSI-202510047-FI2). The founding team carries more than 20 years of combined experience across the online gambling industry.
The first thing that separates ZunaBet from a platform like DraftKings is the game count. ZunaBet hosts 11,294 games from 63 different providers. That library includes titles from Pragmatic Play, Hacksaw Gaming, Evolution, Yggdrasil, BGaming, and many more. Slots lead the catalog, but RNG table games and live dealer rooms with professional hosts contribute meaningful depth. No single US-regulated platform comes close to matching this number, primarily because regulatory requirements cap what can be offered in any given state.
The sportsbook at ZunaBet runs as a full product alongside the casino. Coverage spans football, basketball, tennis, NHL, and other major leagues. Esports betting goes deep with markets for CS2, Dota 2, League of Legends, and Valorant. Virtual sports and combat sports add categories that traditional sportsbooks often overlook. The entire offering operates as an integrated platform where switching between a casino session and a sports bet takes seconds.
Payments are crypto-first. ZunaBet accepts over 20 cryptocurrencies: BTC, ETH, USDT across multiple blockchain networks, SOL, DOGE, ADA, XRP, and additional tokens. The platform charges no processing fees, and withdrawals move quickly. Players use whatever coin they already hold in their wallet.
The welcome bonus package reaches up to $5,000 in matched deposits plus 75 free spins over three deposits. The breakdown is clean: 100% match up to $2,000 and 25 spins on the first deposit, 50% up to $1,500 and 25 spins on the second, and 100% up to $1,500 and 25 spins on the third. No progressive unlock systems or points-based release mechanics. Just clear matched deposits spread across three visits.
Native apps exist for iOS, Android, Windows, and MacOS. The web platform runs on HTML5 with a dark interface, responsive layout, and fast performance. Live chat support is available at all hours.
Games: Regulation Creates a Ceiling
DraftKings operates under state-by-state licensing in the US. Each state has its own gaming commission that approves which providers and games can appear on the platform. The result is that game libraries differ depending on where a player is located, and the total count in any single state is a fraction of what an internationally operating platform can offer.
ZunaBet does not face those constraints. With 63 providers contributing to the platform, the game catalog runs deeper and wider than what any single regulated US market permits. Players get access to studios and titles that may never appear on DraftKings due to licensing limitations. For anyone who values having the broadest possible range of games available at any time, the structural advantage sits firmly with ZunaBet.
This is not a criticism of DraftKings. The company operates within the rules of its markets. But it does illustrate why players looking for maximum variety often end up exploring platforms outside the traditional regulatory framework.
Sportsbook: Built for Different Audiences
DraftKings has one of the best sportsbooks in the US market. Coverage of American sports is excellent, the live betting product is smooth, and the promotional calendar keeps regular bettors engaged. If you want to bet on the Super Bowl, March Madness, or the World Series within a legal, regulated environment, DraftKings handles that about as well as anyone.
ZunaBet’s sportsbook takes a more global approach. Mainstream sports are well covered, but the platform also invests heavily in esports markets. Dedicated betting options for CS2, Dota 2, League of Legends, and Valorant reflect a deliberate choice to serve the growing audience of younger bettors who follow competitive gaming as closely as traditional sports. Virtual sports and combat sports fill out the rest of the lineup.
The audiences these sportsbooks serve overlap in places but diverge in others. DraftKings is optimized for American sports culture. ZunaBet is built for a global, digitally native audience that bets across categories. Neither approach is wrong, but one is more future-facing than the other as the betting audience continues to get younger and more internationally connected.
Bonuses: Structured vs Variable
DraftKings runs frequent promotions tied to specific sporting events. Odds boosts, deposit matches on certain occasions, and free bet offers appear regularly. The specifics change often, which keeps things interesting but can also make it difficult for players to plan around a consistent offer.
ZunaBet goes with a fixed welcome structure. Up to $5,000 across three deposits plus 75 free spins. First deposit gets 100% up to $2,000 and 25 spins. Second gets 50% up to $1,500 and 25 spins. Third gets 100% up to $1,500 and 25 spins. The offer does not change from week to week. Players know what they are getting before they sign up, and the three-deposit format gives them a reason to come back without adding any confusion.
Both approaches have their logic. But for players who prefer knowing exactly what a platform will give them upfront, ZunaBet’s transparency is appealing.
Loyalty: Volume vs Value
DraftKings Dynasty Rewards tracks wagering through Crowns, which convert to DK Dollars. The system has tiers and provides incremental returns. It functions as a standard rewards program that gives something back to active players, though the actual return rate stays relatively low across all tiers.
ZunaBet built its loyalty program around a dragon evolution concept featuring a mascot named Zuno. Six tiers carry defined rakeback percentages: Squire at 1%, Warden at 2%, Champion at 4%, Divine at 5%, Knight at 10%, and Ultimate at 20%. Each tier adds additional perks including free spins scaling to 1,000, VIP club access, and double wheel spins.
The contrast is significant. DraftKings rewards continued betting with modest returns. ZunaBet rewards continued betting with escalating returns that top out at 20% rakeback. For regular players comparing the long-term value of sticking with one platform, ZunaBet’s program returns substantially more at every level. That 20% ceiling is not standard in this industry. It is exceptional, and it gives serious players a financial reason to commit to ZunaBet over other options.
Payments: Two Different Worlds
DraftKings handles all transactions through traditional financial channels. Bank accounts, cards, and approved processors move money in and out. Deposits are generally quick, but withdrawals can involve waiting periods depending on the method. Identity verification is mandatory for every account.
ZunaBet runs entirely on crypto. More than 20 coins are accepted, including stablecoins on multiple chains. No platform fees are charged. Withdrawals are fast. There is no requirement to connect a bank account or go through the kind of identity verification that fiat platforms demand.
These are fundamentally different experiences. Players who operate within the traditional banking system and value regulatory oversight will naturally lean toward DraftKings. Players who hold crypto and want the speed, flexibility, and privacy that comes with it will find ZunaBet a far better fit. As crypto adoption continues to grow, the audience for platforms like ZunaBet grows with it.
What the Momentum Suggests
DraftKings has a locked-in position in the US gambling market. Its brand recognition, regulatory licenses, sports partnerships, and advertising spend ensure it will remain a dominant force for years to come. That is not in question.
What is worth watching is the growing interest in platforms like ZunaBet among a segment of the market that DraftKings was never designed to serve. Crypto-native players, international audiences, esports bettors, and players who want massive game libraries and generous loyalty returns are actively searching for alternatives. ZunaBet meets those players exactly where they are.
More games than any regulated US platform can offer. More cryptocurrency options than most crypto casinos provide. A sportsbook that covers traditional and emerging betting markets. A welcome bonus that is straightforward and generous. And a loyalty program that returns up to 20% to its most committed players.
DraftKings owns the present of mainstream American sports betting. ZunaBet is building something for the next generation of gamblers who think differently about payments, play differently across game categories, and expect more back from the platforms they choose. The search momentum suggests that audience is growing, and ZunaBet is exactly what they have been looking for.
TLDR:
- DarkSword exploits six iOS vulnerabilities, including three zero-days, requiring no user clicks to execute.
- Around 270 million iPhones running iOS 18.4 to 18.7 remain exposed until users update to iOS 26.3.
- Three threat actors, including Russian group UNC6353, are linked to the DarkSword exploit campaign.
- Apple has patched all six vulnerabilities; updating immediately is the fastest way to stay protected.
DarkSword, a newly identified iPhone exploit, is placing millions of crypto users at serious risk. Google’s Threat Intelligence Group disclosed the threat in March 2026.
The exploit targets devices running iOS 18.4 through 18.7. Estimates put the number of vulnerable iPhones at around 270 million.
The attack works silently in the background with no clicks required. A single visit to a compromised website can lead to a full device takeover.
How DarkSword Works and What Data It Can Steal
DarkSword exploits a chain of six vulnerabilities, three of which are classified as zero-days. When a user visits a fake or compromised website, hidden code activates on the device.
The process happens in the background, with no visible warnings shown to the user. There is no need for the user to click anything for the attack to succeed.
Once inside the device, attackers can access crypto wallet data and seed phrases stored on the phone. Saved passwords are also exposed, along with private conversations across Telegram, WhatsApp, and iMessage.
On top of that, the malware can extract photos, location history, and record audio through the device microphone.
Crypto Patel shared on X that attackers are specifically hunting for crypto wallet apps and seed phrases. That statement separates DarkSword from a standard espionage operation. It is a targeted financial attack designed to drain the holdings of crypto users.
The threat is especially serious for those who store seed phrases digitally. Security professionals have long advised against saving such data on a mobile device.
DarkSword now provides a concrete reason for crypto holders to reconsider how they secure sensitive information. Moving seed phrase storage offline is a practical step that reduces risk considerably.
Who Is Behind DarkSword and How to Protect Your Device
Google’s investigation linked DarkSword to three separate threat actors. Among them are Russian espionage group UNC6353, Turkish surveillance vendor PARS Defense, and an additional cluster known as UNC6748.
The presence of multiple well-resourced groups behind a single exploit makes the campaign particularly concerning.
Reported targets include users in Ukraine, Saudi Arabia, Turkey, and Malaysia. Still, because the attack spreads through websites, any iPhone user could encounter it. Location alone does not determine who is at risk. Users everywhere should treat the threat as active.
Apple acted swiftly and patched all six vulnerabilities connected to DarkSword. The fix is available through an update to iOS 26.3.
Users who delay that update remain exposed to the full scope of the exploit chain. This is the second major iOS attack reported this month, making timely updates more important than ever.
Beyond the software update, Apple’s Lockdown Mode provides an added layer of defense. Hardware wallets are the safest option for anyone holding large crypto amounts.
Avoiding suspicious websites and refraining from storing seed phrases on any phone remain practical steps every crypto user should follow.
Gold has slipped from above $5,200 while crypto bleeds and silver dumps, exposing “store of value” as a question of volatility, leverage and time horizon, not memes.
Summary
- Gold has dropped about 10–15% from its early‑March spike above $5,200 to around $4,560, but remains structurally elevated and keeps finding dip buyers near the mid‑$4,500s.
- Silver has been hit harder, sliding roughly 20% this month back toward the low‑$70s per ounce, underscoring its role as the high‑beta “altcoin” of the metals complex.
- Crypto is mirroring the direction with more violence: BTC stuck in the high‑$60,000s to low‑$70,000s, total market cap around $2.4 trillion, and Bitcoin dominance near 58% as capital hides in the least ugly risk asset.
Spot gold is trading just below $4,600 today, down roughly 10–15% from its early‑March blow‑off above $5,200, but still structurally elevated versus last year’s range. The parabolic spike has unwound, yet the metal holds a firm bid as a macro hedge, with buyers repeatedly stepping in on dips toward the mid‑$4,500s rather than capitulating en masse. Silver, by contrast, has been punished harder: spot sits around the low‑$70s per ounce after a ~20% month‑to‑date drawdown, with futures pointing to further downside if resistance near $74 holds.
Crypto is mirroring the metals’ directionality but with far more violence. Bitcoin trades around the high‑$60,000s to low‑$70,000s, off more than 4% in the last 24 hours and roughly $17,000 below its level a year ago, as leverage gets flushed out of the system. Total crypto market cap sits in the $2.4–$2.5 trillion band, with BTC dominance above 58%, underscoring how capital is crowding back into the most “respectable” corner of the asset class as altcoins underperform. The tape is classic deleveraging: failed intraday bounces, narrowing leadership, and a persistent bid for liquidity over narrative.
Set against that backdrop, the gold‑versus‑Bitcoin (BTC) framing looks less like a clean binary and more like a duration trade on macro stress. Gold below $4,600 is still signaling strong, but no longer panicked, demand for hard collateral from institutions that care about collateral rehypothecation, margin frameworks, and Basel treatment. Bitcoin around $70,000 is functioning as a high‑beta macro asset: sensitive to rates, dollar strength, and ETF flows, with predictions and technicals flagging risk of a deeper slide toward the mid‑$50,000s if support breaks. Silver, meanwhile, behaves like the altcoin of the metals complex—levered to growth and speculation, attractive on upside days, brutal when liquidity tightens.
For allocators, the positioning logic is blunt. In this regime, gold is the low‑volatility ballast: trim the chase from the $5,000 area, but keep core exposure as long as real yields and geopolitical noise stay elevated. Bitcoin is the liquid convexity leg within crypto, but it is not trading like a safe haven; sizing needs to reflect equity‑like drawdown risk, not ETF‑brochure marketing. Silver and high‑beta altcoins both belong in the same bucket: small notional, strict risk, used for targeted upside rather than any pretense of wealth preservation.
Rumors are circulating that a tentative deal has been struck between the White House and US lawmakers on stablecoin yield, potentially moving the CLARITY crypto market structure bill forward.
Republican Senator Thom Tillis and Democratic Senator Angela Alsobrooks, both members of the Senate Committee on Banking, Housing, and Urban Affairs, have reached an “agreement in principle,” according to a Friday Politico report.
“I think what it will do is to allow us to protect innovation, but also gives us the opportunity to prevent widespread deposit flight,” Alsobrooks said, adding that the deal prohibits stablecoin yield on “passive balances.”
Specific details of the prospective deal have yet to emerge, and Senator Tillis said the crypto industry must vet the agreement before it is finalized.
Cointelegraph reached out to the White House for details on the prospective deal but did not receive a response by the time of publication.
Speaking at the DC Blockchain Summit on Wednesday, Wyoming Senator Cynthia Lummis, one of the biggest advocates for digital asset policy on the Hill, said, “We are so close” to passing a comprehensive crypto regulatory framework.
A spokesperson for Senator Lummis told Cointelegraph on Wednesday that a deal is expected to materialize in “the next few days,” and that Senator Lummis is working to hammer out ethics language in the bill.
The Digital Asset Market Clarity Act of 2025, otherwise known as the CLARITY Act, is a major piece of crypto legislation and was widely anticipated to pass without issue after the GENIUS stablecoin framework was signed into law.
However, the bill stalled in January after major industry players, including crypto exchange Coinbase, voiced concerns, including whether stablecoin issuers could share yield with token holders.
Related: CLARITY Act risks handing crypto to centralized players: Gnosis exec
Banks are fearful that the bill will erode market share and cause deposit flight
The banking industry opposes yield-bearing stablecoins, citing concerns over the flight of bank deposits, which have yields far below 1%, and the erosion of banking market share.
Patrick Witt, the executive director of the White House Council of Advisors for Digital Assets, said that these concerns are overblown.
A wave of fresh capital will likely enter the US banking industry if dollar-pegged yield-bearing stablecoins are legalized and regulated, Witt said.
Magazine: Crypto wanted to overthrow banks, now it’s becoming them in the stablecoin fight
Google Threat Intelligence has flagged a new crypto-stealing malware named “Ghostblade” targeting Apple iOS devices. Described as part of the DarkSword family of browser-based tools, Ghostblade is engineered to siphon private keys and other sensitive data in a rapid, discreet burst rather than a continuous, always-on presence on the device.
Written in JavaScript, Ghostblade activates, harvests data from the compromised device, and relays it to malicious servers before shutting down. Researchers note that the malware’s design makes it harder to detect, as it does not require additional plugins and ceases operation once data extraction completes. Google’s threat intelligence team highlights that Ghostblade also takes steps to avoid detection by deleting crash reports that would otherwise alert Apple’s telemetry systems.
Beyond private keys, the malware is capable of accessing and transmitting messaging data from iMessage, Telegram, and WhatsApp. It can also harvest SIM card information, user identity details, multimedia files, geolocation data, and access various system settings. The broader DarkSword framework, which Ghostblade belongs to, is cited by Google as part of an evolving set of threats illustrating how attackers continually refine their toolkit to target crypto users.
For readers who track threat trends, Ghostblade sits alongside other components of the DarkSword iOS exploit chain described by Google Threat Intelligence. The set of tools is observed within a wider context of crypto-threat evolution, including reports on iOS-based exploit kits used in crypto phishing campaigns.
Key takeaways
- Ghostblade represents a JavaScript-based crypto-stealing threat on iOS, delivered as part of the DarkSword ecosystem and designed for fast data exfiltration.
- The malware operates briefly and non-continuously, reducing the likelihood of long-term device footholds and complicating detection.
- It can relay sensitive data from iMessage, Telegram, and WhatsApp, and can access SIM information, identity data, multimedia, geolocation, and system settings, while also erasing crash reports to evade discovery.
- The development aligns with a broader shift in the threat landscape toward social-engineering and data-extraction tactics that exploit human behavior, not just software vulnerabilities.
- February’s crypto-hacking losses dropped sharply to $49 million from $385 million in January, signaling a pivot from code-based intrusions to phishing and wallet-poisoning techniques, according to Nominis.
Ghostblade and the DarkSword ecosystem: what’s known
Google’s researchers describe Ghostblade as a component of the DarkSword family—a suite of browser-based malware tools that target crypto users by stealing private keys and related data. Ghostblade’s JavaScript core allows rapid interaction with the device while remaining lightweight and transient. This design choice is consistent with other recent on-device threats that favor quick data exfiltration cycles over prolonged infections.
In practice, the malware’s capabilities extend beyond mere key theft. By accessing messaging apps such as iMessage, Telegram, and WhatsApp, attackers can intercept conversations, credentials, and potentially sensitive attachments. The inclusion of SIM card information and geolocation access broadens the potential attack surface, enabling more comprehensive identity theft and fraud scenarios. Crucially, the malware’s ability to wipe crash reporting further obscures activity, complicating post-infection forensics for both victims and defenders.
As part of the broader DarkSword discourse, Ghostblade underscores the ongoing arms race in on-device threat intelligence. Google Threat Intelligence has framed DarkSword as one of the latest examples illustrating how malicious actors continue to refine iOS-focused attack chains, exploiting the strong trust users place in their devices and the apps they rely on for daily communication and finance.
From code-centric intrusions to human-factor exploits
The February 2026 crypto-hacking landscape reflects a marked shift in attacker behavior. According to Nominis, total losses from crypto hacks fell to $49 million in February, a steep drop from $385 million in January. The firm attributes the decline to a pivot away from purely code-based threats toward schemes that leverage human error, including phishing attempts, wallet poisoning attacks, and other social-engineering vectors that lead users to unwittingly reveal keys or credentials.
Phishing remains a central tactic. Attackers deploy fake websites designed to resemble legitimate platforms, often with URLs that mimic real sites to lure users into entering private keys, seed phrases, or wallet passwords. When users interact with these lookalike interfaces—whether by logging in, approving transactions, or pasting sensitive data—the attackers gain direct access to funds and credentials. This shift toward human-targeted exploits has implications for how exchanges, wallets, and users must defend themselves, emphasizing user education alongside technical safeguards.
The February data point aligns with a broader industry narrative: while code-level exploits and zero-days continue to mature, a growing share of the risk to crypto holdings comes from social-engineering exploits that exploit well-established human behaviors—trust, urgency, and the habitual use of familiar interfaces. For industry observers, the takeaway is not only about patching software vulnerabilities but also about hardening the human element of security through education, more robust authentication, and safer onboarding experiences for wallet users.
Implications for users, wallets, and builders
Ghostblade’s emergence—and the accompanying trend toward human-centered attacks—highlights several practical takeaways for users and developers alike. First, device hygiene remains critical. Keeping iOS up to date, applying app and browser hardening measures, and employing hardware wallets or secure enclaves for private keys can raise the bar against rapid exfiltration attacks.
Second, users should exercise heightened caution with messaging apps and web surfaces. The convergence of on-device data access with phishing-style deception means that even seemingly benign interactions—opening a link, approving a permission, or pasting a seed phrase—can become a gateway for theft. Multi-factor authentication, authentication apps, and biometric protections can help reduce risk, but education and skepticism about unexpected prompts are equally vital.
For builders, the Ghostblade case emphasizes the importance of anti-phishing controls, secure key management flows, and transparent user warnings around sensitive operations. It also reinforces the value of continuous threat intelligence sharing—especially around on-device threats that blend browser-based tools with mobile operating system features. Cross-industry collaboration remains essential to detect novel exploitation chains before they become widely effective.
What to watch next
As Google Threat Intelligence and other researchers continue to track DarkSword-linked activity, observers should monitor updates on iOS exploit chains and the emergence of similarly stealthy, short-duration malware. The February shift toward human-factor vulnerabilities suggests a future where defenders must bolster both technical safeguards and user-facing education to reduce exposure to phishing and wallet-poisoning schemes. For readers, the next milestones include any formal threat intel advisories on iOS crypto threats, new detections from security vendors, and how major platforms adapt their anti-phishing and fraud-prevention measures in response to these evolving playbooks.
In the meantime, keeping a watchful eye on threat intelligence backstops—such as Google Threat Intelligence’s reporting on DarkSword and related iOS exploits, along with ongoing analyses from Nominis and other blockchain security researchers—will be essential for assessing risk and refining defenses against crypto-focused cybercrime.
TLDR:
- Bitcoin trades near $70K ahead of Eid 2026, aligning with recent consolidation ranges.
- Historical Eid periods show mixed outcomes despite recurring increases in trading activity.
- Market participation often rises during Eid due to higher liquidity and festive spending.
- Price movements during Eid reflect broader cycles rather than fixed seasonal direction.
Bitcoin is trading near $70,000 as Eid 2026 approaches, reflecting steady market conditions. Historical data show that Eid periods often bring increased activity, though price direction varies each year depending on broader market cycles and liquidity conditions.
Bitcoin Holds Near $70K Ahead of Eid 2026
Recent market data places Bitcoin at $69,764.71, with a 0.23% daily increase. Estimates suggest a range between $65,000 and $75,000 during Eid 2026. This aligns with the consolidation seen throughout March.
A post from Syndicate Official noted similar expectations. The tweet pointed to current trading levels between $68,000 and $70,000. Such projections reflect cautious market positioning ahead of the holiday period.
Compared to past Eid cycles, current levels remain elevated. In 2024, Bitcoin traded near $69,350 during Eid. Meanwhile, 2023 and 2022 recorded lower levels at $27,270 and $38,520. This contrast shows stronger market positioning entering 2026.
Earlier cycles also showed upward movement. Bitcoin reached $2,590 in 2017 and $8,720 in 2020 during Eid periods. These shifts followed broader market expansions rather than isolated seasonal drivers.
Comparing Past Eid Cycles and Market Behavior
Historical patterns show increased trading activity during Eid. Liquidity often rises due to bonuses and festive spending. As a result, short-term buying pressure tends to increase during this period.
However, price direction has not remained consistent. While some years recorded gains, others showed declines despite higher participation. This indicates that external market conditions continue to guide price movement.
Social media discussions frequently mention the “Eid effect” in crypto markets. These narratives often point to higher retail engagement. Still, data suggest that broader trends remain the dominant factor in price behavior.
Institutional players also monitor these periods closely. Increased retail activity can create short bursts of volatility. Even so, overall direction depends on macro trends and ongoing market cycles.
While ETF outflows grabbed attention, about $13b quietly moved into crypto via OTC, prime brokerage, and private funds, showing institutional demand runs deeper than ETF dashboards.
Summary
- A Daily Chain briefing highlights roughly $13b in capital flowing into crypto this week via prime brokers, OTC desks, structured products, and private vehicles that never show up in ETF flow reports.
- Finery Markets data show institutional crypto spot OTC volumes jumped 109% year-over-year in 2025, far outpacing the 9% growth in top-20 CEX spot trading as large players favor discreet block execution.
- BlackRock’s recent $140m transfer of 47,728 ETH and 544 BTC to Coinbase Prime is a visible example of this “shadow” institutional channel, reinforcing that ETF data understates real big-money demand.
While Bitcoin (BTC) spot ETF outflows dominated market commentary this week — including a $129 million net redemption on Wednesday that snapped a seven-day inflow streak — a far larger and largely unreported capital movement was taking place in parallel: approximately $13 billion flowing into crypto through institutional channels that operate entirely outside the ETF wrapper and below the radar of most retail-facing data providers.
The figure, highlighted in today’s Daily Chain briefing, refers to capital moving through prime brokerage desks, OTC trading facilities, structured products, and private fund vehicles — the infrastructure layer that services sovereign wealth funds, family offices, hedge funds, and corporate treasuries that either cannot or choose not to access crypto through publicly listed ETFs. This distinction matters enormously for understanding the true state of institutional demand, which headline ETF flow data alone systematically understates.
The scale of this hidden layer has grown dramatically. Institutional crypto spot OTC trading rose 109% year-over-year in 2025, according to data from Finery Markets, as large players increasingly favored the price certainty, reduced market impact, and counterparty discretion that OTC desks offer over exchange-based trading. BlackRock’s $140 million deposit into Coinbase Prime earlier today is one visible example of this dynamic — a transaction that occurred entirely off-exchange and would not appear in any ETF flow report.
The $13 billion figure reframes this week’s narrative. The surface-level story — ETF outflows, fear readings, post-FOMC selling — has been unambiguously negative. But beneath it, a parallel institutional market has continued to absorb and deploy capital at a scale that dwarfs the retail-visible flows. This divergence between what the ETF dashboard shows and what is actually moving through institutional rails has become one of the defining features of the 2026 crypto market structure.
It also reflects a broader maturation of the ecosystem. Early institutional Bitcoin exposure was almost entirely channeled through Grayscale’s GBTC or other listed vehicles. Today, the institutional toolkit includes prime brokerage, segregated custody, structured notes, repo-backed leverage products, and direct OTC block trades — each serving different risk, regulatory, and operational requirements. US spot Bitcoin ETFs, for all their profile, now represent just one of many on-ramps.
For market observers, the practical implication is clear: judging the health of institutional crypto demand by ETF flows alone produces a distorted picture. The real money — sovereign funds, large family offices, multi-strategy hedge funds — has always operated in the shadows of the ledger, and the $13 billion moving through those channels this week suggests that conviction among the largest players remains considerably more intact than the fear index of 28 might imply.
Liu also added “head of gaming” at Solana Foundation to her X bio, in what appears to be a pointed joke.
Solana Foundation president Lily Liu said blockchain gaming is dead in an X post today, March 20. A later, self-proclaimed “shitpost” from the Foundation’s chief product officer poked fun at Liu’s statement, but the original post had already set off a wave of comments, both criticizing Liu’s take, and defending the future of web3 gaming.
Liu’s statement, which reads “Also, gaming on a blockchain is not coming back,” was a response to a March 18 X post from Polymarket claiming, somewhat misleadingly, that Meta is shutting down its metaverse division.
In what appears to be an act of self-aware irony, as of today, Liu’s X bio also says she is not only president, but also the “head of gaming” at Solana Foundation, a title that is absent from the exec’s LinkedIn and other profile bios.
No such role appears in any official Solana Foundation communications or staff listings The Defiant could find, strongly suggesting the title was meant to be ironic.
X account Solana Gaming added to the confusion with a post congratulating Liu on her new role as the Foundation’s head of gaming.
Liu has been notably dismissive of the blockchain gaming meta in recent months. In a more extended X post on Feb. 5, Liu said blockchain networks should focus on finance and tech for core use cases, writing:
“I am happy the misadventures around things like gaming in particular are fully dead and over.”
The Solana Foundation president continued, “This blockchain adventure has always been about finance: open financial rails for anyone and everyone on the internet.”
As The Defiant reported last April, MagicBlock’s $7.5 million seed round to build real-time gaming infrastructure on Solana was backed by Solana co-founder Anatoly Yakovenko himself.
Web3 Gaming’s Struggle
As The Defiant reported previously, blockchain-based and crypto-integrated games have struggled to sustain demand. While monthly investments in web3 gaming projects were in the tens of millions of dollars last year, per data from DappRadar, that interest is far lower than capital flows during the sector’s peak in 2021, when blockchain games raked in a total of $4 billion from venture capital firms.
Is Meta’s Metaverse Also Dead?
The Polymarket post about Meta’s metaverse shutdown, which Liu’s post today was a response to, was itself notably misleading. As WIRED reported yesterday, what Meta, the parent company of Facebook, WhatsApp, and Instagram, actually announced was the shutdown of its online, multi-player game Horizon Worlds in VR, reportedly via an email to users on Tuesday. Horizon Worlds, which is also referred to as a metaverse platform, is a project developed by Reality Labs, Meta’s metaverse arm.
However, the tech giant then quickly reversed course, with CTO Andrew Bosworth just days later stating that, in response to users, the company had decided to keep Horizon Worlds running in VR to support existing games and fans, though with limited support, and no new games or major investments.
This article was written with the assistance of AI workflows. All our stories are curated, edited and fact-checked by a human.
The exchange is offering leveraged contracts on major technology stocks and ETFs.
Coinbase on Friday rolled out perpetual futures contracts tied to U.S. equities, becoming one of the first major centralized exchanges to offer the product and expanding its derivatives lineup beyond crypto.
The contracts cover all seven Magnificent 7 stocks — Apple, Microsoft, Alphabet, Amazon, Nvidia, Meta, and Tesla — as well as ETF perpetuals tracking the S&P 500 (SPY) and Nasdaq-100 (QQQ) in select jurisdictions. They are available to eligible non-U.S. retail users on Coinbase Advanced and to institutions on Coinbase International Exchange.
The contracts trade around the clock, are cash-settled in USDC, and offer up to 10x leverage on individual stocks and 20x on ETF products. Like crypto perpetuals, they have no expiration date and use a funding rate mechanism to track spot prices.
Competing With DeFi
The launch positions Coinbase against decentralized platforms that have already built significant traction in equity-linked perpetuals. TradeXYZ, the perpetuals arm of Hyperliquid tokenization layer Unit, has crossed $1.4 billion in open interest and routinely processes more than $1 billion in daily volume, according to DeFiLlama.
Earlier this week, the platformlanded a license from S&P Dow Jones Indices to launch the first officially sanctioned S&P 500 perpetual futures contract on-chain — a milestone that lends institutional credibility to the DeFi side of the equity perps market.
Coinbase acknowledged in itsblog post that much of the demand for continuous equity exposure has been concentrated on decentralized venues.
The launch follows Coinbase’s recent push into European derivatives, where its MiFID-regulated entity began offering crypto futures across 26 countries earlier this month. The company said it plans to expand the lineup over time, adding more equities, indices, commodities, and other globally traded assets.
This article was written with the assistance of AI workflows. All our stories are curated, edited and fact-checked by a human.
how Agnes Hathaway chimes with the growing interest in ‘green witchcraft’
From Dinosaurs to Romance and Pirates
Bitcoin Wavers At $70K As Iran War Rocks Markets
Smart energy pays enters the US market, targeting scalable financial infrastructure
Why Israel is blocking foreign journalists from entering
Bitcoin: We’re Entering The Most Dangerous Phase
Bitcoin Live Trading: Final Warning Before The Next Big Move? Watch This Level! EP1939
Part 1 Funcionalidade Sistema Goat Ibex (Open Finance) #openfinance #vendas #erp #estoque #finance
Overdraft Against FDs#Finance options#Benefits #trending
-
Crypto World7 days ago
HYPE Token Enters Net Deflation as HyperCore Buybacks Outpace Staking Rewards
-
Tech5 days agoYour Legally Registered ‘Motorcycle’ Might Not Count Under Proposed US Law
-
Tech3 days agoAre Split Spacebars the Next Big Gaming Keyboard Trend?
-
Sports6 days ago
Why Duke and Michigan Are Dead Even Entering Selection Sunday
-
Business5 days agoSearch for Savannah Guthrie’s Mother Enters Seventh Week with No Arrests
-
Business6 days agoUS Airports Launch Donation Drives for Unpaid TSA Workers as Partial Government Shutdown Enters Fifth Week
-
Politics3 hours agoJenni Murray, Long-Serving Woman’s Hour Presenter, Dies Aged 75
-
Crypto World6 days ago
Coinbase and Bybit in Investment Talks: Could Bybit Finally Enter the US Crypto Market?
-
Business4 days agoAustralian shares drop as Iran war enters third week
-
Business6 days agoCountry star Brantley Gilbert enters growing non-alcoholic beer market
-
Politics3 days agoThe House | The new register to protect children from their abusers shows Parliament at its best
-
Crypto World4 days agoCrypto Lender BlockFills Enters Chapter 11 with Up to $500M in Liabilities
-
News Videos2 days agoRBA board divided on rate cut, unusually buoyant share market | Finance Report | ABC NEWS
-
Fashion4 days ago25 Celebrities with Curly Hair That Are Naturally Beautiful
-
Tech17 hours agoinKONBINI Lets You Spend Summer Days Behind the Register
-
Crypto World2 days agoCanada’s FINTRAC revokes registrations of 23 crypto MSBs in AML crackdown
-
Fashion4 hours agoWeekend Open Thread: Adidas – Corporette.com
-
Politics3 days agoReal-time pollution monitoring calls after boy nearly dies
-
Crypto World6 days agoCrypto Losses Drop 87% in February, But Hackers Are Now Targeting People, Not Code
-
NewsBeat2 days agoResidents in North Lanarkshire reminded to register to vote in Scottish Parliament Election
You must be logged in to post a comment Login