Crypto
El Salvador's president is triumphant after his bet on bitcoin comes true
SAN SALVADOR, El Salvador — As bitcoin reached historic highs, surpassing $100,000 for the first tim e, El Salvador’s President Nayib Bukele was triumphant on Thursday about his big bet on the cryptocurrency.
The adoption of bitcoin — which has been legal tender in the Central American nation since 2021 — never quite matched the president’s enthusiasm, but the value of the government’s reported investment now stands at more than $600 million.
Bitcoin has rallied mightily since Donald Trump’s election victory last month, exceeding the $100,000 mark on Wednesday night, just hours after the president-elect said he intends to nominate cryptocurrency advocate Paul Atkins to be the next chair of the Securities and Exchange Commission.
Just two years ago, bitcoin’s volatile value fell below $17,000. Bitcoin fell back below the $100,000 by Thursday afternoon, sitting just above $99,000 by 3 p.m. E.T.
Bukele on Thursday blamed his beleaguered political opposition for causing many Salvadorans to miss out on the bonanza.
There were street protests when the Congress made bitcoin legal tender in June 2021, though that move was not the only motivation for the protesters.
The tiny Central American country has long used the dollar as currency, but Bukele promised bitcoin would provide new opportunities for El Salvador’s unbanked and cut out money transfer services from the remittances Salvadorans abroad send home. The government offered $30 in bitcoin to those who signed up for digital wallets.
Many did so, but quickly cashed out the cryptocurrency.
“It’s important to emphasize that not only did the opposition err resoundingly with bitcoin, but rather, differently from other issues (where they have also been wrong), this time their opposition affected many,” Bukele wrote on Facebook.
Bukele drew an “impressive” comment from Elon Musk on the social media platform X Thursday.
El Salvador’s former Central Bank President Carlos Acevedo pointed out on Thursday that while there has been a gain, it remains an unrealized one until the government’s bitcoin is sold. That said, he credited Bukele’s administration with doing well on the bitcoin move, especially in light of Trump’s election.
Acevedo said “the markets’ optimism that a Trump administration will be friendly with the markets and particularly with bitcoin” explained its sustained rally over the past month.
But the cryptocurrency’s volatility was a persistent risk, he said.
“The average Salvadoran doesn’t use bitcoin, but obviously there are Salvadorans with economic resources who even before had already invested in bitcoin, but it is a small group,” Acevedo said.
Esteban Escamilla, a worker in a clothing store in Santa Tecla, outside the capital San Salvador, said he had cashed out the original $30 of bitcoin offered in 2021.
“I don’t use bitcoin because I don’t have (money) to invest and speculate with, but I know it has gone up a lot,” he said, recognizing that he would have more money now if he had kept it in bitcoin.
Josefa Torres, 45, said as she was doing her grocery shopping that she didn’t have any bitcoin either. “I took out the money and used it for household expenses,” she said.
At the conclusion of meetings between the International Monetary Fund and El Salvador’s government in August, the IMF issued a statement that mentioned the country’s bitcoin holdings.
“While many of the risks have not yet materialized, there is joint recognition that further efforts are needed to enhance transparency and mitigate potential fiscal and financial stability risks from the Bitcoin project,” the IMf said.
Crypto
‘Useless Plastic’: NSPK CEO Declares the End of Visa and Mastercard in Russia
Key Takeaways
- Mir cards captured 85% of Russia’s market as sanctions rendered Visa and Mastercard effectively useless.
- Remaining foreign cards will soon fail due to physical wear and the expiration of security certificates.
- Russia’s central bank announced a gradual phase-out for international cards without strict timeframes.
Mastercard and Visa ‘Absent’ from Russia as Cards Reach Expiration
As local options rise, the Russian card market is being increasingly driven by Mir alternatives after Mastercard and Visa, the two international credit giants, exited the country amid a sanctions push.
Dmitry Dubynin, CEO of the National Payment Card System (NSPK), stressed that international cards were absent from the Russian market, with local alternatives retaking almost all of the credit card market share.
“I would even say that Visa and Mastercard cards are effectively absent from the Russian market. Their cards no longer provide any value: they do not work abroad, there is no access to the loyalty programs of these payment systems, and so on,” said Dubynin in an interview with Expert magazine.
Dubynin compared these leftover cards to pieces of plastic bearing the logos of international companies that no longer operate in Russia, stressing that local support kept them operating.
He commented that eventually, these cards will fail as they endure wear and tear and their security certificates expire. Nonetheless, the NSPK is implementing measures to ensure its continued operation even under these circumstances.
“The share of cards issued by international payment systems continues to decline naturally. Today, nearly 85% of the market is accounted for by Mir cards, and that share will undoubtedly continue to grow,” Dubynin assessed.
Earlier statements by Alla Bakina, Director of the Bank of Russia’s National Payment System Department, who invited Visa and Mastercard to leave the country completely due to the lack of functionality of their cards, raised concerns among the population that still relied on these solutions.
Nonetheless, on July 2, central bank Governor Elvira Nabiullina disclosed that there would be no timeframes for their withdrawal, indicating that they would be phased out gradually.
Crypto
FBI arrests man accused of using Steam games to drain victims’ crypto wallets | TechCrunch
U.S. prosecutors have accused a Florida man of uploading fake video games that contained malware to Steam, the popular PC games platform. Once victims downloaded and installed the games, the malware was designed to infect their computers, steal their passwords and other data, and drain their crypto wallets, according to a criminal complaint.
On Tuesday, the FBI arrested Zyaire Wilkins, a 21-year-old Florida resident and student. On Wednesday, prosecutors accused him and a number of unnamed co-conspirators of hacking crimes. Over the past two years, Wilkins and his partners allegedly published several malware-laden video games on Steam, including BlockBlasters, Dashverse, Lampy, Lunara, and PirateFi. Using that malware, says the FBI, Wilkins and his accomplices infected around 8,000 victims, and then hacked around 80 cryptocurrency wallets to steal at least $220,000 worth of crypto.
Wilkins and the others marketed their malicious video games on Discord, LinkedIn, and Telegram, according to the authorities.
Wilkins’ lawyer did not respond to a request for comment.
In March, the FBI announced that it was investigating a hacker suspected of using malware-embedded video games published on Steam to hack victims. In the announcement, the bureau called for people who downloaded the malicious games, which included those named in this week’s complaint, to come forward and provide evidence to aid the investigation.
In the last year, Steam’s maker Valve has removed several video games from its platform after they were found to contain malware, including PirateFi. All the games were designed to look legitimate, to the point that players could install them and play them, but they all contained malware.
After the FBI identified another person involved in the crimes, according to the complaint, federal agents interviewed them. The unnamed person said they worked with other people to raise money to launch and market the malicious games in return for sharing some of the stolen cryptocurrency. The FBI identified a specific crypto account involved in the scheme, and then traced cryptocurrency payments made with that account to buy several gift cards, including for Uber Eats. After subpoenaing Uber, the feds were able to see that the gift cards were linked to an account that made deliveries to Wilkins, who went by the nickname Sibel.eth online, according to the complaint.
The feds then got a search warrant for Wilkins’ residence, where they seized his MacBook laptop, cellphones, other devices, and digital wallets. According to the complaint, he refused to speak or answer any questions.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
Crypto
DeFi’s Newest Threat: How Malicious Liquidity Pools Are Trick-Quoting Ethereum and Polygon Users
Key Takeaways
- Enso’s July 16 report exposed “toxic pools” that fake quotes, causing tens of thousands of dollars in losses on a Curve pool.
- The exploit threatens DeFi front-ends, with one malicious Uniswap v4 hook causing a 99.1% failure rate.
- Enso updated its Enso Shield product to detect fake quotes across 2 different blockchain environments.
A ‘Jekyll and Hyde’ Tactic
A newly uncovered class of malicious decentralized finance ( DeFi) liquidity pools is targeting the core infrastructure that cryptocurrency traders rely on to find the best prices, according to new research published July 16 by DeFi infrastructure firm Enso.
The company is calling the deceptive setups “toxic pools.” Unlike typical cryptocurrency hacks that drain funds directly from smart contracts, these pools are engineered to systematically trick transaction simulations. They return attractive, highly competitive price quotes when a crypto wallet or decentralized exchange ( DEX) aggregator runs a simulation, but they alter their behavior the moment the transaction is actually executed on the blockchain.
The result is a subtle, systemic drain: traders receive significantly worse execution prices than they were quoted, or their transactions fail, burning network fees in the process.
“Our investigation leads us to believe this is not simply another isolated smart contract exploit,” said Milos Costantini, co-founder and chief product officer at Enso. “The industry has spent years optimizing price discovery. Our findings suggest the next challenge is verifying execution integrity.”
According to Enso’s report, toxic pools exploit the off-chain “dry-run” simulations that wallets use to preview trades. The malicious contracts detect when they are running in a read-only simulation environment and return an artificially optimized price. Once the transaction is actually broadcast on-chain, the pool alters its mathematical logic to execute the trade at a degraded rate.
To remain hidden from security systems, these pools alternate between honest and malicious states, rendering static code scanners and historical reputation filters ineffective. This bait-and-switch design degrades the user experience and drains user funds through failed transactions. In one case study, a manipulated Curve pool triggered more than 37,000 reverted trades, forcing users to burn nearly $30,000 in gas fees.
Attackers are also exploiting next-generation, modular exchange architectures. On Polygon, a malicious “hook” — a smart contract plugin used in platforms like Uniswap v4 — lured routing systems with fake rates before triggering a 99.1% transaction failure rate.
Findings From On-Chain Forensic Analysis
The research, which spanned roughly two months of on-chain forensic analysis, combined historical archive- node data, transaction trace analysis and smart contract inspections. Enso engineers, with support from contacts at major DeFi protocols Curve Finance and Oku, identified active toxic pools operating across both the Ethereum and Polygon blockchains.
In one documented case study on Ethereum, a manipulated Curve pool processed more than 129,000 swaps. While the pool appeared to be the optimal route, it delivered worse execution than quoted, leading to approximately $225,000 in overstated quotes.
Furthermore, Enso’s team identified multiple blockchain oracle contracts deployed by the same operator to support additional pools, indicating the tactic is likely more widespread than the two documented cases and could represent an emerging template for on-chain extraction.
The findings present a direct challenge to the user-facing layer of the DeFi ecosystem. Popular wallets, consumer-facing interfaces and aggregators depend heavily on automated simulations to guarantee the “best path” for a user’s trade.
Enso’s report highlights that if routing infrastructure cannot distinguish between a legitimate quote and a manipulated one, front-ends will continue to steer users toward these traps. This creates potential legal and financial liability risks for wallet providers and interface operators who promise “best execution” but routinely deliver toxic routes.
In response to the threat, Enso announced it has updated its execution-protection product, Enso Shield, to include dedicated toxic-pool detection. The security tool is designed to bypass standard simulation methods by analyzing live on-chain context, monitoring quote history and using transaction traces to spot execution discrepancies.
Rather than blaming individual decentralized exchanges, Enso has called on the wider cryptocurrency industry to conduct further research into the manipulation of transaction simulations.
“If transaction simulations can be manipulated while real execution tells a different story,” Costantini said, “we need better ways to verify what users actually receive.”
-
Technology5 minutes agoHalluSquatting AI attack could hijack your computer
-
Business11 minutes agoAmazon delivery companies lay off more than 150 people in the San Francisco Bay Area
-
Entertainment17 minutes agoNara Smith says 2-year-old daughter Whimsy’s cancer is in remission
-
Lifestyle23 minutes agoOne-eyed rescue cat with Long Beach cult following celebrates 15th birthday in style
-
Politics29 minutes agoCommentary: Trump’s voter fraud speech was bait. Stop biting
-
Science35 minutes agoCommentary: The doctor who helped save her is in another state, and telemedicine follow-up is prohibited
-
Sports41 minutes agoCommentary: LAFC star Son Heung-Min proves life after the World Cup can offer hope and redemption
-
World53 minutes agoDeath toll from the two earthquakes that hit Venezuela hits 5,069