Week in review: $78,000 tested and penalties for crypto exchange in Russia

Bitcoin tests $78,000; hacks hit projects; Russia backs penalties for illicit crypto exchange.

Bitcoin tested $78,000, crypto projects faced a fresh wave of hacks, Russia proposed penalties for illegal exchange of digital assets, and other events of the week.

Cautious optimism in the market

Over the past seven days bitcoin extended its uptrend and held above key support. Monday opened with a drop to $71,000 amid reports that US–Iran talks had collapsed.

But in the early hours of Tuesday, April 14, the asset rose above $74,000. Some observers linked the move to the liquidation of a large volume of short positions.

Through Friday the bellwether traded in a narrow $73,000–$76,000 range. After US markets opened for the final session of the week, the asset spiked to $78,000.

The uptick followed a statement by Iran’s foreign minister, Abbas Araghchi, that the Strait of Hormuz had been reopened.

The gains did not last. Over the weekend digital gold gave back the entire Friday rally, sliding to $75,000. The coin added about 6% over the week.

Other top‑ten coins largely tracked the leader. ETH rose 6%, XRP 8% and BNB 5%.

Despite the bounce, investors remain wary. The main worry is a possible short squeeze. A notable gap has opened up between buoyant spot prices and bearish positioning in futures — a mismatch that often ends in large‑scale liquidations.

The rally also came with inflows into ETFs. Spot bitcoin products attracted $996m for the week — the second‑largest tally since the start of the year.

Ethereum funds took in $275m.

Total crypto market capitalisation climbed to $2.6trn. BTC dominance is 57.5%, ETH 10.7%.

The Crypto Fear and Greed Index returned to the fear zone at 27 for the first time since mid‑March.

A new wave of hacks

Large‑scale attacks have hit crypto projects for weeks. On April 13 the Polkadot cross‑chain bridge Hyperbridge was compromised.

An attacker gained admin rights and minted 1bn DOT tokens. They then sold the coins in a single transaction for 108.2 ETH (about $237,000).

The main Polkadot network was unaffected — only the ERC‑20 version of its native coin on Ethereum was impacted.

The Hyperbridge team later said losses had been revised up to $2.5m. Most of the sum reflects hits to reward pools on Ethereum, Base, BNB Chain and Arbitrum.

The project pledged to compensate affected users.

At the end of the week, on April 17, the Kelp protocol was hit. Criminals again used a vulnerability in a cross‑chain bridge.

According to analyses of the incident, the hacker invoked the lzReceive function in the EndpointV2 contract, initiating a transfer of 116,500 rsETH to a personal address. Losses are estimated at roughly $293m.

After the breach the protocol froze most operations. The incident also hit the Aave lending platform — the attacker routed assets through it.

What to discuss with friends?

• Tether launched a “people’s” bitcoin wallet.
• Bitwise: the conflict in Iran brought bitcoin closer to the role of a real means of payment.
• China launched a plan to integrate AI into education.
• Critique instead of partnership. Journalists published an investigation into Polymarket and Kalshi.

Russia tightens exchange rules

Russia’s government commission on legislative activity approved provisions that would introduce criminal liability for illegal cryptocurrency operations.

The initiative adds Article 171.7 to the Criminal Code — on the illegal organisation of digital‑currency circulation. It provides liability for running such activity without registration or a Central Bank licence.

Penalties depend on the amount of damage. The base offence carries a fine of up to 300,000 roubles, compulsory labour, or up to four years’ imprisonment.

With aggravating factors — including if the act is committed by a group or in an especially large amount — the term can rise to seven years and the fine to 1m roubles. “Large” damage would start at 3.5m roubles; “especially large” at 13.5m.

The amendments will form part of the bill “On digital currency and digital rights”, which could take effect from July 1, 2026.

In comments to ForkLog, experts assessed the provisions and their implications for the domestic market. Olga Zakharova, head of the legal department at Plan B, stressed that penalties would not apply to one‑off crypto exchanges — that is, not to ordinary users of digital assets.

“Illegal circulation” refers specifically to activity that organises the turnover of virtual currency. At risk are not only exchangers but also any services that facilitate deals or provide infrastructure.

Ignat Likhunov, founder of the Cartesius law agency, argued that the key problem for the market is not criminal liability itself, but how easy it is to approach it.

He called the 3.5m‑rouble threshold a relatively small sum for the flow of digital assets.

“That is, roughly speaking, if an exchanger bought, say, 40,000 USDT or 50,000 USDT, which are considered crypto, incurred expenses, and then sold them for more, earning 1% for himself, it turns out he has already exceeded the 3.5m threshold and worked his way into part of the first offence,” Likhunov explained.

Andrey Tugarin, founder of the law firm GMT Legal, noted that the key task of the new package of bills is to regulate organisers of digital‑currency circulation. First and foremost these are crypto exchangers, though the circle of participants is broader.

OpenAI is keeping up

The response to the controversial release of the AI model Mythos by Antropic did not take long. OpenAI opened access for a limited number of users to GPT‑5.4‑Cyber — a new solution for finding vulnerabilities in software.

“This is a version of GPT‑5.4 that lowers the refusal threshold for legitimate cybersecurity work and unlocks new capabilities for advanced defensive workflows,” the announcement said.

Among the additional features is reverse‑engineering of binary files. It allows experts to analyse compiled software for vulnerabilities and malicious code, as well as assess overall security without direct access to source code.

To access the tool, users must verify their identity, and organisations must request permission through their representative.

Anthropic’s recent release caused much noise in the AI industry. The company refused to release the model openly because of its advanced vulnerability‑finding abilities and high security risks.

The concern was that in just a few weeks Mythos discovered thousands of zero‑day vulnerabilities in major operating systems and web browsers.

Also on ForkLog:

• At Stanford they noted the outpacing development of AI.
• The loss of the largest holder of Ethereum exceeded $3.8bn.
• Public miners sold a record 32,000 BTC in a quarter.
• Bitcoin mining difficulty fell by 2.4%.

Clarification for crypto wallets

This week the US Securities and Exchange Commission (SEC) published a statement clarifying its interpretation of software interfaces for cryptocurrency transactions under broker‑dealer rules.

According to the memo, solutions for operations via self‑custodial wallets may, under certain circumstances, be exempt from registration.

The main condition is not to nudge investors toward specific trades in crypto‑asset securities. Providers must also avoid commenting on execution paths and meet other SEC standards.

Although the clarification has no official force, it “provides greater clarity in applying the laws,” the authors noted.

The community called the document “one of the most important” in the history of US digital assets. Commissioner Hester Peirce also supported the initiative.

“Cryptocurrencies are forcing the SEC to grapple with internal demons that pushed it toward ever broader interpretations of the securities laws,” she added.

Over the past year the Commission has issued several similar guides. In one of them the agency excluded meme coins and most stablecoins from the category of securities.

What else to read?

ForkLog revisited the path of alternative layer‑one blockchains. The new piece analyses the promises, the billions raised and the harsh reality protocol teams faced in 2026.

In the traditional digest we compiled the week’s main cybersecurity events.