turp182 shares a report from Ars Technica: Hackers drained millions of dollars in digital coins from cryptocurrency ATMs by exploiting a zero-day vulnerability, leaving customers on the hook for losses that can't be reversed, the kiosk manufacturer has revealed. The heist targeted ATMs sold by General Bytes, a company with multiple locations throughout the world. These BATMs, short for bitcoin ATMs, can be set up in convenience stores and other businesses to allow people to exchange bitcoin for other currencies and vice versa. Customers connect the BATMs to a crypto application server (CAS) that they can manage or, until now, that General Bytes could manage for them. For reasons that aren't entirely clear, the BATMs offer an option that allows customers to upload videos from the terminal to the CAS using a mechanism known as the master server interface.

Over the weekend, General Bytes revealed that more than $1.5 million worth of bitcoin had been drained from CASes operated by the company and by customers. To pull off the heist, an unknown threat actor exploited a previously unknown vulnerability that allowed it to use this interface to upload and execute a malicious Java application. The actor then drained various hot wallets of about 56 BTC, worth roughly $1.5 million. General Bytes patched the vulnerability 15 hours after learning of it, but due to the way cryptocurrencies work, the losses were unrecoverable. [...] Once the malicious application executed on a server, the threat actor was able to (1) access the database, (2) read and decrypt encoded API keys needed to access funds in hot wallets and exchanges, (3) transfer funds from hot wallets to a wallet controlled by the threat actor, (4) download user names and password hashes and turn off 2FA, and (5) access terminal event logs and scan for instances where customers scanned private keys at the ATM. The sensitive data in step 5 had been logged by older versions of ATM software.

Going forward, this weekend's post said, General Bytes will no longer manage CASes on behalf of customers. That means terminal holders will have to manage the servers themselves. The company is also in the process of collecting data from customers to validate all losses related to the hack, performing an internal investigation, and cooperating with authorities in an attempt to identify the threat actor. General Bytes said the company has received "multiple security audits since 2021," and that none of them detected the vulnerability exploited. The company is now in the process of seeking further help in securing its BATMs.

The Securities and Exchange Commission issued crypto exchange Coinbase a Wells notice, warning the company that it identified potential violations of U.S. securities law. CNBC reports: "Based on discussions with the Staff, the Company believes these potential enforcement actions would relate to aspects of the Company's spot market, staking service Coinbase Earn, Coinbase Prime and Coinbase Wallet," Coinbase said in a regulatory filing. "The potential civil action may seek injunctive relief, disgorgement, and civil penalties."

Coinbase described the investigation as "cursory," and said the Wells notice provided relatively little information about potential violations. "Although we don't take this development lightly, we are very confident in the way we run our business -- the same business we presented to the SEC in order for us to become a public company in 2021," Coinbase Chief Legal Officer Paul Grewal said in a blog post. The company said that until the resolution of any legal processes, the exchange's offerings would continue to operate as usual.

An anonymous reader quotes a report from CoinDesk: Crypto ads in Belgium must be accurate and warn investors of the risks under new laws announced by the country's financial regulator Monday. Powers published in Belgium's Official Gazette on Friday mean any mass-media campaign to promote a digital currency would have to be submitted to the Financial Services and Markets Authority (FSMA) 10 days in advance, allowing the regulator to intervene if needed.

"Virtual currencies are all the rage at the moment, but they involve considerable risk," the FSMA said in a statement. "They are often subject to wild price fluctuations and are vulnerable to fraud and IT-related risks." The new rules, which will take effect on May 17, require ads to state that "the only guarantee in crypto is risk." Belgium joins European countries such as Spain and the U.K. in imposing restrictions on publicity campaigns, which often mirror those already in place for traditional finance.

Axios remembers that it was just nine days ago that there were "concerns" about Silicon Valley Bank at venture capital firm. And soon Founders Fund's top operations executives "were on the phone, quickly deciding to move firm capital to a number of bigger banks." Firm founder Peter Thiel was not part of the conversation. One source says that the assumption was that they'd return the money to SVB after the crisis had ended....

Founders Fund wasn't the only venture capital firm giving this sort of warning to portfolio companies, nor necessarily the first, but word of its advice spread like wildfire (it also ended up in media reports, including one from Axios). Almost immediately, the firm came under withering criticism from some other venture capitalists, accusing Founders Fund (and Thiel personally) of sparking a bank run that ultimately led to $42 billion in withdrawals. Some even speculated that it was intentional, as payback for some unknown grudge between the two groups.
Earlier this week the Washington Examiner chronicled some of that criticism: "There should be more scrutiny of Peter Thiel and [hedge fund manager] Bill Ackman for yelling fire in a crowded theater in this SVB collapse," tweeted CNBC host Sara Eisen [on Monday]. Others turned their focus to Thiel's promotion and subsequent profiting off of crypto investments after the market crashed as a reason to be suspicious of his withdrawals. "You mean the guy who was touting crypto and trashing critics while he was selling crypto? That guy? Shocker!" tweeted tech journalist Kara Swisher.
But Peter Thiel says he actually left his own money in the bank, reports Business Insider: "I had $50 million of my own money stuck in SVB," he told the Financial Times.... Thiel told the Financial Times that he did not believe the SVB would fail last week.

Other venture capital firms — including Coatue Management, Union Square Ventures, and Founder Collective — had similarly advised startup clients to transfer money from SVB after the bank revealed a $1.8 billion loss and the bank's share price collapsed. These firms have pushed back against accusations that they were spreading panic, saying that they were giving financial advice they believed would be in the best interest of their clients....

Thiel told the Financial Times that his account was frozen on Friday when regulators stepped in and took control of the bank. However, it is once again accessible after the US government stepped in earlier this week and shored up all customer deposits in SVB.

On Monday, Binance said it would suspend withdrawals and deposits for anybody using UK currency. The news came after the world's largest crypto exchange's banking partner in the UK, Paysafe, said it was abandoning crypto, at least as far as Binance was concerned. Gizmodo reports: In a statement to Gizmodo, a Paysafe spokesperson said that it was "too challenging" to offer its embedded wallet cryptocurrency services to UK customers because of the regulatory atmosphere in the UK. Paysafe is based in London, and said this decision was "taken in an abundance of caution." Paysafe did not clarify whether it was abandoning crypto altogether, or just in its partnership with Binance. Paysafe called its UK portion of its crypto business "small" but clarified it was still working with Binance elsewhere in Europe and in Latin America.

Binance suspended withdrawals and deposits for any new customers using British pounds late on Monday, and according to Bloomberg the crypto exchange plans to suspend all GBP transactions for all customers starting May 22. The company is reportedly working to find "an alternative solution" to again allow customers to trade GBP for crypto.

Meta's head of commerce and financial technologies Stephane Kasriel posted on Twitter that the company will sunset its NFT and digital collectibles features on Instagram and Facebook. TechCrunch reports: This short-lived product only began testing with select Instagram creators last May, plus some Facebook users in June. By July, Meta expanded NFT support on Instagram for creators in 100 countries. Less than a year later, Meta is moving on from NFTs. "We're winding down digital collectibles (NFTs) for now to focus on other ways to support creators, people, and businesses," Kasriel wrote in a Twitter thread.

A Meta spokesperson told TechCrunch that it is shifting its investments away from NFTs toward products like Meta Pay, as well as features that enable creators to earn money directly on Meta platforms, like its tipping feature called gifts. The company also said it is testing ways for creators to earn ad revenue on Reels. "Let me be clear: creating opportunities for creators and businesses to connect with their fans and monetize remains a priority, and we're going to focus on areas where we can make impact at scale, such as messaging and monetization opps for Reels," Kasriel wrote.

Decentralized lending protocol Euler Finance was hit by an attack that drained $197 million in cryptocurrencies from its platform on Monday, making it the largest hack in its corner of the digital-assets market this year. From a report: The bulk of the hacker's loot -- worth roughly $135 million -- was denominated in staked Ether tokens (stETH), while the remainder was held in wrapped Bitcoin and stablecoins DAI and USDC, according to security firm BlockSec. Some of the proceeds from the attack are already being laundered through Tornado Cash, a US-sanctioned platform which enables users to obfuscate their transaction history, security companies PeckShield Inc and Elliptic said.

The incident on Monday morning in London has almost wiped out Euler's on-chain value, leaving only around $9.7 million locked on the platform, data from DeFiLlama show. Euler Finance allows users to lend and borrow large amounts of cryptoassets through an automated service that does not require human intervention. The protocol's EUL token fell more than 50% to a low of $2.88 after the attack was disclosed, according to pricing data from CoinGecko. Details of the hack weren't immediately provided by the platform's developer Euler Labs.

"Crypto firms should do their work within the bounds of the law, or they shouldn't do it at all," says the head of America's Securities and Exchange Commission, which regulates US. investment markets.

In an editorial published in The Hill, SEC chair Gary Gensler warns that instead cryptocurrency has many "trusted" intermediaries that are in fact non-compliant with U.S. securities law. Today, crypto is dominated by a handful of trading, lending, staking, and other financial intermediaries. The investing public is trusting these entities to be responsible with investors' assets. According to some data, the three largest crypto trading platforms purportedly account for almost three quarters of all trading volume. Crypto entrepreneurs might claim, in their own marketing materials, that they're transparent and regulated. But make no mistake: Very few, if any, are actually registered with the SEC and fully compliant with the federal securities laws.

The lack of compliance puts investors' hard-earned assets at risk. Investors lack fundamental disclosures about the crypto assets themselves and the firms who execute their trades and custody their assets: What are firms doing with customer assets? How are they funding their promised returns? Are they putting their hands in investors' pockets? When you buy or sell a token, are you trading against the house? What are the rules to protect against manipulation and fraud? Without disclosure and other investor protections, we simply don't know.

In essence, these firms are saying, "trust us." What's more, when firms go bankrupt (as many have of late), they turn to bankruptcy courts to sort out their mess.
"[B]ased upon how crypto platforms generally operate, investment advisers cannot rely on them today as qualified custodians," the editorial concludes. Rather than comply with the relevant laws, "it has felt like some have sought a stamp of approval for noncompliant activity, rather than changing a fundamentally non-compliant business model rife with conflicts." Of course, another tool in our toolbox is rooting out noncompliance through investigations and enforcement actions. The SEC has successfully brought or settled more than 100 cases against crypto intermediaries and token issuers, including some who operated Ponzi or pyramid schemes, engaged in unlawful touting, or committed other forms of fraud....

Some have said that we should let the innovation flourish or risk it going overseas. But forsaking investor protection puts real people's life savings at risk.
"It's a basic bargain in finance: If you want to raise money from the public, disclose certain facts and figures," Gensler told Politico this week. Their article notes "crypto giants are threatening to move their businesses across the Atlantic" from America to Europe, but with Gensler responding "We lose more if investors get harmed here." Crypto lobbyists have framed Gensler's push to force their industry to comply with 90-year-old securities laws as a war against financial innovation. Whatever changes brought by crypto markets will pale compared to what could come as brokerages and financial data aggregators move to incorporate artificial intelligence into their offerings, Gensler said.

"The much more transformative technology right now of our times is predictive data analytics and everything underlying artificial intelligence," he said, adding that he looked forward to working with lawmakers on how those tools could be regulated.

Krisztian Sandor writes via CoinDesk: U.S.-based stablecoin issuer Circle held a part of its USDC stablecoin's cash reserves at Silicon Valley Bank as of Jan. 17, according to the firm's latest attestation (PDF). USDC is the second-largest stablecoin on the market, with a $43 billion circulating supply that is fully backed by government bonds and cash-like assets. According to Circle's January reserve report, the firm held some $9.88 billion of cash deposited at regulated banks to back USDC's value. USDC's banking partners included Silicon Valley Bank (SVB), the California-based bank that was taken over by regulators and shut down on Friday. The full list of banks that held cash for Circle's USDC are Bank of New York Mellon, Citizens Trust Bank, Customers Bank, New York Community Bank (a division of Flagstar Bank, N.A.), Signature Bank, Silicon Valley Bank and Silvergate Bank. Circle also keeps some part of USDC reserves in a dedicated BlackRock fund.

Circle said last week it had cut ties with Silvergate Bank, the crypto-friendly bank that halted operations and said it would "voluntarily liquidate" its assets earlier this week. Signature Bank's holding company's (SI) shares have dropped 12% on the news about SVB's shutdown. Signature said in December that it would reduce deposits tied to crypto firms by as much as $10 billion. Simon Dixon, CEO of online investment platform BnkToTheFuture, tweeted that Circle's chief executive Jeremy Allaire said the firm held "most of their cash is in BNY Melon," while sharing a screenshot from March 2. BnkToTheFuture is an investor and shareholder in Circle.

Yesterday, Starbucks sold all of its 2,000 NFT "Journey Stamps" in under 20 minutes. They were the company's first paid collection of NFTs and were priced at $100 each. The Verge reports: The coffee company first launched its NFT and Web3 push in December, when it opened up a new membership program called Starbucks Odyssey. An extension of the existing Starbucks rewards program that gives customers perks like free drink upgrades, Odyssey promises to deliver new benefits and "immersive coffee experiences that [customers] cannot get anywhere else" as members complete games, quizzes, and make purchases. Rewards might include virtual classes, access to merchandise, or a trip to a Starbucks coffee farm at higher membership tiers. Free coffee, notably, isn't listed as a possible reward. Purchasing an NFT gives members additional "points" that they can use to level up their tier.

What happens when a newspaper dies? Apparently, in some cases, its digital ghost lives on in mysterious, unrecognizable forms. From a report: Minneapolis neighborhood newspaper the Southwest Journal shuttered at the end of 2020, but its web domain continues to post fresh content under the auspices of a Delaware "SEO company" whose leader lives in Serbia. Though the site still includes a few legacy Journal articles now under fictitious bylines, all of the most recent posts are more or less junk content evidently designed to manipulate search engines. There's a Feb. 10 article about handling raw chicken. Another article highlights the "10 most popular bitcoin casino games."

While there is a recent article on creating "a breathtaking rock garden" written from the perspective of someone purportedly living in the East Harriet neighborhood, the site's content, generally speaking, is no longer in line with the Journal's longstanding coverage of South Minneapolis neighborhoods. The "Contact Us" link at the bottom of the site pointed to an email address connected to an entity known as Shantel LLC. According to its own website, Shantel LLC is an "SEO company" from Delaware, and, as of Feb. 17, its homepage read, "Let's make the internet a great again!" The company said it specializes in "writing services, SEO optimization services, and similar SEO-related services." (Shantel LLC's website was utterly emptied of content around the time this article published, but archived versions of the site include that same company description.)

Shantel's apparent CEO and founder is Nebojsa Vujinovic, a businessman living in Belgrade, Serbia, per his LinkedIn profile. When I reached out to Vujinovic via LinkedIn on Feb. 10, he said he had only owned the Journal's domain for a matter of days. He confirmed that he uses a mix of artificial intelligence and human writers to create new content on the sites he owns. As he puts it: "AI + human correction." [...] The Southwest Journal isn't the only site under Vujinovic's ownership. Several other former news sites have begun listing a Shantel LLC email address as a primary contact. That includes the Missoula Independent, which was at one time the largest weekly paper in Montana, according to archived versions of the website. News conglomerate and former owner Lee Enterprises shut down the Independent in 2018. Like the Southwest Journal's website, the Independent's site now includes a few legacy articles on local politics and culture, but all the articles posted after June 2022 have taken a strange turn.

CRN reports: Prominent incident response firm Mandiant disclosed Tuesday that it responded to 15 percent fewer ransomware incidents last year. The statistic was first reported by the Wall Street Journal. Mandiant, which is owned by Google Cloud, confirmed the stat in an email to CRN.

The WSJ report also included several other indicators that 2022 was a less successful year for ransomware. Cybersecurity giant CrowdStrike told the outlet that the average ransom demand dropped 28 percent last year, to $4.1 million, from $5.7 million the year before. The firm reportedly pinned the decline on factors including the arrests of ransomware gang members and other disruptions to the groups last year, as well as the drop in the value of cryptocurrencies such as Bitcoin. CrowdStrike confirmed the stat to CRN.
Their article also cites a blog post from Chainalysis, the blockchain data platform, which estimated that 2022's total ransomware revenue "fell to at least $456.8 million in 2022 from $765.6 million in 2021 — a huge drop of 40.3%." And that blog post cites the Chief Claims Officer of cyber insurance firm Resilience, who also specifically notes "signs that meaningful disruptions against ransomware actor groups are driving lower than expected successful extortion attempts," including arrests and recovery of extorted cryptocurrency by western law enforcement agencies.

From the Wall Street Journal: After ballooning for years, the amount of money being paid to ransomware criminals dropped in 2022, as did the odds that a victim would pay the criminals who installed the ransomware.... "It reflects, I think, the pivot that we have made to a posture where we're on our front foot," Deputy Attorney General Lisa Monaco said in an interview. "We're focusing on making sure we're doing everything to prevent the attacks in the first place."

The hacking groups behind ransomware attacks have been slowed by better company security practices. Federal authorities have also used new tactics to help victims avoid paying ransom demands.... And the FBI said last month that it disrupted $130 million in potential ransomware profits last year by gaining access to servers run by the Hive ransomware group and giving away the group's decryption keys — used to undo the effects of ransomware — for free.

In the fall, about 45 call-center operators were laid off by former members of a ransomware group known as Conti, according to Yelisey Bohuslavskiy, chief research officer with the threat intelligence firm Red Sense LLC. They had been hired as part of a scam to talk potential victims into installing remote-access software onto networks that would then be infected by ransomware, but the call centers ended up losing money, he said.

Companies have also stepped up their cybersecurity practices, driven by demands from insurance underwriters and a better understanding of the risks of ransomware following high-profile attacks. Companies are spending more money on business continuity and backup software that allow computer systems to restart after they have been infected. With improved backups, U.S. companies are better at bouncing back from ransomware attacks than they were four years ago, according to Coveware Inc., which helps victims respond to ransomware intrusions and has handled thousands of cases. Four years ago, 85% of ransomware victims wound up paying their attackers. Today that number is 37%, according to Coveware Inc. Chief Executive Bill Siegel.

UnknowingFool writes: UK Judge James Mellor has thrown out Craig Wright's cases against Bitcoin derivatives like Bitcoin Cash as Wright cannot claim copyright on the Bitcoin file format. Wright had sued forks of Bitcoin claiming they breached his copyrights to prevent them from operating. The judge disagreed noting that Wright had failed to meet a requirement of copyright called "fixation" detailing where/when/how the original expression was first recorded somewhere in any media.

"Whilst I accept that the law of copyright will continue to face challenges with new digital technologies, I do not see any prospect of the law as currently stated and understood in the caselaw allowing copyright protection of subject-matter which is not expressed or fixed anywhere," wrote Judge Mellor. In other words Wright has failed to show any evidence that he wrote down the file format somewhere to claim that he created the file format.

This is not the first time Wright has failed to produce credible evidence in a court case: in an Oslo, Norway case last year Wright claimed he destroyed a hard drive in 2016 containing the Nakomoto original keys despite telling a U.S. court in 2020 that he was waiting on the same keys to be delivered by a special courier. Those keys were later ruled to be fictitious. Decrypt notes that Wright is "currently in the process of suing 15 Bitcoin developers to retreive around 111,000 bitcoin after he lost the encrypted keys to access them when his home computer network was allegedly hacked."

An anonymous reader quotes a report from Motherboard: A section of the UK government has proposed making the sale or possession of bespoke encrypted phones for crime a criminal offense in its own right. The measure is intended to help the country's law enforcement agencies tackle organized crime and those who facilitate it, but civil liberties experts tell Motherboard the proposal is overbroad and poorly defined, meaning it could sweep up other forms of secure communication used by the wider population if not adjusted. "At the moment the government proposal appears to be vague and overly broad. While it states that the provisions 'will not apply to commercially available mobile phones nor the encrypted messaging apps available on them' it is difficult to see how it will not result in targeting devices used on a daily [basis] by human rights defenders, protesters and pretty much all of us who want to keep our data secure," Ioannis Kouvakas, senior legal officer and assistant general counsel at UK-based activism organization Privacy International, told Motherboard in an email.

The proposal is included in a document published by the Home Office (PDF). In that document, the Home Office proposes two legislative measures that it says could be used to improve law enforcement's response to serious and organized crime, and is seeking input from law enforcement, businesses, lawyers, civil liberties NGOs, and the wider public. [...] The first measure looks to create new criminal offenses on the "making, modifying, supply, offering to supply and possession of articles for use in serious crime." The document points to several specific items: vehicle concealments used to hide illicit goods; digital templates for 3D-printing firearms; pill presses used in the drug trade; and "sophisticated encrypted communication devices used to facilitate organized crime." In other words, this change would criminalize owning an encrypted phone, selling one, or making one for use in crime, a crime in itself. [...]

With encrypted phones, the Home Office writes that both the encryption itself and modifications made to the phones are creating "considerable barriers" to law enforcement. Typically, phones from this industry use end-to-end encryption, meaning that messages are encrypted before leaving the device, rendering any interception by law enforcement ineffective. (Multiple agencies have instead found misconfigurations in how companies' encryption works, or hacked into firms, to circumvent this protection). Encrypted phone companies sometimes physically remove the microphone, camera, and GPS functionality from handsets too. Often distributors sell these phones for thousands of dollars for yearly subscriptions. Given that price, the Home Office says it is "harder to foresee a need for anyone to use them for legitimate, legal reasons." The Home Office adds that under one option for legislation, laws could still criminalize people who did not suspect the technology would be used for serious crime, simply because the technology is so "closely associated with serious crime." Potential signs could include someone paying for a phone "through means which disguise the identity of the payer," the document reads. Often distributors sell phones for Bitcoin or cash, according to multiple encrypted phone sellers that spoke to Motherboard. The document says "the provisions will not apply to commercially available mobile phones nor the encrypted messaging apps available on them." But the Home Office does not yet have a settled definition of what encompasses "sophisticated encrypted communication devices," leaving open the question of what exactly the UK would be prepared to charge a person for possessing or selling.

Binance, the world's largest cryptocurrency exchange, will suspend U.S. dollar deposits and withdrawals, the company said Monday, without providing a reason for the decision. CNBC reports: Binance US, a unit of the company that's regulated by the Treasury Department's Financial Crimes Enforcement Network, said in a tweet that it's not affected by the suspension. Thus the move applies only to non-U.S. customers who transfer money to or from bank accounts in dollars. Data from Arkham Intelligence shows that following the announcement, there was a sharp spike in outflows from Binance's crypto wallets, as millions of dollar-pegged stablecoins such as tether and USDC flowed to rival exchanges or individual wallets.

Binance's net U.S. dollar outflow was over $172 million for the day, based on data from DefiLlama. That represents a tiny amount of money for a company that has $42.2 billion worth of crypto assets, according to Arkham. "We're still overwhelmingly net-positive on net deposits," the spokesperson said. "Outflows always tick up when prices start to level off following a bullish market swing like we saw last week as some users take profits." Bitcoin rose more than 38% in January, its best month since October 2021.

Regarding Monday's suspension, a Binance representative told CNBC in an email that "Binance.US has its own banking partners and does not have any issues." The main Binance exchange does not serve U.S. users. Binance said customers can still use other fiat currencies or payment methods to purchase crypto. For the small number affected, "we'll have a new partner to announce for those users in the next couple weeks," the spokesperson said.

In 2017 the New York Times covered research co-authored by John Griffin, a finance professor at the University of Texas, into Hong Kong-based Bitfinex, "one of the largest and least regulated exchanges in the industry." Mr. Griffin looked at the flow of digital tokens going in and out of Bitfinex and identified several distinct patterns that suggest that someone or some people at the exchange successfully worked to push up prices when they sagged at other exchanges. To do that, the person or people used a secondary virtual currency, known as Tether, which was created and sold by the owners of Bitfinex, to buy up those other cryptocurrencies.
To reach this conclusion, the paper's two authors "sifted through an incredible 200 gigabytes of trading data, equal to the troves that the Smithsonian Institution collects in two years," according to a new article in Fortune, "and followed sales and purchases from 2.5 million separate wallets."

The researchers ultimately concluded that a single, still unidentified, Bitcoin "whale" triggered nearly 60% of Bitcoin's one-year rise in 2017 from under $1,000 to over $19,000. But more importantly, Fortune now reports that Griffin "suspects that a similar dynamic is operating today." Toward the end of 2022, another mystifying trend caught Griffin's eye. Despite the crypto crash and myriad other negative forces, every time Bitcoin briefly breached the $16,000 floor, it bounced above that level and kept stubbornly trading between $16,000 and $17,000. Almost unbelievably, as the crypto market has continued to unravel into 2023, Bitcoin has gone in the opposite direction, trading up 35% since Jan. 7 to $23,000.

"It's very suspicious," Griffin told Fortune. "The same mechanism we saw in 2017 could be at play now in the still unreal Bitcoin market."

For Griffin, the way normally super-volatile Bitcoin went calm and stable in the stormiest of times for crypto fits a scenario where boosters are uniting to support and juice its price. "If you're a crypto manipulator, you want to set a floor under the price of your coin," added Griffin. "In a period of highly negative sentiment, we've seen suspiciously solid floors under Bitcoin."

It's important to note that no definitive proof of chicanery has so far emerged. "The space is bigger now so it's harder to dig the data," says Griffin. "Sophisticated players may be expert at hiding their identities." We have seen credible leaks asserting that major market participants call meetings of the sector's elite when they fear a crypto leader plans to make what they consider a reckless, industry-endangering move. But no evidence has surfaced that the players are gathering to coordinate buying of Bitcoin or other cryptocurrencies.
Fortune data editor Scott DeCarlo ran a detailed analysis and found, among other things, that Bitcoin "at peak FTX-induced turmoil showed both its smallest swings ever by a wide margin, and divergence from low to high that was one-fourth to one-fifth its average over the past six years." And they're not the only ones asking questions: In a blog post on Nov. 30 titled "Bitcoin's Last Stand," European Central Bank Director General for market operations Ulrich Bindseil and ECB adviser Jürgen Schaaf dismissed Bitcoin's resurgence as "an artificially induced last gasp before the road to irrelevance." Two leading figures on Wall Street told this writer on background that Bitcoin's price action, by resisting a flood of bad news, looks phony and different from a normal free market ruled by independent buyers and sellers.
Thanks to long-time Slashdot reader wired_parrot for submitting the story.

A former employee of network technology provider Ubiquiti pleaded guilty to multiple felony charges after posing as an anonymous hacker in an attempt to extort almost $2 million worth of cryptocurrency while employed at the company. From a report: Nickolas Sharp, 37, worked as a senior developer for Ubiquiti between 2018 and 2021 and took advantage of his authorized access to Ubiquiti's network to steal gigabytes worth of files from the company during an orchestrated security breach in December 2020.

Prosecutors said that Sharp used the Surfshark VPN service to hide his home IP address and intentionally damaged Ubiquiti's computer systems during the attack in an attempt to conceal his unauthorized activity. Sharp later posed as an anonymous hacker who claimed to be behind the incident while working on an internal team that was investigating the security breach. While concealing his identity, Sharp attempted to extort Ubiquiti, sending a ransom note to the company demanding 50 Bitcoin (worth around $1.9 million at that time) in exchange for returning the stolen data and disclosing the security vulnerabilities used to acquire it. When Ubiquiti refused the ransom demands, Sharp leaked some of the stolen data to the public. The FBI was prompted to investigate Sharp's home around March 24th, 2021, after it was discovered that a temporary internet outage had exposed Sharp's IP address during the security breach.

Further reading:
Ubiquiti Files Case Against Security Blogger Krebs Over 'False Accusations';
Former Ubiquiti Dev Charged For Trying To Extort His Employer.

A billionaire cryptocurrency evangelist may have gotten a tougher reception than he expected when proposing widespread adoption of Bitcoin to a bankrupt country. From a report: Silicon Valley investor Tim Draper was in Sri Lanka to shoot an episode of his "Meet the Drapers" TV show with local entrepreneurs, and met President Ranil Wickremesinghe on Tuesday to proselytize the adoption of cryptocurrency. He journeyed to the central bank the next day with the same pitch -- but embattled Governor Nandalal Weerasinghe, who's still working to calm financial mayhem, was having none of it. "I come to the Central Bank with decentralized currency," proclaimed Draper, dressed in a Bitcoin tie for the meeting that took place in a teak-paneled room overlooking the sea. "We don't accept," Weerasinghe said, taking another sip of fizzy ginger beer.

During the meeting, Draper several times referred to what he described as Sri Lanka's reputation for corruption and argued cryptocurrency was one solution. Colombo could avert graft by keeping perfect records after adopting Bitcoin, he argued. "Have you seen Sri Lanka in the news? It's known as the corruption capital," Draper said. "A country known for corruption will be able to keep perfect records with the adoption of Bitcoin." Sri Lanka's topmost monetary official countered: "Adoption of 100% Bitcoin won't be a Sri Lanka reality ever." [...] He kept trying with Weerasinghe. "Does the administration have the guts to do it?" he asked. "What's the advantage of having your own currency?" Weerasinghe said other technologies could efficiently distribute financial services to foster inclusion and disburse electronic welfare payments, and noted that a country without its own currency couldn't have monetary-policy independence. "We don't want to make the crisis worse by introducing Bitcoin," he said.

Nostr, a startup decentralized social network, got its Twitter-like Damus application listed on Apple's App Store. CoinDesk reports: Nostr is an open protocol that aims to create a censorship-resistant global social network. Media commentators have described it as a possible alternative to Elon Musk's Twitter. According to an article in Protos, Nostr is popular with bitcoiners partly because most implementations of it support payments over Bitcoin's Lightning Network.

Former Twitter CEO Jack Dorsey, who last year donated roughly 14 BTC (worth $245,000 at the time) to fund Nostr's development, hailed the debut of Damus on Apple's App Store as a "milestone for open protocols," in a tweet posted late Tuesday. As of press time, the tweet had been viewed 2.1 million times. According to the Nostr website, Damus is one of several Nostr projects, including Anigma, a Telegram-like chat; Nostros, a mobile client; and Jester, a chess application. You can download the iOS app here.

State Sen. Wendy Rogers (R-AZ) has introduced a set of bills aimed at making bitcoin legal tender in Arizona and allowing state agencies to accept bitcoin. Bitcoin Magazine reports: The proposed legislation (PDF) aims to recognize bitcoin as a legal form of currency in Arizona, allowing it to be used to pay for debts, taxes and other financial obligations. This would mean that all transactions that are currently done in U.S. dollars could potentially be done with bitcoin, and individuals and businesses would have the option to use bitcoin as they see fit. Specifically mentioning bitcoin alone, the legal tender bill defines bitcoin as, "the decentralized, peer-to-peer digital currency in which a record of transactions is maintained on the Bitcoin blockchain and new units of currency are generated by the computational solution of mathematical problems and that operates independently of a central bank."

The acceptance bill is more broad, saying that, "A state agency may enter into an agreement with a cryptocurrency issuer to provide a method to accept cryptocurrency as a payment method of fines, civil penalties or other penalties, rent, rates, taxes, fees, charges, revenue, financial obligations and special assessments to pay any amount due to that agency or this state." The report notes that Sen. Rogers introduced the same amendment in January 2022, but it "died by the second reading."