Crypto Regulation and Compliance Updates

Ethereum co-founder Vitalik Buterin issued a security warning to the AI development tool OpenClaw, pointing out that it has vulnerabilities when handling external data, which could lead to user data leakage or the system being controlled. Research shows that about 15% of feature modules may contain malicious logic, highlighting a widely prevalent security risk across the AI industry. He recommended that users and developers take stricter security measures to reduce risk.

Pi Network has introduced a key security update for its users, known as Pioneers. The network now requires two-factor authentication (2FA) to complete both first and second mainnet migrations. This step is part of the Mainnet Checklist. It focuses on protecting user accounts before real Pi tokens m

Social platform X is rolling out a new risk-control mechanism to combat scams that promote fake tokens after accounts are taken over. The system will automatically detect abnormal behavior and require identity verification to reduce the spread of scams. However, this measure has sparked controversy because it may mistakenly flag legitimate users. This initiative shows that social platforms are shifting roles in the crypto ecosystem, and it needs to strike a balance between security and openness.

CORE3 is a crypto risk-rating agency created by HAI Group that has rated 1,426 crypto projects and 253 exchanges. World Liberty Financial, owned by the Trump family, received an F-grade, with a loss probability as high as 68.01%. CORE3 aims to improve the security of DeFi protocols and exchanges, and welcomes industry feedback.

Drift on the X platform confirmed that it has obtained key information related to the exploit attack, and sent messages to the ETH wallets of the four stolen funds, saying it would like to talk. The attack caused at least $200 million in losses, and subsequent updates will be released after third-party attribution is completed.

Recent reports suggest that Satoshi Nakamoto's dormant Bitcoin wallets may attract hackers, raising concerns about the catastrophic economic impact if quantum hacking occurs. With 1.1 million BTC at stake, the cryptocurrency community faces challenges in making the Bitcoin network quantum-proof and managing these coins.

Adobe appears to have suffered a targeted attack; roughly 13 million user records may have been leaked. The source is its contracted Indian outsourcing company. The attackers used a remote access Trojan to obtain access privileges; the data breach includes information on customers and employees, as well as unpublished security vulnerability records. Experts advise users to enable two-factor authentication immediately, change their passwords, and stay alert to guard against social engineering scams.

Kentucky successfully blocked Section 33 of HB380, which required hardware wallet manufacturers to provide a password reset mechanism. It was criticized as an indirect ban because it conflicts with the existing HB701 law’s protections for individuals’ right to independently control encrypted assets. After final revisions, the updated HB380 was submitted to the governor for signature, maintaining the state’s pro-Bitcoin policy.

10x Research warns that if the CLARITY Act is passed, it will ban stablecoin balance yield, potentially impacting DeFi protocols and related tokens. Returns would be funneled back to the traditional financial system, leading to reduced market competition, and many DeFi projects will face strict regulation.

California's SB822 allows the state to claim unresponsive residents' crypto assets after three years. Critics argue it's unfair and unconstitutional, but the state must notify owners before assets are seized, aiming to protect consumer rights.

An American court ruled to forfeit more than $600,000 in USDT, stemming from a physical letter phishing scam targeting Ledger users. After receiving the disguised letter, the victims leaked their seed phrases, and their funds were stolen. The scammers tried to conceal the funds through multiple transfers and conversion methods, but the transparency of the blockchain helped the police track the path of the fund movements. They then successfully recovered the funds through a civil forfeiture proceeding.

Gate News message, on April 3, the tokenized real-world assets platform Ondo Finance has frozen the 477,000 USDY stolen by the Drift attacker.

Solana’s decentralized contract platform Drift Protocol has suffered a major security vulnerability, affecting 20 protocols and causing losses of up to $285 million. The attack primarily exploited a multisig mechanism flaw, which harmed multiple projects. Drift suspended withdrawals; some protocols quickly compensated affected users, highlighting the potential risks in the DeFi ecosystem.

Gate News message, on April 3, the crypto wallet app Leap Wallet announced that it will stop operating on May 28, and users need to complete asset migration as soon as possible. The shutdown scope includes: Compass Wallet (browser extension, iOS and Android versions), Leap WebApp, Swapfast, Leap Cosmos Hub validator nodes, and Leap Cosmos

SolanaFloor data shows the Drift protocol vulnerability's affected scope has expanded to 20 protocols, with losses exceeding $10 million, including Prime Numbers Fi and Gauntlet. Most affected protocols have paused the relevant functionality and are taking countermeasures.

The Arizona House Rules Committee unanimously passed the SB1649 bill, establishing a Digital Assets Strategic Reserve Fund that puts digital assets such as XRP under the management of the Department of the Treasury, and allows revenue to be generated through methods such as staking. If the bill passes, it will become the first U.S. state to officially recognize XRP as a fiscal reserve asset. XRP is currently trading at $1.28 and faces challenges from technical support and resistance.

Bitcoin (BTC) gives back this week’s gains, temporarily trading at around $66,780 on April 3. Bitcoin miner MARA cut 15% of its workforce, shifting its strategy toward energy and digital infrastructure. Blockchain analytics firm Elliptic says North Korean hackers may exploit a vulnerability in the Drift Protocol to profit $286 million.