133 NFTs valued at $2.4 million stolen when hacked Bored Apes Instagram advertises fake land airdrop

An illustrated ape with green fur covered in sores, wearing an orange beanie and 3D glassesBAYC #7203 (attribution)
The Bored Ape Yacht Club's Instagram account was compromised and used to advertised a fake airdrop for metaverse land. This was particularly believable, as the much-anticipated project announced it would be launching this week.

The post invited people to visit a website that prompted users to connect their wallets in order to receive the airdrop. Users who did so found their NFTs transferred out of their wallet to the scammer. So far, 44 people have fallen for the scam site, transferring a total of 133 NFTs with an estimated value of around $2.4 million. The stolen NFTs included items from pricey collections including Bored Apes, Mutant Apes, Bored Ape Kennel Club, and CloneX. Several of the NFTs had previously been sold for over $100,000 each.

Epoch Times writers mass-mail unsolicited "newspaper" promoting crypto

Photograph of the front page of a newspaper, titled "Wall Street Today" and with the headlines "Why Investors Are Making a Killing with Cryptocurrency" and "Slashing Bitcoin Costs by Up to 75%"Wall Street Today front page (attribution)
Bob Byrne and Tim Collins, two prolific contributors to the far-right Epoch Times, have expanded their grift to crypto. A twenty-page-long "newspaper" titled Wall Street Today appeared in many mailboxes, featuring misleading charts and a multi-page-long advertisement for a Bitcoin mining company—evidently hoping that its recipients might invest in crypto or in the penny stock for the mining firm. A small-print disclosure on page 17 revealed that the firm, Creek Road Miners, paid $1.9 million for the glowing "review".

Byrne and Collins published the paper via their co-founded company Streetlight Equity. The firm has also published ostensibly economic-focused articles that include conspiracy theories about how U.S. sanctions on Russia are all a part of a plan to "force the left's green agenda", and rail against pandemic lockdowns.

This is not the first unsolicited newspaper from the Epoch Times or its associates; the Falun Gong-associated and strongly anti-Chinese Communist Party publication previously distributed an unsolicited "special edition" which described COVID-19 as the "CCP virus". This led to pushback from Canadian postal union, who urged the Canadian government to ban its distribution as hate speech they feared would endanger Asian Canadians. Epoch Times have also spread QAnon and anti-vaccine conspiracy theories, spread false claims of fraud in the 2020 United States presidential election, and promoted far-right politicians in Europe.

Binance gave Putin regime information on users who donated to opposition leader Alexei Navalny

Alexei Navalny, pictured from the shoulders up, wearing a navy scarf and coatAlexei Navalny (attribution)
Binance, the largest cryptocurrency exchange, shared customer data with the Russian government according to a Reuters special report. Reuters detailed how Binance provided the Russian government's financial monitoring service with data on Binance users who donated to Alexei Navalny, an anti-corruption activist and prominent opponent of Putin. Reuters reported this was part of a broader effort by Binance to form allegiances with Russian governmental agencies as it worked to expand its footprint in Russia.

Navalny has been imprisoned in Russia since returning in January 2021, shortly after recovering from poisoning: an attempt on his life reportedly ordered by Putin. While in prison, Navalny's foundation has encouraged people to donate cryptocurrency using Binance. They have raised more than 670 Bitcoin ($28 million) so far, despite the Russian government outlawing the foundation and labeling it a terrorist organization. Donors to Navalny's cause now face potentially serious danger as they've been identified to the Putin regime by Binance.

Crypto proponents have long promoted the technology's potential to fund individuals who are targeted by oppressive regimes, and to allow anonymous and untraceable donations.

AkuDreams NFT project earns $34 million that its team will never be able to withdraw

A 3D rendering of a person with an astronaut helmet that has planets orbiting it, wearing a white suit with a heart on the front and a red cape, holding up a small globe in their handAkuDreams NFT (attribution)
Micah Johnson, an artist and former professional baseball player, launched an astronaut-themed NFT project called AkuDreams. The auction was based around a Dutch auction, with the added twist that the lowest bid would set the final price for the NFT and all who bidded higher would be refunded.

The contract suffered from several flaws, however. The first allowed an exploiter to stop all refunds and withdrawals from the contract. Luckily for the team, the exploiter was well-intentioned and only intended to highlight the issue; they removed the block shortly after, leaving a message urging the team to have their contracts audited before release.

AkuDreams were not so lucky with the second issue. A bug in the code failed to account for users minting multiple NFTs in a single transaction, which made it so that the claimProjectFunds function that would allow the team to withdraw their earnings can never successfully execute. This means that the team can never withdraw the 11,539 ETH ($34 million) earned from the NFT sales—it is stuck there forever.

Hacker pulls $1 million from defi project, then destroys contract without withdrawing the funds

An attacker targeted the ZEED defi projects, successfully using a flash loan attack to pull just over $1 million from the project. With the funds transferred to the attack contract, the hacker then called the contract's self-destruct function, making it impossible for the funds to ever be withdrawn. It's unclear if this was intentional and done as a sort of statement, or if the attacker intended to take the profit for themselves but forgot to do so before destroying the contract.

Scammers phish $4.3 million from Terra users in ten days using Google Ads

A screenshot of Google results for the search "astorport" showing an advertisement resembling the proper Google result, with an arrow reading "SCAM"Phishing results in Google ads (attribution)
Scammers ran Google ads for popular search queries relating to the Terra ecosystem. When users searched for things like "Anchor protocol" or "Astroport", the first result was actually a Google ad purchased by scammers impersonating the real protocols. The scammers were even able to make the domains resemble the correct domains, though these changed once the users clicked the advertisement. Users were then prompted to enter their seed phrases to connect their wallets, after which point the scammers were able to empty the wallets.

52 different people fell for the scam, losing a total of around $4.3 million in assets. The scammers appeared to be targeting high-value wallets, with only two accounts transferring less than $1,000. 24 individual wallets were scammed for more than $10,000 each, 7 wallets lost more than $100,000, and one user lost almost $1.4 million.

Rogue Society team resurfaces after being called out for rug pulling $5.5 million

A blue robot with an open mouth and shoulder-length blonde hair with a pink bow, on a pink backgroundRogue Society Bot #5639 (attribution)
The Rogue Society NFT project launched in September, with an ambitious roadmap that included a theme song, comic book series, 3D figurines, an augmented reality app, and an animated series. The project sold out its 15,777 NFTs, which minted at 0.09 ETH each ($355), for a total profit of around $5.5 million. The team stuck around for a while, but by December had gone completely silent. No tasks on the roadmap had been completed. The founder has withdrawn $3.4 million of the funds.

Following a thread by zachxbt outlining the team's rug pull, the project founder made the first post in the project Discord since December, announcing a theme song competition with no acknowledgement of the team's absence and lack of progress.

This event once again shows how it is people like zachxbt who are left to try to hold project creators accountable in the absence of reasonable regulation or enforcement.

Binance adds a branded hashtag to Twitter that closely resembles a swastika

Screenshot of the "#Binance" hashtag, showing an emoji next to it consisting of the diamond-shaped Binance logo on a yellow square, with four lines emerging from the sides in a way that resemble a swastikaTwitter's Binance branded hashtag (attribution)
Binance, the world's largest crypto exchange, used Twitter's branded hashtag feature to add a custom emoji to Twitter when people use the hashtags #Binance or #BNB. The hashtag closely resembled the Hindu swastika, though it's not clear if this was an intentional choice by Binance or a coincidence. The Hindu swastika is distinguished by the four dots within the arms of the symbol, and represents good luck and prosperity. Though Binance may have hoped the dots would distinguish it from the symbol used by the Nazi party, perhaps they (somehow) didn't realize that this distinction is not well-known to many particularly in the West, or that the single-pixel-wide dots are not particularly prominent at emoji size. In Germany the symbol is banned except when used in explicitly religious contexts; several German users confirmed they could see the hashtag.

More than a few people expressed shock at seeing what they believed to be a hate symbol on their Twitter feeds from a large brand. The date of release only made things worse—April 20 is celebrated among fascists because it is Hitler's birthday. Tweets from Binance's official Twitter account and the Twitter account of founder and CEO Changpeng Zhao (known as "CZ") were quickly deleted, though the emojis remained. Several hours later, Binance changed the emoji to a globe with the Binance logo.

Twitter doesn't publicly list how much it costs to obtain a branded hashtag, though most articles I could find listed the price at around $1 million. I'm not sure if this is per hashtag or per emoji—the new emoji appears on several related hashtags.

Rich Bulls Club team resurfaces after being called out for rug pulling $3.7 million

An illustration of a brown bull, with a pile of poo on its head, on a toilet-paper-esque background. The text "BANNED!" is stamped above it."Banned" Rich Bull NFT (attribution)
Crypto sleuth zachxbt researched the Rich Bulls Club, an NFT project that launched in December with NFTs priced at 0.3 ETH (~$1,350) a pop. The project included a clause where "selling under our minimum selling price agreement is forbidden"—anyone who sold a Rich Bulls NFT for less than 3 ETH ($13,500) would find the NFT image modified to a bull with a poo emoji on its head, with the text "BANNED!" stamped across it in red. The project roadmap promised networking and business opportunities enabled by its community members, exclusive events, opportunities to win supercars or hundreds of thousands of dollars, and a "real-life Squid Game event" where one person would win $1 million. Needless to say, none of this transpired, and the project quietly deleted its website and Instagram accounts as the founder cashed out over $3 million.

Two hours after zachxbt published his research, the team made their first post in three months, with multiple excuses for the issues zachxbt highlighted.

NFT influencer 0x_fxnction suffers $240,000 wallet compromise

NFT influencer 0x_fxnction reported that his wallet had been compromised, and 2349 SOL (~$240,000) had been stolen. The money had primarily been profit from the DeGods project, he said, and was unwisely stored in one hot wallet because it was "meant to help buy a house and was being withdrawn in the next weeks".

He said he hadn't used the wallet to mint any NFTs since October, and said he had revoked all access to minting websites since then. He wrote that he was unsure how the compromise had happened: "My best guess: an old minting site from October still had access to my wallet, even after 'revoking' happened in Phantom.... But honestly, it's just a guess."

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.