investigation

edgeX announced, "We have observed sudden and unusual price fluctuations of the EDGE token and are currently actively investigating the reasons. The team is urgently understanding the specific situation and will publish updates as soon as relevant information is confirmed. The official reminder to users is to rely only on information released through edgeX's official channels and to treat unverified market speculation with caution."Previously, the edgeX platform token EDGE experienced a "flash crash," dropping over 77% to $0.315, and the 24-hour decline has now narrowed to 41.13%.

Regarding the attack on the Kelp rsETH LayerZero V2 bridge that occurred on April 18, Aave released a post-incident investigation on the X platform, emphasizing that the exposure was primarily due to third-party bridge infrastructure rather than the protocol itself. The attacker executed an RPC poisoning attack targeting a single validator of LayerZero, forging a cross-chain message. This led to the release of 116,500 rsETH on the Ethereum side without actual destruction on Unichain. The attacker subsequently deposited the stolen rsETH into Aave V3 (Ethereum Core and Arbitrum), borrowing approximately 82,650 WETH and 821 wstETH.The Aave Protocol Guardian and Risk Steward immediately implemented protective measures for the rsETH and WETH reserves. Currently, the WETH and rsETH markets in the affected V3 deployments are operating normally. The rsETH held by the attacker on Arbitrum has been destroyed, the LayerZero OFT adapter has been fully recharged in five batches, rsETH support has been fully restored, and Kelp has reopened the withdrawal, bridging, and claims functions for rsETH. The WETH LTV in the affected markets has been reset to pre-attack values, and Aave V3 is fully operational across all markets except for rsETH.The Arbitrum DAO has voted to authorize the transfer of frozen ETH to Aave LLC, and it is currently awaiting on-chain execution. The court is still reviewing the substantive content of the injunction, and Aave LLC will continue to comply with the injunction during the court's deliberation. Ongoing projects include: the Aave risk framework from Llama Risk, the bridging assessment framework, the release of evaluation reports for currently live assets, on-chain execution of Arbitrum DAO votes, and the court's review of the injunction.

According to Marketscreener, Swedish Economic Crime Authority prosecutor Jonas Myrdal stated that the early leak of news on social platform X regarding Sivers Semiconductors (SIVE) considering a dual listing in the U.S., which was officially confirmed by the company about 48 hours later, is not a coincidence and is highly likely to involve information leakage.Jonas Myrdal pointed out that the relevant information was published and continuously promoted on the X platform by an anonymous account with about 200,000 followers before the official disclosure, which subsequently led to a significant increase in the company's stock price within a short period. This pattern of behavior is similar to a previous case involving "pump-and-dump" manipulation, in which three individuals were convicted of serious market manipulation. He further suggested that the Nasdaq exchange should investigate this incident and assess whether there are violations of the EU Market Abuse Regulation (MAR). Currently, the source of the information leak is still under investigation.Previously, the "new stock god" Serenity posted on the X platform, seemingly "calling" Sivers, and expressed an optimistic outlook after further reviewing the latest earnings call content of Sivers Semiconductors. The company's management stated that "viewing ecological partners as competitors is not the correct mindset in a super cycle where demand far exceeds supply," reflecting the current strong demand in the photonics industry. Additionally, the photonics business pipeline has rapidly grown over the past five months, driving an overall revenue pipeline increase of 77%.

The French newspaper "Le Monde" revealed that there has been new progress in the investigation of a cryptocurrency-related kidnapping case that occurred in 2023. French law enforcement discovered a transnational money laundering network involving multiple countries and cryptocurrency wallets while tracing the flow of a €1.7 million cryptocurrency ransom. The victim was the father of the well-known crypto influencer "TeufeurS." The kidnappers threatened the victim's family via text messages and demanded ransom payment in cryptocurrency. Ultimately, TeufeurS transferred a total of €1.7 million to the kidnappers' designated wallet in two installments, after which his father was released.The investigation showed that part of the ransom flowed into wallet accounts controlled by foreign nationals after multiple transfers. One transfer of $131,000 was successfully traced by the French gendarmerie, with leads ultimately pointing to a cryptocurrency wallet controlled by Venezuelan nationals. The case further revealed the complex chain of money laundering utilized by criminal organizations through cross-border cryptocurrency transfers, anonymous wallets, and overseas platforms. The report stated that this case is considered one of the significant examples of kidnapping and extortion cases in the European cryptocurrency industry and may serve as an early template for multiple kidnapping cases targeting cryptocurrency practitioners in France and Europe in 2025.

The Spanish Directorate General for the Regulation of Gambling (DGOJ) has requested internet service providers to temporarily block the prediction market platforms Polymarket and Kalshi.The regulatory agency believes that both platforms are offering prediction trading products based on the outcomes of future events to local users without obtaining a gambling license in Spain, which may violate local gambling laws. The Spanish authorities stated that unlicensed platforms lack necessary consumer protection measures such as identity verification, protection for minors, and self-restriction mechanisms.Reports indicate that the relevant investigation is expected to last 3 to 4 months. During the investigation, Spanish users will receive risk warnings when accessing the relevant websites. The regulatory agency may subsequently impose fines, permanent restrictions, or require applications for local licenses.

According to BBX data, the pressure from market regulation suddenly intensified over the weekend, and institutional-level crypto derivatives product lines expanded simultaneously. The core dynamics are as follows:On May 22, James Comer (Republican, Kentucky), Chairman of the House Oversight and Government Reform Committee, officially issued investigation letters to Kalshi (privately held) and Polymarket (privately held), initiating a formal congressional investigation into insider trading on prediction market platforms. The investigation focuses on two suspicious bets: one betting on the early capture of Venezuelan President Maduro, and another betting on the direction of the Iranian conflict. Both transactions recorded unusually large amounts just hours before the related events were made public. According to media reports, the Wisconsin Attorney General has recently listed Robinhood Markets, Inc. (NASDAQ: $HOOD), along with Kalshi, Polymarket, and Crypto.com, as defendants, accusing them of providing unlicensed sports betting services in Wisconsin. This is the latest escalation of the prediction market facing legal challenges in 13 states to congressional scrutiny. Both Kalshi and Polymarket stated their willingness to cooperate with the committee's investigation, asserting that their platforms have robust anti-insider trading mechanisms.On May 23, the U.S. Securities and Exchange Commission (SEC) officially approved a proposal submitted by Nasdaq, Inc. (NASDAQ: $NDAQ) to launch cash-settled Bitcoin index options on its Philadelphia Stock Exchange, which does not involve physical delivery of Bitcoin. This product will allow institutional investors to hedge or invest in Bitcoin price fluctuations through standardized options contracts, filling a market gap for cash-settled Bitcoin index derivatives on regulated exchanges in the U.S. The timing of the approval coincided with significant fluctuations in Bitcoin over the week (with a low of $74,500 and a high rebound to $77,800), reflecting the accelerating release of genuine demand for volatility management tools in the market.

According to CoinDesk, the U.S. House Oversight Committee plans to investigate prediction market platforms due to concerns that U.S. government employees may exploit insider information to profit from policy and national security events. James Comer, the chairman of the House Oversight and Government Reform Committee and a Republican congressman from Kentucky, stated on CNBC's "Squawk Box" that he is seeking internal records from the CEOs of Polymarket and Kalshi to determine whether government employees are profiting from insider information related to policy, geopolitical, and military actions, and indicated that he may push for legislation to prohibit members of Congress, government officials, and other government employees from participating in prediction markets.This investigation comes at a time when prediction markets are rapidly developing, and there is increasing scrutiny from both parties in Congress. Legislators and experts warn that this burgeoning industry poses national security risks, potential insider trading, and gambling issues.

Legal professionals point out that if the review results determine that it has violated regulations, Polymarket may face the risk of being blocked in South Korea or even being forced to exit the market. Currently, multiple countries including France, Germany, and Italy have listed Polymarket as an illegal gambling site and blocked access.

GitHub has updated the details of the investigation into the unauthorized access incident of its internal repositories: GitHub detected and contained an incident yesterday involving an employee's device being compromised, which involved a maliciously implanted VS Code extension. GitHub removed the malicious extension, isolated the affected terminals, and immediately initiated an incident response. Current assessments show that only GitHub's internal repositories experienced data exfiltration, and the approximately 3,800 repositories claimed by the attackers are roughly consistent with the investigation results. GitHub has prioritized rotating critical credentials, is analyzing logs, verifying credential rotations, and monitoring subsequent activities, with a complete report to be released after the investigation is concluded.Additionally, Slow Mist's Chief Information Security Officer 23pds commented on this incident, stating: "By analyzing leaks from cybercrime forums, hackers may have used Anthropic's Mythos security AI to precisely breach GitHub's defenses and steal information from about 4,000 core internal repositories: including the source code for Copilot, the algorithms for CodeQL, the Actions runtime, and the entire billing system. Further analysis of this code could lead to subsequent attacks, having a profound security impact on the integration of the open-source community."

The open-source data visualization tool Grafana has released the latest progress on the investigation of the security incident on May 16. The investigation found that this incident was limited to the GitHub environment of Grafana Labs, including both public and private source code as well as internal GitHub repositories, and did not affect customer production systems, operations, or the Grafana Cloud platform. The downloaded content, in addition to the source code, also included some repositories used by the team for collaboration and storage of internal operational information and business details, involving business contact names and email addresses, rather than data from production systems or the cloud platform.Grafana Labs has made it clear that the codebase was downloaded but not tampered with, and currently, customers and open-source users do not need to take any action. The incident originated from a TanStack npm supply chain attack conducted through the Mini Shai-Hulud campaign. Grafana Labs detected malicious activity on May 11 and initiated an emergency response, but a credential was overlooked, allowing the attacker to gain access. After receiving a ransom demand on May 16, the company decided not to pay the ransom and has rotated automated credentials, implemented enhanced monitoring, audited all commits since May 11, and significantly strengthened GitHub security configurations. The company has notified federal law enforcement, and the investigation is ongoing.

According to the Times of India, a well-known private doctor in Guntur, India, lost approximately 1.3 billion rupees (about 1.5 million USD) due to a cryptocurrency investment scam. The police have launched an investigation based on the victims' reports and are tracking the flow of related funds and the cybercrime gang.The report states that the scammers promoted high returns on cryptocurrency investments to victims through online platforms and initially displayed false profit data to gain trust. The doctor then continued to invest more and even persuaded friends and family to invest together. It was only when attempting to withdraw funds that the platform began to delay or refuse withdrawals for various reasons. Although the account page still showed significant "profits," the funds could not be withdrawn, and the victims eventually realized they had been scammed.The police suspect that the case involves an organized cross-border cyber fraud group and are currently investigating related bank accounts, digital wallets, and transaction records.

The Criminal Investigation Bureau of the Ministry of Public Security published an article titled "Beware of Online Fraud Targeting Minors," which reveals a new type of online fraud chain characterized by "game diversion + impersonating public security and judicial authorities + virtual currency money laundering." Criminals post advertisements through games and social platforms to guide minors to add friends, and use intimidation and other means to extract funds from parents' accounts. The stolen money is split and withdrawn through black and gray industry platforms to purchase virtual currencies, which are not restricted by geography and can silently flow back to overseas fraud dens, completing the "physical isolation" of cross-border funds. The Criminal Investigation Bureau reminds that public security and judicial authorities will never handle cases online, will never intimidate for deductions, and will never ask for passwords or verification codes.

According to Reuters, the Polish parliament has passed a cryptocurrency regulation bill to implement the EU's Markets in Crypto-Assets Regulation (MiCA), with Poland required to complete the implementation of related rules by July. The legislative backdrop is the alleged large-scale fraud involving the Polish cryptocurrency exchange Zondacrypto. Polish prosecutors have launched a multi-million dollar fraud investigation, with expected user losses exceeding 350 million zlotys (approximately 95.93 million USD), and thousands of users are currently unable to withdraw their funds.Polish Prime Minister Donald Tusk previously stated that "Russian funds" and foreign political influence issues may be involved behind Zondacrypto. The exchange's founder Sylwester Suszek went missing in 2022, and the current head Przemyslaw Kral reportedly has gone to Israel. Polish President Karol Nawrocki had previously vetoed the related MiCA implementation bill twice, believing that the regulatory requirements were too burdensome and could lead to the loss of cryptocurrency businesses.

U.S. Senator Warren requests the U.S. Securities and Exchange Commission (SEC) to investigate the cryptocurrency company of President Trump's family.

The UK Parliament's Standards Commissioner is investigating UK MP and leader of the Reform Party, Nigel Farage, due to allegations of failing to declare a £5 million (approximately $6.7 million) personal donation from Tether investor Christopher Harborne. Christopher Harborne holds a 12% stake in Tether. Nigel Farage stated that the donation was received in 2024 before he announced his candidacy, intended for personal security, and therefore he had no obligation to declare it. According to the House of Commons Code of Conduct, new MPs must register any benefits received in the previous 12 months after being elected. If found in violation, Nigel Farage could face penalties such as an apology, suspension, or expulsion from Parliament.

In February this year, several Chinese citizens were raided by the police at a rented villa in Country Heights, Kajang, Malaysia. The police claimed to suspect that the Chinese citizens were involved in fraud, and subsequently, the Chinese citizens were forced to transfer about $50,000 (approximately 200,000 ringgit) in USDT. The police later arrested 12 officers involved in the case and removed them from frontline duties, but the investigation still awaits technical reports and digital evidence results, and there has been no breakthrough to date.Lawyer Charles, representing eight Chinese victims, stated that the investigation is progressing too slowly. Since the arrest of the 12 involved police officers, there has been no further information, raising suspicions of internal interference attempting to suppress the case. He warned that if there is internal protection, he will file a complaint with the Malaysian Anti-Corruption Commission.

The U.S. Treasury Department has sent a letter to Binance, requesting compliance explanations regarding recent reports involving cryptocurrency transactions related to Iran and to strengthen regulatory cooperation.It is reported that this move comes amid ongoing scrutiny by U.S. regulators over cross-border capital flows on cryptocurrency platforms. Previous investigations and media reports have pointed to the possibility that Iran and related entities may be transferring funds through centralized exchanges, drawing the attention of the U.S. Treasury and Justice Departments.

According to Bloomberg, Poland's largest digital asset trading platform Zondacrypto has stated that it is on the verge of bankruptcy after attracting approximately $100 million in deposits from Polish users and has stopped providing services for customer accounts.The Polish national prosecutor's office has launched an investigation into suspected fraud against it. The report notes that Zondacrypto is registered in Estonia, and its bankruptcy crisis is putting political pressure on Donald Trump's allies in the Polish presidential office.

According to Jinshi reports, the UK's financial regulatory authority has launched an investigation into Mastercard (MA.N), Visa (V.N), and PayPal (PYPL.O) due to suspicions of anti-competitive behavior regarding the flow and use of funds in the PayPal digital wallet.The UK's Financial Conduct Authority stated on Wednesday that it has not yet concluded whether the relevant companies have violated competition law. PayPal disclosed this investigation in a regulatory filing this week. A representative from PayPal stated that the company is cooperating with the FCA investigation but will not comment further as the case is still ongoing.