In a surprising turn of events, the hacker responsible for the $7.5 million theft from decentralized exchange KiloEx has returned the full amount. KiloEx has presented a tempting challenge. To that end, they are offering a 10% “white hat” bounty to the person(s) who can return 90% or more of those funds. In Brazil, executives from Braiscompany recently received substantial penalties. They’re currently looking at a total of 171 years behind bars for leading the world’s biggest cryptocurrency-based pyramid scheme. Crypto-related challenges continue to mount as a massive Android malware campaign has been revealed, resulting in millions of dollar crypto theft. At the same time, Oregon’s Attorney General has made headlines with a securities enforcement lawsuit against Coinbase.

KiloEx Recovers Stolen Funds

In February, a particularly nasty cyberattack drained KiloEx—a decentralized exchange of choice for treating crypto tokens in bulk—of millions. In response, the hackers made off with $7.5 million. While these changes were being made, the attackers got away with 500,000 ETH. They moved the money through different mixers such as Wasabi, Railgun, and Tornado Cash to obscure the trail of the purloined assets.

After the heist the thieves converted the stolen ETH into Bitcoin. Then they immediately laundered the Bitcoin through a wide network of more than 35,000 individual wallets. Our own data analysis suggests that nearly 84% of the stolen ETH was eventually converted to Bitcoin. At the same time, almost 4% of it was still stuck in a freeze. Only a tiny percentage of them—1%—stayed on the Ethereum network.

KiloEx provided a 10% “white hat” bounty of $750,000. This generous incentive would seem to have done the trick, as the hacker seemed sufficiently motivated to return all $7.5 million in full. The return of the funds is seen as a major victory for KiloEx. Beyond that, perhaps it provides an unlikely glimmer of hope amidst today’s chilling cryptocurrency security landscape. On a broader level, it brings attention to just how useful and effective bounty programs could be in helping recover stolen assets.

Braiscompany Executives Face Lengthy Prison Sentences

To date in Brazil, the judiciary has already handed out prison sentences of more than 60 years to executives from Braiscompany. These leaders were recently imprisoned for leading the world’s biggest crypto Ponzi scheme. The scheme swindled nearly 20,000 investors out of R$1.11 billion, around $190 million.

The executives now face a combined 171 years in prison. They were handed this sentence for their roles in orchestrating and perpetuating the fraudulent investment scheme. This ruling serves as a timely reminder of the dangers posed by unregulated cryptocurrency investments. It reveals just how vulnerable investors are to near total financial destruction.

The Braiscompany case underscores the need for strong regulatory oversight in the cryptocurrency industry. It serves as a warning to investors to be wary and to always practice careful due diligence before making any investment, especially with one’s own hard-earned money. Having such severe sentences emphasizes the severity of harm caused to each of the victims. The magnitude of these penalties sends a strong message about the severe consequences of financial fraud.

Android Malware Campaign Steals Crypto

Russian cybersecurity firm Doctor Web has revealed a massive Android malware operation. So far this operation has hacked over 2,000 devices and stolen a minimum of $600,000 in cryptocurrency. The extensive malware campaign is still active today with more than 60 command-and-control servers and 30 domains. When we do this setup, you’ve shrouded a highly sophisticated, very organized operation.

It’s malware that’s intended to steal crypto from infected devices, spying on wallets and exchanges of all types supported by the platform. The attackers implement multiple technical measures to obfuscate the malware and remain persistent on the infected machines. This creates a difficult situation for victims to be able to identify and remove the malware.

The recent finding of this extensive Android malware campaign reminds us of the increasing mobile-oriented nature of crypto theft. Be especially wary if you’re downloading apps from third-party sources. Don’t forget to keep all of your connected devices protected with the latest security software! Even better, Congress should consider this an opportunity to raise awareness and foster more education around the risks of cryptocurrency investments. It calls to attention the need to protect our personal devices against malware.

Oregon Attorney General Sues Coinbase

Oregon’s Attorney General Dan Rayfield has wasted no time in following through on this intent, filing a securities enforcement lawsuit against Coinbase. As he notes, this is because the cryptocurrency exchange sold unregistered securities. The Complaint alleges that Coinbase’s staking programs sold securities. It claims that the company did not properly register these securities with the state.

The lawsuit alleges that Coinbase's staking programs meet the definition of securities under Oregon law and that the company failed to comply with the state's securities regulations. The Attorney General is seeking injunctive relief, civil penalties, and restitution for the investors harmed.

This legal against Coinbase, one of the major crypto exchanges, underscore this emerging trend. Regulatory scrutiny of crypto exchanges and staking programs is increasing, with significant actions taken in recent months. Regulators are becoming more aggressive to ensure that crypto companies adhere to current securities laws. Their goal is to make sure investors are adequately protected in this fast-changing market. The ultimate disposition of this case stands to have tremendous implications on the future of cryptocurrency regulation both in Oregon and other states.