U.S. Dissolves Cryptocurrency Legal Team

In this week’s cybersecurity roundup, the Information Security Media Group highlights the dismantling of a Department of Justice unit focusing on cryptocurrency crimes, developments from the U.S. Securities and Exchange Commission (SEC), a record bug bounty from the decentralized protocol Usual, as well as an alarming phishing campaign and ongoing FTX repayment issues.

The U.S. Department of Justice has officially disbanded its National Cryptocurrency Enforcement Team (NCET), refocusing its efforts on investigations related to terrorism, drug trafficking, and organized crime. Deputy Attorney General Todd Blanche criticized the prior administration’s aggressive action by labeling it a “reckless strategy of regulation by prosecution,” as reported by Reuters. Established in 2022, the NCET managed significant prosecutions, including that of cryptocurrency major Binance and its founder for money laundering. This shift presents a more lenient approach toward cryptocurrency under the current administration, aligning with a Trump executive order promoting accessible blockchain technologies.

Acting SEC Chair Mark T. Uyeda has instructed staff to reassess previous agency statements concerning cryptocurrency and securities, aiming to align them with fresh priorities under the Trump administration. This initiative evolves from an executive order promoting economic growth via deregulation, prompting a review of critical documents, including a 2019 framework analyzing the Howey test’s application to digital assets. This review comes at a time when the SEC acknowledges that many meme cryptocurrencies might not qualify as securities. Furthermore, previous warnings about investing in Bitcoin futures may also be revisited due to significant market developments.

The decentralized stablecoin protocol Usual has unveiled what it claims to be the largest bug bounty in tech history, offering $16 million for identifying critical vulnerabilities within its codebase. In collaboration with blockchain security firm Sherlock, Usual seeks to encourage ethical hackers to spot security flaws before exploitation. This unprecedented payout surpasses previous high-stakes bounties within the cryptocurrency sector and even Google’s annual bounty program.

A phishing initiative named “PoisonSeed” has been identified as a significant threat, targeting corporate email marketing accounts to siphon off cryptocurrency. Reports indicate that the campaign compromises accounts from prominent platforms such as Mailchimp, SendGrid, and HubSpot. Attackers focus on high-level employees and use spoofed login pages to harvest credentials, subsequently sending out phishing emails that mislead recipients into transferring assets under false pretenses. This incident highlights the persistent threat of initial access tactics, as defined by the MITRE ATT&CK framework, involving phishing as a method to gain unauthorized entry into systems.

Close to 400,000 creditors of the defunct cryptocurrency exchange FTX stand at risk of forfeiting approximately $2.5 billion, failing to initiate the necessary Know Your Customer (KYC) process. An update from the U.S. Bankruptcy Court for the District of Delaware noted that while the KYC deadline has been extended to June 1, claims from unverified creditors may be permanently disqualified thereafter. This development reinforces the need for robust organizational policies around identity verification to safeguard against losses in bankruptcy scenarios.

In response to widespread user confusion, Coinbase is set to modify an error message in its account activity logs that has erroneously indicated account breaches. Over the past weeks, users confused by messages such as “second_factor_failure” mistakenly believed their accounts had been compromised. Coinbase recognizes the need for more precise messaging to reduce anxiety and encourages better understanding among users regarding account security. This response underscores the critical importance of clear communication protocols in cybersecurity practices to maintain user confidence and security.