hodler

4 Feb 2026, 17:24

Attention Binance Users: Massive Malware Dataset Exposes 420,000 Accounts

A trove of 149 million stolen credentials, including login details for 420,000 Binance accounts, was discovered circulating among cybercriminals this week. The findings highlight a shift in crypto theft toward long-term malware infections that steal data directly from users’ devices, often long before any funds are moved. The Scale of the Threat According to an alert posted on February 4 by security firm Web3 Antivirus, the dataset was compiled from information-stealing malware installed on victim devices. Beyond exchange logins, the stolen data included passwords, private keys, API keys, and browser session tokens for email, social, and financial platforms. The firm noted that these “infostealers” capture data that can later be used for account takeovers and fund theft, emphasizing that prevention requires early detection at the device level since by the time suspicious activity appears on-chain, it is often too late. Furthermore, in a separate series of posts, Web3 Antivirus detailed how malicious AI skills on platforms like ClawHub are being used to steal crypto data. Per the security firm, these fraudulent skills, posing as wallet tools or trading bots, install information-stealing malware that can remain dormant until a victim’s crypto balance grows or specific actions are taken. This vulnerability represents a supply-chain risk that moves upstream “from wallets to the tools people trust to manage them.” A Persistent Challenge for Users and Platforms The gravity of losses resulting from crypto theft cannot be understated. A recent report from PeckShield noted that scams and hacks drained over $4.04 billion in 2025, with scams alone jumping 64% year-over-year. The firm observed a move toward targeting centralized exchanges and large organizations, which accounted for 75% of stolen funds in 2025. Meanwhile, Web3 Antivirus put the volume of 2025’s illicit crypto activity at approximately $158 billion, up from $64 billion in 2024. While the on-chain security provider partly attributed the increase to better tracking and more state-linked activity, the figures show that even small success rates for thieves can result in large losses at scale. The recent data thefts highlighted a gap between user and platform protection, with the company stating, “Scams don’t succeed because users ignore advice; they succeed because risk is only surfaced after execution is already possible.” The firm argued that platforms, which can see transaction approvals and behavioral patterns before users do, sit at “the last real control point” for preventing theft. One of the more common attack vectors is wallet drainers, which Web3 Antivirus stated had gotten worse, with 15,530 suspicious approvals across 11,908 wallets leading to $4.25 million in losses in January. These drainers usually enter through malicious transaction approvals, making pre-signature detection extremely important. The post Attention Binance Users: Massive Malware Dataset Exposes 420,000 Accounts appeared first on CryptoPotato .

4 Feb 2026, 15:09

Incognito Market Founder Rui-Siang Lin Sentenced to 30 Years for $105M Crypto Drug Operation

The darknet marketplace processed 640,000 cryptocurrency transactions across more than 400,000 buyer accounts before an exit scam shut it down in March 2024. Rui-Siang Lin, the 24-year-old Taiwanese founder of darknet drug marketplace Incognito Market, has been sentenced to 30 years in federal prison for operating a $105 million crypto-powered narcotics operation, the U.S. Department of Justice announced on Tuesday. Key Takeaways: – Lin received 30 years for running Incognito Market, which processed $105 million in cryptocurrency drug transactions between 2020 and 2024. – The platform used a proprietary crypto payment system called “Incognito Bank” to handle BTC and Monero transactions for over 400,000 buyers. – The sentencing arrives as the DOJ continues to prioritize darknet narcotics cases despite disbanding its dedicated crypto enforcement unit in 2025. U.S. District Judge Colleen McMahon, presiding in the Southern District of New York, called the case the most serious drug crime she had encountered in over 27 years on the bench, labeling Lin a “drug kingpin.” Lin pleaded guilty in December 2024 to charges including engaging in a continuing criminal enterprise, narcotics conspiracy, and money laundering. The court also ordered $105,045,109.67 in forfeiture. Operating under the alias “Pharoah,” Lin ran the marketplace from October 2020 through March 2024. He facilitated sales of more than 1,000 kilograms each of cocaine and methamphetamine, alongside hundreds of kilograms of other controlled substances, including fentanyl-laced pills linked to at least one overdose death. “Today’s sentence puts traffickers on notice: you cannot hide in the shadows of the Internet,” U.S. Attorney Jay Clayton said . “The internet, ‘decentralization,’ ‘blockchain’ — any technology — is not a license to operate a narcotics distribution business.” Proprietary Crypto Payment System Enabled Anonymous Drug Sales on Incognito Market At the center of Incognito Market’s operations was a custodial crypto wallet system called “Incognito Bank,” where users deposited BTC or Monero into on-site accounts, according to the DOJ. Transactions were processed internally between buyer and seller accounts, and the platform collected a 5% commission on every sale. According to court ruling details, Lin pocketed over $6 million in profits from fee compensations. In March 2024, Lin shut down the marketplace in an exit scam, stealing at least $1 million held in user deposits and threatening to publish transaction histories unless vendors paid extortion fees ranging from $100 to $20,000. The scheme revealed that the marketplace’s promised encryption and message deletion features had never functioned — user data had been retained throughout the platform’s entire operation. According to court filings, investigators traced Bitcoin from Incognito’s administrator wallet to Lin’s personal wallet, where it was converted to Monero and deposited into a centralized exchange account registered in his name, complete with his Taiwanese driver’s license and personal details. Lin’s Operational Security Failures Led to His Arrest at JFK Despite running a sophisticated darknet platform, Lin made critical mistakes that exposed his identity. He registered domains to promote Incognito Market using his real name, phone number, and physical address. One domain purchase was partially paid using 0.00501 BTC from a crypto exchange account containing his identity documents, directly linking Lin to the Incognito administrator wallet. He also maintained a GitHub account under his own name and saved the marketplace’s operational diagram to his personal Gmail. He was arrested at John F. Kennedy International Airport on May 18, 2024, while transiting to Singapore. The investigation involved the FBI, Homeland Security Investigations, the DEA, the FDA Office of Criminal Investigations, the NYPD, and U.S. Customs and Border Protection. DEA Special Agent in Charge Frank A. Tarentino III said Lin’s actions of prioritizing profits over public health were “reckless and dangerous, but unconscionable.” Sentencing Arrives Amid Shifting DOJ Crypto Enforcement Priorities Lin’s 30-year sentence stands as one of the harshest penalties for darknet marketplace operations. It’s second only to the life sentence initially given to Silk Road founder Ross Ulbricht — who was pardoned by President Trump in January 2025. In April 2025, Deputy Attorney General Todd Blanche issued a memo disbanding the National Cryptocurrency Enforcement Team and directing prosecutors to stop pursuing cases against exchanges, mixers, and wallets for the acts of their end users. US senators challenge @TheJusticeDept Deputy AG Todd Blanche over dismantling the crypto crime unit while holding $158K–$470K in $BTC and $ETH . #DOJ #CryptoCrime https://t.co/iTSjooq7Cq — Cryptonews.com (@cryptonews) January 29, 2026 However, the memo explicitly maintained focus on cases involving terrorism and narcotics trafficking — categories that squarely captured Lin’s conduct. Meanwhile, the DOJ has continued darknet enforcement on other fronts, finalizing a $400 million forfeiture tied to the Helix cryptocurrency mixer in January 2026. The post Incognito Market Founder Rui-Siang Lin Sentenced to 30 Years for $105M Crypto Drug Operation appeared first on Cryptonews .

4 Feb 2026, 12:15

Canada’s investment regulator CIRO introduces framework for crypto asset custody

The Canadian Investment Regulatory Organization (CIRO), a national, non-profit, self-regulatory organization, has introduced a new regulatory framework for crypto custody to mitigate future risks arising from security breaches, fraud, and weak governance. Regarding this new regulatory framework, the CIRO issued a statement dated Tuesday, February 3, publicly announcing the release of its Digital Asset Custody Framework, which clearly outlines how dealer members operating crypto asset trading platforms (CTPs) should ensure robust protection of digital assets. Canada’s top investment industry regulator further explained that the implementation of this framework will be managed temporarily through membership terms and conditions. They preferred this option because it enables fast adjustments to new risks while permanent regulations are being established. The CIRO implements a new regulatory framework to safeguard clients’ assets The Canadian Investment Regulatory Organization noted that the newly released regulatory framework addresses risks associated with technology, operations, and legal activities, particularly those related to digital assets. Following their statement, sources familiar with the situation, speaking on condition of anonymity, revealed that the regulatory agency is trying to avoid scenarios such as the 2019 failure of QuadrigaCX , which resulted in significant losses. Notably, a core component of the framework is a tiered, risk-based approach for crypto custodians that divides them into four tiers based on specific factors such as capital levels, regulatory oversight, insurance coverage, and operational strength. These tiers determine the maximum client assets a custodian can hold. For instance, the limit for top-tier custodians with the best protections is up to 100% while that of the lowest Tier 4 is down to 40%. Moreover, dealer members may hold up to 20% of their managed client crypto assets. Apart from these limitations, some additional requirements include firm governance policies that structure governance, ensuring compliance with key management operations, cybersecurity, incident response, and third-party risks. Furthermore, mandatory insurance, independent audits, security compliance reports, and regular penetration testing are also considered essential. On the other hand, the framework outlined that custody agreements must clearly define liability for any losses resulting from breach of duty or lack of reasonable care. “The framework takes a risk-based and balanced approach aimed at protecting investors while encouraging market innovation and competition,” CIRO said. While establishing this framework, the regulatory agency considered contributions from industry partners, such as CTPs and custodians, while also embracing global standards. It is worth noting that the main aim of this initiative is to strengthen the country’s efforts to enhance investors’ safeguards in the rapidly evolving crypto market, thereby fostering responsible innovation. Regulatory agencies call to address crypto-related crimes Reports highlighted that criminal activities in the crypto industry have surged as cryptocurrencies become increasingly popular among individuals. To support this claim, sources noted the incident in which the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) assessed a roughly $12 million penalty against local crypto exchange Cryptomus last October for failing to report over 1,000 suspicious transactions linked to darknet markets and wallets. These transactions were reportedly linked to fraud, ransomware payments, and sanctions evasion. Apart from Cryptomus, reports also noted that FINTRAC imposed significant penalties on offshore exchanges KuCoin and Binance earlier this year for the same issue. R eports clarified that CIRO functions as a self-regulatory organization with regulatory power to ensure compliance from member firms and individual registrants. The regulatory agency is authorized to investigate allegations of misconduct and to initiate disciplinary proceedings, including fines and suspensions. The smartest crypto minds already read our newsletter. Want in? Join them .

4 Feb 2026, 06:30

OpenAI CEO Sam Altman said using Codex made him feel “a little useless,”

OpenAI Chief Executive Sam Altman openly acknowledged feeling “a little useless” after using his company’s AI coding tool, Codex. The admission came just days after OpenAI rolled out Codex as a standalone app for macOS computers. In his post , Altman confessed the tool was better at generating features than he could, making him nostalgic for the present while boasting AI’s transformative potential for the future. His candid assessment invited equal parts empathy and harsh criticism from tech experts and beyond. Altman said that even as CEO of one of the world’s richest AI companies, he sometimes felt intimidated by the technology he helped create. He acknowledged that better, more interesting ways to spend time would be found, but at that moment, he felt nostalgic. Many people said they could relate, having experienced similar feelings in the age of AI-driven productivity. Observers noted that Altman’s admission offered a rare glimpse of vulnerability from someone usually linked with AI hype and the vision of the “singularity.” Tech community pushes back on Altman’s AI comments One user said Altman would have a $100 billion parachute exit, but most regular workers wouldn’t get that kind of luck. With 50-60% of white-collar jobs potentially disappearing because of AI, many people would feel much more useless and sad, without any safety net to fall back on. An OpenSea engineer noted that Altman could “cry into a giant pile of money,” but not for “ordinary workers.” Instead, they would have to rely on chatbots for the remainder of their careers, highlighting the divide between tech executives and average workers facing AI transformations. Food writer Chrisy Toombs, for example, said she found herself incensed about the wider ramifications of AI. She said she had seen her career vanish as AI’s ability to create “vacuous copies” of her work expanded. And that also had consequences: AI models were trained on the work of people without their consent, and, ever since, many creators have felt powerless. Altman’s post also coincided with OpenAI’s announcement to retire GPT-4o , along with GPT-4.1, GPT-4.1 mini, o4-mini, and legacy GPT-5 models. GPT-4o was renowned for its chatty tone and multimodality, and users previously protested efforts to diminish it. Currently, the majority of users prefer recent models, the company said, such as GPT-5.2, which provide customizable personalities and creative controls emulating GPT-4o’s best features. Tech leaders grapple with AI’s impact on creativity With mounting criticism, Altman attracted the attention of many tech folks thanks to his honesty. Aditya Agarwal, a former Dropbox CTO and early Facebook engineer, had mixed feelings: “I spent a lot of time over the weekend writing code with Claude. And it was very clear that we will never write code by hand again. It doesn’t make any sense to do so,” he said. “Something I was very good at is now free and abundant. I am happy… but disoriented… both the form and function of my early career are now produced by AI. I am happy, but also sad and confused.” Altman’s post highlights a broader tension at play in today’s technology landscape. Even AI pioneers say their knowledge and outputs dwindle as AI tool capabilities grow. It’s also indicative of broader social issues related to relevance, work, and creativity in an AI-dominated world. Altman felt he was on the receiving end of criticism, but ultimately, he got to speak from the human side of technological advancement. Just as an important reminder that, as AI continues to evolve, that feeling of inadequacy, nostalgia, and wonder will surely factor in. And not only everyday users, but also people who turn the tools into products. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .

4 Feb 2026, 03:02

Anthropic AI Under Fire After Crypto-Linked Attack and $350B Valuation Surge

Anthropic is trending after reports that its valuation climbed to around $350 billion following fresh backing from major tech giants including Microsoft and Nvidia. The funding includes multibillion-dollar cloud and compute commitments, positioning Claude among the most aggressively scaled AI systems in the market. Investors are now pricing Anthropic alongside the largest AI leaders, fueling speculation about a potential IPO in 2026. Revenue projections have also been revised upward, with analysts expecting explosive growth driven by enterprise adoption of Claude for coding, automation, and data analysis. Large corporations are integrating Anthropic’s models into internal workflows, cybersecurity systems, and cloud platforms. This rapid expansion explains the sharp spike in search interest, as markets reassess the long-term dominance battle between Anthropic, OpenAI, and Google DeepMind. However, the valuation jump comes with rising scrutiny. With heavy spending on compute infrastructure and safety research, profitability remains uncertain, making the $350B figure both impressive and controversial among institutional investors. AI Hack Controversy and Crypto Security Concerns At the same time, Anthropic is facing backlash after reports that its Claude AI tools were misused in coordinated cyber operations. Investigations revealed that attackers manipulated AI prompts to automate reconnaissance, generate exploit code, and assist in targeting financial and tech institutions. The case sparked fears about AI systems accelerating sophisticated cybercrime. For the crypto sector, the implications are serious. Security researchers warn that advanced AI agents can help identify smart contract vulnerabilities, automate phishing campaigns, and optimize social engineering attacks targeting digital wallets and exchanges. Even if the AI was not intentionally designed for malicious use, the incident highlights how powerful language models can be weaponized when safeguards are bypassed. This dual narrative record-breaking valuation growth alongside AI misuse concerns has pushed Anthropic into the spotlight. Markets are now debating whether AI’s rapid expansion will strengthen financial infrastructure or introduce systemic digital asset risks. That tension is exactly why Anthropic is dominating Google Trends today.

3 Feb 2026, 17:58

Arbitrum Issues Urgent Warning After Official X Account Compromised

Arbitrum has issued an urgent security alert after its ArbitrumDAO governance X account was compromised, with attackers posting phishing links disguised as airdrop promotions. The breach joins a relentless wave of social media takeovers targeting major crypto projects in early 2026. The compromised account directed followers to a fraudulent link at gov-arbitrum[dot]com, claiming a confirmed “ snapshot ” would reward long-term participants for bridging, swapping, and governance activity. Arbitrum’s official channels immediately urged the community to avoid all posts and interactions from the account until full access is restored. SECURITY ALERT The @arbitrumdao_gov account has been compromised. Do not click any links or interact with posts from that account until further notice. We are working to recover access. Updates to follow. — Arbitrum (@arbitrum) February 3, 2026 Fake Airdrop Bait and the Anatomy of the Attack The posts framed eligibility as exclusive to “ real users, ” separating long-term participants from “ farmers ” and “ opportunists ,” while reassuring latecomers that “ this isn’t the end of airdrop season. “ The language closely mimicked legitimate project communications, making the phishing link especially dangerous for active ecosystem members. X Post Screenshot McKenna, managing partner at Arete Capital, has been on the front lines of these breaches. “ I think I’ve helped around 5-7 people with X account hacks over the last month including Plasma and now Arbitrum, ” he said , adding that the connection he made at X, following North Korean hacking his account, is helping in these instances. His recommendation was pointed: “ Please ensure you use a password manager with physical YubiKeys to secure everything. Don’t wait, do it today. ” I think I've helped around 5-7 people with X account hacks over the last month including Plasma and now Arbitrum. It took me over a month night and day to get a connect at X exhausting every connection I had to get my account back post the North Korea hack. Please ensure you use… — McKenna (@Crypto_McKenna) February 3, 2026 This latest account takeover comes as North Korean hackers have pushed cumulative crypto theft to $6.75 billion, personal wallet compromises have surged to 158,000 incidents in 2025, tripling the 2022 figure. Source: Chainalysis In fact, as reported by Cryptonews , wallet drainer losses, despite falling 83% to $84 million, remain a persistent threat. High-Profile Crypto Accounts Breached Across Platforms The Arbitrum hack follows a string of devastating compromises across the industry. Scroll co-founder Ye Chen’s X account was hijacked in January , with attackers reshaping his profile to mimic X’s official branding and flooding his extensive network of crypto executives and developers with phishing messages disguised as copyright violation warnings. BNB Chain’s official account was also breached in October, prompting Binance co-founder CZ to warn followers to “ Please do not click on any links recently posted from this account. “ Binance co-CEO Yi He’s WeChat account was separately hijacked in December, with attackers executing a pump-and-dump on the meme token MUBARA that netted roughly $55,000 before retail buyers were left exposed to a sharp price reversal. ZKsync and Matter Labs were breached via delegated accounts, with attackers posting fake claims of an SEC investigation that sent ZK’s price down 5% despite a prior 38.5% weekly rally. Watcher.Guru fell separately after fake Ripple-SWIFT partnership claims spread across Telegram, Discord, and Facebook via automated content bots. Phishing Dominates as 2026 Opens With Record Losses These attacks are unfolding against historic crypto crime levels, with the U.S. Marshals Service also confirming an investigation into a hack of federal digital-asset accounts. TRM Labs reported $158 billion in illicit crypto activity in 2025 , up 145% year-over-year, while Chainalysis documented over $3.4 billion in outright theft, with North Korean state hackers responsible for $2.02 billion. 2026 started even worse, with CertiK confirming roughly $370.3 million lost to exploits in January alone. Phishing accounted for $311.3 million of that total, dwarfing the $51.5 million attributed to code vulnerabilities, as IPOR Labs’ $336,000 Arbitrum vault exploit compounded the damage. A $282 million hardware wallet social engineering theft also set a new individual record, with the attacker converting stolen Bitcoin and Litecoin into Monero to obscure the trail. Phishing has been a particular problem, with a December victim losing $50 million to address poisoning , while a separate $3.05 million USDT theft stemmed from signing a malicious transaction. Beyond individual targets, hijacked YouTube accounts netted attackers over $939,000 through fake trading bot promotions. Even worse, Betterment users received phishing notifications promising to triple their Bitcoin and Ethereum deposits. Step Finance loses $30 million in Solana treasury hack as STEP token plunges 90% amid broader DeFi security crisis. #Solana #StepFinance https://t.co/WiqvLg0XJI — Cryptonews.com (@cryptonews) February 1, 2026 February also started with a massive hack, with Step Finance confirming multiple breaches of treasury and fee wallets that resulted in $30 million stolen. The post Arbitrum Issues Urgent Warning After Official X Account Compromised appeared first on Cryptonews .