$YEAR creator rings in the New Year by rugpulling about $225,000

A screenshot of the EtherWrapped "year in review" pageAn EtherWrapped "year in review" page (attribution)
A token called $YEAR invited people to connect their crypto wallets and see a "year in review"-style summary of their 2021 crypto and NFT transactions, with an airdropped token reward based on their activity level. Some community members audited the contract to look for signs of a scam, but missed a few lines of code that enabled the creator to prevent people from selling the token. With people only able to buy the token (on secondary exchanges) but not sell, the price rose, encouraging others to buy in. Only 30 minutes after locking people out of selling, the creator drained the liquidity pool of 59.7 ETH (about $225,000), dropping the coin's value to 0.

NFT collector scammed out of $2.2 million in a phishing attack

A Bored Ape NFT: a teal background, with an ape wearing an astronaut suit and a crash helmet with an American flag print. It's biting its lower lip.BAYC #9410, one of the stolen NFTs (attribution)
Todd Kramer, an NFT collector who had acquired Bored Ape and other pricey NFTs, clicked on a phishing contract that appeared to be a legitimate NFT trader link. Sixteen NFTs from three collections were taken, including eight Bored Ape NFTs. In total, the loss totalled around 593 ETH (equivalent to about $2.2 million). After asking for help on Twitter, OpenSea froze the stolen assets, preventing them from being traded on their platform. Some commenters noted that the redress (asset freezing and flagging of suspicious accounts) was only possible because OpenSea is a centralized platform with a large amount of power in the NFT arena, which some see as antithetical to the supposed ideals of web3. This also raises the question of whether BAYC themselves have a way to determine "legitimate ownership" of their NFTs, which in addition to being expensive status symbols also grant their owners exclusive perks including merchandising rights and access to events.

Blatant copy of Solana's popular "Baby Ape Social Club" rakes in more than $50,000 before being taken down by OpenSea

A screenshot of an OpenSea profile called "Lil Baby Ape Social Club"Clone project on OpenSea (attribution)
A clone of Solana's popular "Baby Ape Social Club" project popped up on OpenSea, using the Polygon blockchain. The project enjoyed 14.3 ETH in trading volume (about $52,000) before OpenSea finally took them down.

"1st LGBTQ+ Cryptocurrency" brings pinkwashing to crypto

Founders say they aim to help the LGBTQ+ community with a Spanish cryptocurrency project, "Maricoin". The team plans for the currency to be used for payment in a network of businesses have signed an "equality manifesto" promising to be queer-friendly. Critics of the project feel it's little more than pinkwashing, and many have criticized the name, which is based on a Spanish slur.

"No network can withstand the electricity consumption that is recorded there", says energy company chairman of the effects of cryptocurrency mining in Georgia

A man in blue snow gear stands next to a blue helicopter in a snowy regionEnergo-Pro Georgia workers arrive by helicopter to fix damaged electrical equipemnt (attribution)
Board chairman of Energo-Pro Georgia, an energy company serving the Svaneti region of Georgia, wrote, "This can no longer continue. No network can withstand the electricity consumption that is recorded there." He called out the illegal cryptocurrency mining happening in the region, which has damaged the infrastructure so badly that he predicted it would take four to five years to fix. Miners have been taking advantage of free electricity provided to residents of the region, but the chairman wrote that the company was "approaching the decision" to begin billing residents for electricity to try to thwart the miners. In 2019, the company had been forced to go door-to-door with police to shut down mining operations, and in the process removed about $1.6 million worth of mining equipment.

Traders duped out of $1.8 million in a fake MetaMask governance token scheme

A listing for MASK on DEXTools, showing a blue checkmark by the nameSpoofed verification badge on DEXTools (attribution)
Scammers took advantage of rumors that MetaMask, a popular Ethereum wallet, would be airdropping governance tokens. The scammers created a fake MetaMask token, $MASK, and managed to inject code into the popular DEXTools trading app to show the token as verified. The token reached over $9 million in traded volume before scammers pulled the liquidity, making off with about $1.8 million worth of Ethereum.

Rapper Waka Flocka Flame has an OpenSea account hacked to the tune of $19,000

A still frame from a video, of a finger pointing to an NFT on a computer screen.Waka Flocka pointing out one of the fake NFTs (attribution)
Waka Flocka Flame posted to Twitter: "@opensea One of me wallets was hacked wtf man". In a video, he showed NFTs in his OpenSea wallet, saying "This is fake, this is fake, this is fake, this is fake. They popped up in my wallet, I clicked on it to delete it, immediately they stole 19 grand. Happily I just started this wallet, they already stole 19,000 out of it. I need fucking help immediately."

MetaSwap Gas project rugpulls about $600,000

1,100 BNB, or around $600,000, were transferred out of the MetaSwap token MGAS, dropping the price of the token nearly 50%. The funds went to a Tornado Cash account, a popular cryptocurrency tumbler. After the transfer, MetaSwap Gas social media accounts were deactivated.

MetaDAO project rugpulls for more than $3.2 million

A project that promised to be "the DAO of DAOs" managed to accumulate and then make off with 800 ETH, which was worth around $3.2 million at the time of the scam. The project creators took the invested tokens and quickly tumbled them using Tornado Cash.

Another NFT project sells NFTs depicting real people without their consent

A CipherPunk trading card, illustrated with the face of Marc AndreessenNFT depicting Marc Andreessen (attribution)

The "Cipher Punks" NFT project tried to sell NFTs with illustrations of various cypherpunks, or at least the ones that were listed on Wikipedia. The project said that it intended to "[honor] everyone involved in the CypherPunk movement. They are our heroes, and we need to recognize them". Apparently honoring them did not also involve asking for their consent to be used in the project, as Jillian York tweeted on December 26, "I don’t approve of this whatsoever and would like it removed."

ItsBlockchain, the group behind the project, subsequently announced that they would scrap the project and apologized. This apology rang a little hollow, to me, after they retweeted a tweet saying "never meet your heroes" in reference to the individuals asking that the project stop using their likeness without their consent, for their own profit.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.