Ripple celebrates SEC’s dropped appeal, but crypto rules still not set  

The United Arab Emirates expects its digital dirham central bank digital currency to roll out in the fourth quarter of 2025. According to a report in the Khaleej Times, Central Bank of the UAE Governor Khaled Mohamed Balama reportedly said that the blockchain-based currency could improve financial stability and help combat financial crime. According to the report, the retail sector could expect the issuance of a digital dirham in the last quarter of 2025. “It [digital dirham] will further enable the development of innovative digital products, services, and new business models while reducing cost and increasing access to international markets,” Balama reportedly said.The report also stated that the digital dirham and its physical counterpart will be accepted as a payment method in all payment channels. The news comes as the digital dirham received a rebrand. The first letter of the dirham will be its international symbol, along with two horizontal lines representing the currency’s stability, inspired by the UAE flag. The new symbol for UAE dirhams. Source: Khaleej TimesThe road to digital dirhams in the UAEIn June 2024, the CBUAE approved a licensing framework for regulating stablecoins. In a meeting with the CBUAE board of directors in Abu Dhabi, UAE officials discussed the government’s financial infrastructure program and approved the framework. The new rules clarified the issuance, licensing and supervision of payment tokens backed by the UAE dirham. Following the framework’s approval, stablecoin issuer Tether announced its plans to launch a dirham-backed stablecoin with local partners Phoenix Group and Green Acorn Investments. The collaboration aims to establish a fully-backed digital representation of the UAE dirham currency. After the framework approval, other players joined the race to create a dirham-backed stablecoin. On Oct. 18, 2024, a company called AED Stablecoin received in-principle approval for issuing a regulated dirham-pegged stablecoin in the UAE.  On Nov. 1, The Open Network (TON) announced that Tether’s dirham-pegged stablecoin will be launched on its blockchain network. Related: Abu Dhabi’s financial free zone signs MoU with Chainlink for tokenization frameworksStablecoins in the UAEApart from dirham-backed stablecoins, US dollar and euro stablecoins have also gained traction in the country. On Feb. 24, the Dubai Financial Services Authority, the independent regulator for the Dubai International Financial Centre (DIFC), recognized Circle’s USDC and EURC as the first stablecoins under its crypto token regime. Meanwhile, a Ripple spokesperson previously told Cointelegraph that the company is working to understand the country’s stablecoin requirements. The spokesperson said they are monitoring the developments closely and that their RLUSD stablecoin is available in the UAE. Magazine: The 1 true sign an NFT bull market is back on: Wale, NFT Collector

Michael Novogratz’s crypto investment firm Galaxy Digital agreed to pay $200 million in a settlement related to its alleged promotion of the now-collapsed cryptocurrency Terra (LUNA)According to New York Attorney General’s Office documents filed on March 24, Galaxy Digital acquired 18.5 million LUNA tokens at a 30% discount, then promoted them before selling them without abiding by disclosure rules. The filing states:“Ultimately, Galaxy helped a little-known token increase its market price from $0.31 in October 2020 to $119.18 in April 2022, while profiting in the hundreds of millions of dollars.“As part of the settlement agreement, Galaxy will pay $200 million in monetary relief over three years: $40 million within 15 days, another $40 million within one year, and two additional payments of $60 million due within the second and third years, respectively.Related: A beginner’s guide on algorithmic stablecoinsGalaxy Digital reportedly spread fake newsThe filing also accused Galaxy Digital and Novogratz of spreading false claims about Terra’s usage. In particular, the firm allegedly stated that the South Korean payments app Chai was built on the Terra blockchain, which was not accurate.This claim was also included in a press release sent to Bloomberg highlighting that the app “hosts over 2 million users and generates $1.2 billion in annualized transaction volume.” The release reads:“These statements were false. They were based on representations by Kwon and Terraform to Galaxy, but Galaxy failed to independently verify them.“Galaxy Digital’s Novogratz mentions Terra usage in Chai following Terra’s collapse. Source: Galaxy DigitalRelated: Terra’s Do Kwon’s US court hearing delayed as prosecutors review a swath of new evidenceTerra’s collapse and market falloutTerra and its algorithmic stablecoin, TerraUSD (UST), both experienced a dramatic collapse due to a breakdown in the mechanism designed to maintain UST’s peg to the US dollar back in May 2022. The event occurred when a large holder sold a substantial amount of UST.The large sell-off triggered market panic, causing UST to deviate from its expected value. The mechanism intended to stabilize UST involved minting new LUNA tokens to buy back UST, resulting in massive LUNA supply inflation and creating intense downward pressure on LUNA’s price.As Cointelegraph reported at the time, if the market cap of LUNA became lower than that of UST, there would not be enough funds to maintain the peg of the stablecoin. With the asset backing the stablecoin losing value as its supply continued to increase, the assets entered a self-reinforcing spiral, which caused both assets to lose nearly all their value within hours.This wiped out billions in market capitalization and triggered a broader cryptocurrency market downturn. The memory of the event is still fresh, with the Sonic blockchain’s recent unveiling of a high-yield algorithmic stablecoin being met with fears due to perceived similarities.Magazine: Bitcoiner sex trap extortion? BTS firm’s blockchain disaster: Asia Express

Opinion by: Jimmy Su, Binance chief security officerThe threat of InfoStealer malware is on the rise, targeting people and organizations across digital finance and far beyond. InfoStealers are a category of malware designed to extract sensitive data from infected devices without the victim’s knowledge. This includes passwords, session cookies, crypto wallet details and other valuable personal information.According to Kaspersky, these malware campaigns leaked over 2 million bank card details last year. And that number is only growing.Malware-as-a-serviceThese tools are widely available via the malware-as-a-service model. Cybercriminals can access advanced malware platforms that offer dashboards, technical support and automatic data exfiltration to command-and-control servers for a subscription fee. Once stolen, data is sold on dark web forums, Telegram channels or private marketplaces.The damage from an InfoStealer infection can go far beyond a single compromised account. Leaked credentials can lead to identity theft, financial fraud and unauthorized access to other services, especially when credentials are reused across platforms.Recent: Darkweb actors claim to have over 100K of Gemini, Binance user infoBinance’s internal data echoes this trend. In the past few months, we’ve identified a significant uptick in the number of users whose credentials or session data appear to have been compromised by InfoStealer infections. These infections don’t originate from Binance but affect personal devices where credentials are saved in browsers or auto-filled into websites.Distribution vectorsInfoStealer malware is often distributed via phishing campaigns, malicious ads, trojan software or fake browser extensions. Once on a device, it scans for stored credentials and transmits them to the attacker.The common distribution vectors include:Phishing emails with malicious attachments or links.Fake downloads or software from unofficial app stores.Game mods and cracked applications are shared via Discord or Telegram.Malicious browser extensions or add-ons.Compromised websites that silently install malware (drive-by downloads).Once active, InfoStealers can extract browser-stored passwords, autofill entries, clipboard data (including crypto wallet addresses) and even session tokens that allow attackers to impersonate users without knowing their login credentials.What to watch out for Some signs that might suggest an InfoStealer infection on your device:Unusual notifications or extensions appearing in your browser.Unauthorized login alerts or unusual account activity.Unexpected changes to security settings or passwords.Sudden slowdowns in system performance.A breakdown of InfoStealer malwareOver the past 90 days, Binance has observed several prominent InfoStealer malware variants targeting Windows and macOS users. RedLine, LummaC2, Vidar and AsyncRAT have been particularly prevalent for Windows users. RedLine Stealer is known for gathering login credentials and crypto-related information from browsers.LummaC2 is a rapidly evolving threat with integrated techniques to bypass modern browser protections such as app-bound encryption. It can now steal cookies and crypto wallet details in real-time.Vidar Stealer focuses on exfiltrating data from browsers and local applications, with a notable ability to capture crypto wallet credentials.AsyncRAT enables attackers to monitor victims remotely by logging keystrokes, capturing screenshots and deploying additional payloads. Recently, cybercriminals have repurposed AsyncRAT for crypto-related attacks, harvesting credentials and system data from compromised Windows machines.For macOS users, Atomic Stealer has emerged as a significant threat. This stealer can extract infected devices’ credentials, browser data and cryptocurrency wallet information. Distributed via stealer-as-a-service channels, Atomic Stealer exploits native AppleScript for data collection, posing a substantial risk to individual users and organizations using macOS. Other notable variants targeting macOS include Poseidon and Banshee.At Binance, we respond to these threats by monitoring dark web marketplaces and forums for leaked user data, alerting affected users, initiating password resets, revoking compromised sessions and offering clear guidance on device security and malware removal.Our infrastructure remains secure, but credential theft from infected personal devices is an external risk we all face. This makes user education and cyber hygiene more critical than ever.We urge users and the crypto community to be vigilant to prevent these threats by using antivirus and anti-malware tools and running regular scans. Some reputable free tools include Malwarebytes, Bitdefender, Kaspersky, McAfee, Norton, Avast and Windows Defender. For macOS users, consider using the Objective-See suite of anti-malware tools. Lite scans typically don’t work well since most malware self-deletes the first-stage files from the initial infection. Always run a full disk scan to ensure thorough protection.Here are some practical steps you can take to reduce your exposure to this and many other cybersecurity threats:Enable two-factor authentication (2FA) using an authenticator app or hardware key.Avoid saving passwords in your browser. Consider using a dedicated password manager.Download software and apps only from official sources.Keep your operating system, browser and all applications up to date.Periodically review authorized devices in your Binance account and remove unfamiliar entries.Use withdrawal address whitelisting to limit where funds can be sent.Avoid using public or unsecured WiFi networks when accessing sensitive accounts.Use unique credentials for each account and update them regularly.Follow security updates and best practices from Binance and other trusted sources.Immediately change passwords, lock accounts and report through official Binance support channels if malware infection is suspected.The growing prominence of the InfoStealer threat is a reminder of how advanced and widespread cyberattacks have become. While Binance continues to invest heavily in platform security and dark web monitoring, protecting your funds and personal data requires action on both sides.Stay informed, adopt security habits and maintain clean devices to significantly reduce your exposure to threats like InfoStealer malware.Opinion by: Jimmy Su, Binance chief security officer.This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.