The days of legal gray areas in the cryptocurrency space may be drawing to a close and from now on, all market players will have to tread more carefully, writes Silvina Moschini.
Chris Ratcliffe/Bloomberg
With three of the crypto industry’s top players dropping out of the game and the SEC approving bitcoin ETFs, we have seen the map of the crypto ecosystem being dramatically redrawn. These changes are propelling us toward a 2024 that puts rules and regulations in the spotlight.
The cryptocurrency market is, by definition, young and disruptive. It appeared discreetly in 2009 with the emergence of bitcoin and has continued to evolve in step with blockchain technology as the latter continues to develop and demonstrate its tremendous potential to improve efficiency through a process of trial and error.
At an unstoppable pace of innovation, key figures such as Do Kwon (Terra Luna), Sam Bankman-Fried (FTX) and Changpeng Zhao (Binance) rose to prominence in the industry and, in the case of the latter two, began to impose their own logic on cryptocurrency exchange platforms.
Advertisement
However, within the last two years, all three are gone.
The legal cases of Do Kwon and Bankman-Fried were serious enough to land them in the courtroom while Zhao’s departure from Binance made it clear,according to CoinDesk, that “Crypto itself might be borderless, but crypto companies may find it increasingly hard to operate outside of legal or geographical boundaries.”
The days of legal gray areas in the cryptocurrency space may be drawing to a close and from now on, all market players will have to tread more carefully.
This logic is increasingly being validated on the global cryptocurrency dashboard. During 2023, 42 countries discussed regulatory frameworks for cryptocurrencies and more than half of them were approved. In the case of the G20 and the world’s largest financial hubs, which includes the 27 member states of the European Union, 83% of countries now have “crypto friendly” legislation.
In Washington, meanwhile, the prospect of exchange-traded funds that track the price of bitcoin (so-called bitcoin ETFs) being approved has become a reality. One of the most important features of ETFs is that they offer investors a more accessible way to invest in bitcoin, bypassing the direct purchase of cryptocurrency (i.e., disregarding the practical challenges) but without losing track of its evolution.
Advertisement
The confluence of all of these factors is transforming the face of crypto and I am convinced that throughout 2024 we will continue to see this industry mature.
We have an expanded and revamped game board in which the focus is shifting away from the “star” players to the overall workings of the game.
The Anti-Money Laundering Authority has taken a significant step in a complex investigation involving stolen cryptocurrency, marking the first time in Greece that crypto assets have been frozen and identified as proceeds of crime.
The case has drawn international attention, with the US Federal Bureau of Investigation (FBI) issuing a public alert confirming the freezing of suspicious digital assets.
Advertisement
The investigation began last month when the Authority received information about a suspicious transaction involving a registered user on a Greek-based cryptocurrency exchange platform.
Further checks revealed that the user’s Ethereum wallet had received a large amount of digital currency, which was later traced back to a major international theft.
The funds originated from the Bybit hack, disclosed in February, in which hackers stole approximately $1.5 billion worth of Ethereum – the largest theft of its kind to date. This incident surpassed the 2022 Ronin Network breach, in which $620 million in Ethereum and USD Coin were stolen.
Following the analysis, the Authority issued a Seizure Order for the wallet and the crypto assets it contained. The relevant documentation has been forwarded to the Prosecutorial Authority for further investigation.
Bitget, the leading cryptocurrency exchange and Web3 company, has announced the upcoming listing of DeLorean (DMC) on its Launchpool platform, with a total reward pool of 66,176,000 DMC tokens. Participants will have the opportunity to lock BGB or DMC tokens to earn a share of the reward allocation. The locking period will begin on June 24, 2025, at 11:00 UTC and conclude on June 26, 2025, at 11:00 UTC.
CoinMarketCap, the popular cryptocurrency price tracking site, suffered a website supply chain attack that exposed site visitors to a wallet drainer campaign to steal visitors’ crypto.
On Friday evening, January 20, CoinMarketCap visitors began seeing Web3 popups asking them to connect their wallets to the site. However, when visitors connected their wallets, a malicious script drained cryptocurrency from them.
The company later confirmed threat actors utilized a vulnerability in the site’s homepage “doodle” image to inject malicious JavaScript into the site.
“On June 20, 2025, our security team identified a vulnerability related to a doodle image displayed on our homepage. This doodle image contained a link that triggered malicious code through an API call, resulting in an unexpected popup for some users when visited our homepage,” reads a statement posted on X.
“Upon discovery, We acted immediately to remove the problematic content, identified the root cause, and comprehensive measures have been implemented to isolate and mitigate the issue.”
Advertisement
“We can confirm all systems are now fully operational, and CoinMarketCap is safe and secure for all users.”
Cybersecurity firm c/side explained that the attack worked by the threat actors somehow modifying the API used by the site to retrieve a doodle image to display on the homepage. This tampered JSON payload now included a malicious script tag that injected a wallet drainer script into CoinMarketCap from an external site named “static.cdnkit[.]io”.
When someone visited the page, the script would execute and display a fake wallet connect popup showing CoinMarketCap branding and mimicking a legitimate Web3 transaction request. However, this script was actually a wallet drainer designed to steal connected wallets’ assets.
“This was a supply chain attack, meaning the breach didn’ target CMC’s own servers but a third-party tool or resource used by CMC,” explains c/side.
“Such attacks are hard to detect because they exploit trusted elements of a platform.”
Advertisement
More details about the attack came later from a threat actor known as Rey, who said that the attackers behind the CoinMarketCap supply chain attack shared a screenshot of the drainer panel on a Telegram channel.
This panel indicated that $43,266 was stolen from 110 victims as part of this supply chain attack, with the threat actors speaking in French on the Telegram channel.
Screenshot of drainer panel shared on Telegram Source: Rey
As the popularity of cryptocurrency has boomed, so has the threat from wallet drainers, which are commonly used in attacks.
Unlike traditional phishing, these types of attacks are more often promoted through social media posts, advertisements, spoofed sites, and malicious browser extensions that include malicious wallet-draining scripts.
Reports indicate that wallet drainers stole almost $500 million in 2024 through attacks targeting more than 300,000 wallet addresses.
The problem has become so pervasive that Mozilla recently introduced a new system to detect wallet drainers in browser add-ons uploaded to the Firefox Add-on repository.
Advertisement
Patching used to mean complex scripts, long hours, and endless fire drills. Not anymore.
In this new guide, Tines breaks down how modern IT orgs are leveling up with automation. Patch faster, reduce overhead, and focus on strategic work — no complex scripts required.
