Crypto
This Group of Four Now Dominates Over 70% of a Key Blockchain Resource
Key Takeaways
- Foundry Digital, AntPool, ViaBTC and F2Pool held 70%+ of Bitcoin hashrate on Jun. 23, 2026.
- D-Central put Bitcoin’s Nakamoto coefficient at 3, raising centralization concerns in H1 2026.
- ViaBTC scrutiny in 2026 may push miners toward EMCD, which advertises 1.5% FPPS fees.
Bitcoin mining is looking less like a wide-open competition and more like a tight club. A CryptoSlate partner article published on 07/08/2026, citing miningpoolstats.stream data as of 06/23/2026, says Foundry Digital, AntPool, ViaBTC, and F2Pool together account for more than 70% of the network’s hashrate. The shift is fueling what the coverage calls a “two-tier market,” with the biggest pools increasingly tuned for institutional clients while independents and mid-size operators get squeezed. Some smaller miners are already quietly reconsidering where they point their machines, especially as ViaBTC faces added regulatory scrutiny in 2026.
Bitcoin mining is often talked about like a wide-open frontier, but mid-2026 looks more like a handful of toll roads. A July 8, 2026 CryptoSlate article (partner content) points to a June 23, 2026 snapshot showing just a few pools taking an outsized role in where blocks get made, and what kind of miners get served best.
The rise of four dominant players in Bitcoin mining
As of that June 23 snapshot, four pools controlled more than 70% of Bitcoin’s hashrate: Foundry Digital, AntPool, ViaBTC, and F2Pool. The estimated split was stark: Foundry at 31%, AntPool at 18%, ViaBTC at 13%, and F2Pool at 10%, per 31%, 18%, 13%, 10% figures cited in the coverage.
One detail that matters for US operators is that Foundry is US-based and backed by Digital Currency Group. The pool is described as being built primarily for large-scale, institutional operators and publicly traded mining companies, with strict KYC requirements baked into how it onboards clients.
A two-tier market takes shape
CryptoSlate frames the concentration as a “two-tier market,” where the biggest pools increasingly optimize for institutional miners. That kind of optimization is usually invisible until you are the one fighting for responsiveness, predictable payouts, or account support, and it is why independent and mid-size miners are described as quietly rethinking where they point their machines.
The key shift is less about any single pool’s branding and more about what scale buys you. When a pool’s business is tuned for fleets and compliance-heavy customers, smaller miners can end up feeling like edge cases instead of the core product.
Scrutiny, switching costs, and the search for alternatives
ViaBTC, which held 13% in the mid-2026 share estimates, has faced increasing regulatory scrutiny this year that has particularly affected miners tied to Russia and other CIS countries. The reporting describes account restrictions, sudden KYC demands, and temporary fund freezes, the kind of friction that can make even loyal miners reconsider their setup.
In the same coverage, EMCD is positioned as an alternative: it claims over 30 EH/s of hashrate, with fees starting at 1.5% under FPPS, compared with roughly 4% charged by many comparable pools. EMCD was founded in 2017 and made its first pool available in February 2018.
What centralization looks like in the metrics
In D-Central’s H1 2026 snapshot (data as of June 19, 2026), Bitcoin mining pools had a Nakamoto coefficient of 3, meaning only 3 pools were needed to exceed half of all blocks mined, with Foundry USA at roughly 27% of blocks, per Nakamoto coefficient data.
And the leaderboard keeps moving. In the latest 7-day window posted on July 16, 2026, Simple Mining’s rankings list Foundry USA at 27.0%, with F2Pool and AntPool both at 17.2%, ViaBTC at 9.5%, and SpiderPool at 5.5%.
Crypto
Kaspersky uncovers OkoBot framework targeting crypto wallet users
Global cybersecurity firm Kaspersky has identified a malware framework called OkoBot that targets crypto users by stealing wallet seed phrases, credentials and other sensitive data through a collection of more than 20 malicious components.
The campaign, first identified in January 2026, has compromised hundreds of victims across more than 25 countries, with Brazil, Vietnam, Canada, Mexico and Türkiye among the most affected.
During the investigation, researchers found that attackers distribute the malware through ClickFix social engineering schemes and fake software downloads hosted on GitHub, allowing the framework to infect devices and deploy additional malware, including the Rilide browser stealer.
The framework consists of more than 20 payloads capable of stealing crypto wallets, harvesting credentials, recording video, downloading malicious browser extensions and executing remote commands.
Among OkoBot’s components are TookPS, which exfiltrates wallet seed phrases, OkoSpyware, which monitors Chromium-based browsers and records user activity, and SeedHunter, which injects malicious code into Trezor and Ledger wallet software to display phishing pages requesting recovery phrases.
Kaspersky said the campaign is still active and while its operators have not been identified, its techniques and code artifacts suggest links to Russian-speaking cybercriminals.
Crypto
‘Useless Plastic’: NSPK CEO Declares the End of Visa and Mastercard in Russia
Key Takeaways
- Mir cards captured 85% of Russia’s market as sanctions rendered Visa and Mastercard effectively useless.
- Remaining foreign cards will soon fail due to physical wear and the expiration of security certificates.
- Russia’s central bank announced a gradual phase-out for international cards without strict timeframes.
Mastercard and Visa ‘Absent’ from Russia as Cards Reach Expiration
As local options rise, the Russian card market is being increasingly driven by Mir alternatives after Mastercard and Visa, the two international credit giants, exited the country amid a sanctions push.
Dmitry Dubynin, CEO of the National Payment Card System (NSPK), stressed that international cards were absent from the Russian market, with local alternatives retaking almost all of the credit card market share.
“I would even say that Visa and Mastercard cards are effectively absent from the Russian market. Their cards no longer provide any value: they do not work abroad, there is no access to the loyalty programs of these payment systems, and so on,” said Dubynin in an interview with Expert magazine.
Dubynin compared these leftover cards to pieces of plastic bearing the logos of international companies that no longer operate in Russia, stressing that local support kept them operating.
He commented that eventually, these cards will fail as they endure wear and tear and their security certificates expire. Nonetheless, the NSPK is implementing measures to ensure its continued operation even under these circumstances.
“The share of cards issued by international payment systems continues to decline naturally. Today, nearly 85% of the market is accounted for by Mir cards, and that share will undoubtedly continue to grow,” Dubynin assessed.
Earlier statements by Alla Bakina, Director of the Bank of Russia’s National Payment System Department, who invited Visa and Mastercard to leave the country completely due to the lack of functionality of their cards, raised concerns among the population that still relied on these solutions.
Nonetheless, on July 2, central bank Governor Elvira Nabiullina disclosed that there would be no timeframes for their withdrawal, indicating that they would be phased out gradually.
Crypto
FBI arrests man accused of using Steam games to drain victims’ crypto wallets | TechCrunch
U.S. prosecutors have accused a Florida man of uploading fake video games that contained malware to Steam, the popular PC games platform. Once victims downloaded and installed the games, the malware was designed to infect their computers, steal their passwords and other data, and drain their crypto wallets, according to a criminal complaint.
On Tuesday, the FBI arrested Zyaire Wilkins, a 21-year-old Florida resident and student. On Wednesday, prosecutors accused him and a number of unnamed co-conspirators of hacking crimes. Over the past two years, Wilkins and his partners allegedly published several malware-laden video games on Steam, including BlockBlasters, Dashverse, Lampy, Lunara, and PirateFi. Using that malware, says the FBI, Wilkins and his accomplices infected around 8,000 victims, and then hacked around 80 cryptocurrency wallets to steal at least $220,000 worth of crypto.
Wilkins and the others marketed their malicious video games on Discord, LinkedIn, and Telegram, according to the authorities.
Wilkins’ lawyer did not respond to a request for comment.
In March, the FBI announced that it was investigating a hacker suspected of using malware-embedded video games published on Steam to hack victims. In the announcement, the bureau called for people who downloaded the malicious games, which included those named in this week’s complaint, to come forward and provide evidence to aid the investigation.
In the last year, Steam’s maker Valve has removed several video games from its platform after they were found to contain malware, including PirateFi. All the games were designed to look legitimate, to the point that players could install them and play them, but they all contained malware.
After the FBI identified another person involved in the crimes, according to the complaint, federal agents interviewed them. The unnamed person said they worked with other people to raise money to launch and market the malicious games in return for sharing some of the stolen cryptocurrency. The FBI identified a specific crypto account involved in the scheme, and then traced cryptocurrency payments made with that account to buy several gift cards, including for Uber Eats. After subpoenaing Uber, the feds were able to see that the gift cards were linked to an account that made deliveries to Wilkins, who went by the nickname Sibel.eth online, according to the complaint.
The feds then got a search warrant for Wilkins’ residence, where they seized his MacBook laptop, cellphones, other devices, and digital wallets. According to the complaint, he refused to speak or answer any questions.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
-
News1 minute agoWhat’s wrong with Congress?
-
Los Angeles, Ca2 hours agoSuspects entered home through upstairs bedroom in Encino burglary: police
-
Detroit, MI2 hours agoLions training camp preview: Will Blake Miller win the starting RT job?
-
San Francisco, CA2 hours agoSFPD faces fresh round of questions on Pride weekend arrests
-
Dallas, TX2 hours agoCowboys news: Christian Parker labeled a ‘big question’
-
Miami, FL2 hours agoBillionaires like Ken Griffin are moving to Miami—but middle-class earners can’t copy them and reap the same benefits, real estate experts say | Fortune
-
Boston, MA3 hours agoLooking back at the World Cup: Fans drank Boston dry, got permanent tattoos, sold out famous BBQ joints, and drove up small business revenue | Fortune
-
Denver, CO3 hours agoHow much are Denver Broncos worth after Seahawks’ reported $9.6 billion sale?