UN reports that millions of dollars in stolen crypto have gone towards funding North Korean missile programs

A report by the United Nations identified cyberattacks as an "important revenue source". At least three cryptocurrency exchanges were targeted by North Korean hackers, and a January Chainalysis report suggested that cyberattacks originating from North Korea could have provided the country with as much as $400 million in stolen cryptocurrency.

Contracted developer makes off with all the funds for the Ratz Club NFT project

A pixel art rat wearing a baseball cap and sports jerseyRatz Club NFT (attribution)
Mexican VTuber Zilverk created an NFT project called Ratz Club, built on the Solana blockchain. On February 6, the project announced that a developer they had contracted drained all of the funds from the project wallet. The project lost about 1,300 SOL, or around $140,000. The project announced that Zilverk and another developer would be putting their own money back into the project, and that "you are going to be able to replace your Ratz with a new series of Ratz, all holders will receive the same amount of Ratz they had minted for free. (Since the Ratz you already minted are kinda are useless)."

ENS governance put to the test as a bigoted 2016 tweet from its director of operations resurfaces

Brantly Millegan is the director of operations for the Ethereum Name Service, which is basically a blockchain version of DNS, and is also how some people get their wallet to show up as customname.eth on various web3 projects. His Twitter biography describes him as a "Catholic, husband, father". Someone discovered a 2016 tweet of his, in which he expressed bigoted views about homosexuality and transgender people, and condemned abortion, contraception, masturbation, and pornography. Millegan dismissed the concerns about the tweet, writing, "hey looks like I've got my first mob. nice to see some ppl finally read the first word of my bio." He left the offensive tweet up, and later doubled down in a Twitter Spaces conversation.

On February 6, the ENS community stewards voted to remove Millegan from among them, and the following day the nonprofit behind ENS announced that they had terminated Millegan's contract as director of operations. As of February 7, Millegan still holds the largest share of voting power in the ENS DAO.

Meter Passport, another blockchain bridge, is exploited for $4.3 million

A bug in the Meter Passport smart contract allowed an attacker to pull 1400 ETH (~$4.2 million) and 2 wrapped Bitcoin (~$83,000) from the Meter Passport blockchain bridge. This was the second hack of a blockchain bridge in three days, following the enormous Wormhole Network exploit. Meter urged its users not to trade any meterBNB, which are currently unbacked, and wrote that they were "working on compensating funds to all affected users."

Trader trying to cash out their rewards from a DeFi platform loses more than $35,000 to a Twitter support scammer

A person using the TraderJoe DeFi platform to yield farm encountered issues when trying to "harvest" their rewards. They tweeted at the platform (@traderjoe_xyz) to get support, only to receive a reply from a very similarly-named account (@traderjoe_xyz_) asking them to message them. The trader did so, and when the scammer instructed them to connect their wallet to supposedly help the dev team troubleshoot, they did. When the scam account blocked them, they realized what they had done, and saw that the scammer had drained the holdings in their wallet and liquidated all of their active positions.

The trader reported that they lost more than $35,000. They wrote in a Reddit post, "I was unemployed and literally solely yield farming to hedge my student loan. I deposited almost the same amount of my debt, and was leveraging the fact that the return I was getting was higher than my loan's APR. While trying to earn $8-9 more, I lost $35k and my financial freedom."

Former Gumroad freelancer tweets that he no longer works for the company because the company was planning to get into NFTs, Gumroad founder has a bit of a meltdown

Tweet conversation. First tweet from Jacob van Loon: "your social media presence ranks among some of the worst ive ever seen for a company like yours. never used gumroad, never going to." Tweet reply by Gumroad: "According to your bio's email address, you already have."Tweet by Gumroad (attribution)
Brian Box Brown, an artist who had previously worked for the digital self-publishing platform Gumroad, tweeted that he was ramping up his original art sales because "my former regular freelance employer has let me know they'll be...Embracing NFTs so...we had to part ways." Gumroad founder, Sahil Lavingia, responded on the official 130,000-follower Gumroad Twitter account by sharing what appeared to be private messages between himself and Box Brown, and claiming that Box Brown had only refused to work on NFTs out of a fear of being "canceled"—a claim that apparently missed what appeared to be Box Brown trying to let the founder down gently in a message where he also wrote "I do not want to lose [my job]". Lavingia also lashed out with the Gumroad account at a person who criticized Gumroad's treatment of Box Brown. When the commenter wrote "never used gumroad, never going to", Lavingia appeared to leak private customer data when he replied, "According to your bio's email address, you already have."

By that evening, the tweets attacking their former employee and leaking customer data were all deleted, and the Gumroad account had pinned a tweet saying, "If and when we do anything related to crypto/NFTs, you’ll hear it from us first. For now, no plans."

Someone tries to take out a loan against their Bitcoin holdings to get a mortgage, loses over $300,000

A prospective house-buyer wanted to pad their bank account to try to convince their bank to approve them for a mortgage. Their bank didn't consider Bitcoin holdings when evaluating a person's suitability for a mortgage (can't imagine why), and so the person decided to take out a loan on the BlockFi platform, putting up $600,000 worth of Bitcoin as collateral for a $300,000 loan. However, the borrower had bought their Bitcoin from a private source (rather than through one of the major exchanges), and it turned out the Bitcoin had previously come through a cryptocurrency mixer. Because of what BlockFi described to the borrower as "indirect mixing exposure", BlockFi called back the loan and the borrower "lost more than half of [their] BTC holdings, have a huge tax bill, and was screwed out of a fortune".

Even if things had worked out as this person planned, it seems like the bank might have wanted to know where $300,000 suddenly came from, and I don't know how "I took out a sketchy loan against my Bitcoin holdings, which you already don't think can qualify me for a mortgage" would have shaken out.

Hackers steal $1.9 million from KLAYswap crypto exchange

Some sophisticated hackers managed a BGP hijack on the servers powering KakaoTalk, a marketing and customer service application used by the South Korean KLAYswap cryptocurrency exchange. The hijacking enabled the hackers to serve malicious JavaScript that allowed hackers to intercept funds as a user initiated a transaction. Over a two-hour period, the hackers stole cryptocurrency totaling ₩2.2 million (about $1.9 million) from 325 customer wallets. The exchange acknowledged the hack the same day, and promised to compensate affected users.

Nike sues StockX for selling unauthorized NFTs of their shoes

A rendering of a card, showing a photograph of a red high-top sneaker. The card has the branding "StockX" on it, as well as "Vault NFT ERC-1155"NFT of a Nike Jordan 1 sneaker (attribution)
Nike filed a lawsuit in New York federal court against StockX, an online reseller that decided to get in on NFTs in January. StockX started selling "NFTs tied to physical products", and say that buyers are also purchasing the "opportunity to take possession of [the corresponding physical item]" at any time". Nike has objected to this, stating that the NFTs infringe their copyright, are likely to cause confusion among customers, and have hurt their reputation. According to the complaint, StockX has already sold more than 500 NFTs of Nike products. The StockX site shows that some Nike NFTs have traded for thousands of dollars. Amusingly, although the NFTs exist on the Ethereum blockchain, "cryptocurrencies are not an acceptable payment method for NFTs at this time" and NFTs can't be transferred or traded outside of the StockX platform. According to their FAQ, "StockX maintains custodial authority of all NFTs traded on the platform".

This lawsuit is somewhat similar to the January lawsuit by Hermés against artist Mason Rothschild, who has been selling "MetaBirkin" NFTs (though MetaBirkins describes itself as an art project, and promises no physical items).

Miami mayor Francis Suarez's MiamiCoin gambit lands the city $5.2 million, investors not so lucky

Miami mayor Francis Suarez eagerly hyped "MiamiCoin" ($MIA), a cryptocurrency created by a private company and not actually controlled by Miami. Suarez appeared on CoinDesk TV to say that MiamiCoin has "been mainstreaming significantly faster than bitcoin", despite trading for pennies, and not being listed on any exchange aside from the Singaporean OKCoin.

On February 2, Suarez excitedly announced that they had received their "first-ever disbursement... totaling $5.25M". He didn't mention that the coin is trading at 90% below its all-time-high and 35% less than its initial price of $0.01. Both the OKCoin exchange and the coin creator previously advertised that buyers could earn "430% APY" by participating in some sort of staking program with the coin. All current holders of the coin, such as the Miamians Suarez encouraged to invest, have lost money even when factoring in staking rewards, says Protos.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.