Dubai's DFSA implemented updated crypto rules that took effect on 12 January 2026. The measures ban privacy tokens and "privacy devices" within the DIFC and replace the regulator's token whitelist with firm-led suitability assessments, while easing limits on fund participation and opening access for brokers and custodians using compliant assets.

On January 12, 2026, Bakkt Holdings, Inc. said it entered an agreement to acquire Distributed Technologies Research Ltd. in an all‑equity deal. Bakkt will issue Class A stock equal to 31.5% of the "Bakkt Share Number," about 9.1 million shares based on the current figure, and plans a corporate name change to "Bakkt, Inc." on January 22.

World Liberty has launched World Liberty Markets, a peer-to-peer platform for crypto lending and borrowing that runs on USD1. USD1's market cap stands at $3.4 billion, and the venue supports WLFI, Ether, tokenized Bitcoin, USDT, and USDC. WLTC Holdings filed an OCC application five days ago to create a federal trust bank for stablecoins.

On January 11, 2026, user Captain Bunny said his OKX accounts holding about $40,000 in stablecoins were frozen after he bought four KYC-verified accounts in 2023. On January 12, 2026, CEO Star Xu replied that access depends on the registered identity, citing terms barring acting on behalf of others. The user shared on-chain records and emails to support his claim.

On January 12, 2026, cybersecurity researchers detailed how the GoBruteforcer botnet compromises Linux servers used by cryptocurrency and blockchain projects through weak credentials and exposed services. The malware targets FTP, MySQL, PostgreSQL and phpMyAdmin to build a distributed network for brute-force password cracking and data theft. Investigations also found crypto-specific campaigns and blockchain reconnaissance, including scans of TRON addresses to identify funded wallets.

According to the Dubai Financial Services Authority, revised crypto rules taking effect on January 12 ban privacy coins and anonymity tools, including mixers, in or from the DIFC. The framework narrows "fiat crypto token" status to fiat-pegged, reserve-backed assets and shifts token‑listing accountability from a regulator-maintained list to licensed firms.

On 12 January 2026, the Dubai Financial Services Authority enforced a ban on privacy tokens within the Dubai International Financial Centre, covering trading, promotion, funds, and derivatives. The regulator also narrowed stablecoin rules to fiat-backed tokens only, excluding algorithmic designs such as Ethena's USDe from the stablecoin category.

On 8 January, the Financial Intelligence Unit of India said ID-only verification is insufficient, and from 12 January crypto users will face live selfie liveness tests, biometric checks, precise location capture, and penny-drop bank verification. ICOs are labeled high risk, transfers must carry sender and recipient data, and exchanges must keep records for at least five years, following ₹28 crore in fines last fiscal year.