Technology and Industry

Ethereum “The Merge” - The third and final test environment network (testnet) merge has successfully been completed. Likely dates for the Merge on the Ethereum mainnet might occur include Sep 15, 16 or 20. Most of the Ethereum developers agreed they would aim to have the Bellatrix upgrade live around Sep 6. [more]

• Bellatrix is the name of the upgrade that will kick off the process of the Merge and set everything in motion.
  

The privacy-focused network Monero is gearing up for a major upgrade. The upgrade is expected to improve its security and performance. [more]

Ethereum co-founder Vitalik Buterin has suggested there may be a “low-tech approach” to incorporating privacy features into nonfungible token, or NFT, transactions. [more]

Tornado Cash’s Discord and DAO governance forum appeared to go dark after US saction and Netherlands’ arrest. [more]

Gartner published its hype cycle for emerging technologies. One of the three featured themes was immersive experiences, including decentralized identity, the metaverse, non-fungible tokens (NFTs) and web3. [more][more-Gartner]

OpenSea tweaked its policy to require a police report for NFTs that are said to be stolen within seven days. Note that while OpenSea can block the ability to buy, sell, or transfer select NFTs on its own marketplace, that doesn’t prevent users from transacting elsewhere. [more]

Huobi Group founder is in talks with a clutch of investors to sell approximately 60% of his stake in the crypto exchange at a valuation of as much as $3 billion. [more]

Netflix has joined the Decentraland metaverse with the launch a replica of a maze found in its recent film, “The Gray Man” starring Ryan Gosling. The aim is to complete the maze to win digital wearables featured in the movie. [more]

Paris Hilton has announced a partnership with The Sandbox to bring Paris World into its metaverse platform. [more]

Policy and Regulatory

United States -

• US Treasury sanctioned crypto mixing service Tornado Cash. This move suggested that all protocols, decentralized or not, are subject to the same compliance obligations. [more]

• Regulators are considering requiring private funds with at least $500 million to disclose information such as crypto holdings, leveraged positions. [more]

• The US Securities and Exchange Commission (SEC) is investigating yield and staking products of crypto exchange Coinbase, according to a quarterly report. [more]
  

Netherlands - Dutch financial crimes agency FIOD arrested a 29-year-old developer in Amsterdam over suspected involvement in laundering money through crypto mixer Tornado Cash. [more]

Philippines - The Central Bank of the Philippines, also known as Bangko Sentral ng Pilipinas (BSP) said that the regular application window for new Virtual Asset Service Provider (VASP) licenses will wind down for three years, and will be a subject to reassessment on the current market developments. [more]

Russia - Bank of Russia started CBDC testing in 2022 and expects to implement an official banking rollout in the year of presidential elections in 2024. [more]

Iran - Iran is reportedly moving to directly facilitate imports with crypto. It recently filed its first crypto-based order, worth $10 million, but didn’t specify which digital asset was used for the transaction or what was imported. [more]

Security and Risk

10 Aug - DeFi platform Curve Finance suffered front-end attack, and users lost $570,000 after malicious redirection to malicious destination. [more][more-Curve][more-DNSprovider]

• The attacker was suspected to compromise the Curve website or its domain name to redirect unwitting users or their transactions to a malicious site. Wallets were drained after these users approved the malicious contract at the site.

• According to Web3 on-chain sleuth, Zachxbt, the attacker made off with $570,000 in ETH, which they sent to the FixedFloat cryptocurrency exchange to launder the money.

• The domain registrar for the decentralized exchange reviewed the incident and indicated that the DNS records of the external provider’s DNS infrastructure for this domain were changed to point to a cloned web server. It added that the attack was a result of “DNS cache poisoning, not nameserver compromise.”

• Binance CEO Changpeng Zhao announced that the crypto exchange had managed to freeze $450,000 worth of stolen funds from Curve Finance after the attacker transferred the funds into the exchange. [more]

8 Aug - Steven Galanis, the CEO of celebrity video platform Cameo, said that he lost a variety of NFTs, such as BAYC NFT, after his Apple ID was hacked. [more][more-StevenGalanis]

• He lost a BAYC NFT Ape #9012 which he bought for 100 Ethereum — around $319,500 at the time of purchase. He also lost 6 NFTs (including Otherside plots) and around 9,000 ApeCoin cryptocurrency tokens.

• The exact hack mechanics were not clear from Galanis’ tweets. Some Twitter users suggested that he could have kept a copy of his seed phrase in a service that uses iCloud backups, giving the hacker access after his account was compromised.

Elliptic noted that RenBridge was used to facilitate $540 million of illicit crypto assets. It included over $153 million in ransomware proceeds and crypto believed to have been stolen by North Korean hackers. [more] [more-Elliptic]

• Elliptic also noted that more than $2.4 million from the hack of the Nomad bridge in August has already been laundered with the help of RenBridge.