News of the arrest came only a week after 20,000 BTC from the Bitfinex hack was observed being moved. Although the DOJ didn't explicitly say that this movement led to the arrest, it seems like a safe bet.
U.S. Department of Justice arrests duo for trying to launder billions stolen from Bitfinex in 2016
The U.S. Department of Justice announced that they had arrested a New York couple and seized more than $3.6 billion in Bitcoin that they were allegedly trying to launder. The fortune was a portion of what was stolen in the 2016 Bitfinex breach, which saw the exchange lose around 120,000 BTC — then valued at around $71 million but worth around $4.5 billion at today's BTC prices. The husband and wife pair, Ilya Lichtenstein and Heather Morgan, both describe themselves as tech entrepreneurs; Morgan also describes herself as a "surrealist rapper", and her work sure is surreal.
Contracted developer makes off with all the funds for the Ratz Club NFT project
Mexican VTuber Zilverk created an NFT project called Ratz Club, built on the Solana blockchain. On February 6, the project announced that a developer they had contracted drained all of the funds from the project wallet. The project lost about 1,300 SOL, or around $140,000. The project announced that Zilverk and another developer would be putting their own money back into the project, and that "you are going to be able to replace your Ratz with a new series of Ratz, all holders will receive the same amount of Ratz they had minted for free. (Since the Ratz you already minted are kinda are useless)."
- Tweet by Zilverk (in Spanish)
- Medium post by Ratz Club
Meter Passport, another blockchain bridge, is exploited for $4.3 million
A bug in the Meter Passport smart contract allowed an attacker to pull 1400 ETH (~$4.2 million) and 2 wrapped Bitcoin (~$83,000) from the Meter Passport blockchain bridge. This was the second hack of a blockchain bridge in three days, following the enormous Wormhole Network exploit. Meter urged its users not to trade any meterBNB, which are currently unbacked, and wrote that they were "working on compensating funds to all affected users."
Trader trying to cash out their rewards from a DeFi platform loses more than $35,000 to a Twitter support scammer
A person using the TraderJoe DeFi platform to yield farm encountered issues when trying to "harvest" their rewards. They tweeted at the platform (@traderjoe_xyz) to get support, only to receive a reply from a very similarly-named account (@traderjoe_xyz_) asking them to message them. The trader did so, and when the scammer instructed them to connect their wallet to supposedly help the dev team troubleshoot, they did. When the scam account blocked them, they realized what they had done, and saw that the scammer had drained the holdings in their wallet and liquidated all of their active positions.
The trader reported that they lost more than $35,000. They wrote in a Reddit post, "I was unemployed and literally solely yield farming to hedge my student loan. I deposited almost the same amount of my debt, and was leveraging the fact that the return I was getting was higher than my loan's APR. While trying to earn $8-9 more, I lost $35k and my financial freedom."
- "I just lost over $35k to scammers. Beware out there." post on r/defi
Hackers steal $1.9 million from KLAYswap crypto exchange
Some sophisticated hackers managed a BGP hijack on the servers powering KakaoTalk, a marketing and customer service application used by the South Korean KLAYswap cryptocurrency exchange. The hijacking enabled the hackers to serve malicious JavaScript that allowed hackers to intercept funds as a user initiated a transaction. Over a two-hour period, the hackers stole cryptocurrency totaling ₩2.2 million (about $1.9 million) from 325 customer wallets. The exchange acknowledged the hack the same day, and promised to compensate affected users.
Wormhole, a cross-blockchain bridge, is hacked for more than $320 million in one of the largest hacks to date
The Wormhole Network is a blockchain bridge between Solana and various other blockchains, allowing assets to be traded across the different and not otherwise interoperable chains. After an attacker was able to spoof a guardian account, Wormhole was exploited on February 2 for 120,000 wETH, or about $326 million. The network was taken down for maintenance, and Wormhole promised that "ETH will be added over the next hours to ensure wETH is backed 1:1". The parent company of Wormhole, Jump Trading, replaced the funds that had been drained; meanwhile, Wormhole offered a $10 million bounty to try to tempt the attacker into returning the funds. The hack was the fourth-largest cryptocurrency theft of all time, trailing behind the $480 million Mt. Gox theft in 2014, the $547 million Coincheck theft in 2018, and the $611 million Poly Network theft (that was later returned) in 2021.
All "iloveponzi"'s apes gone! Veteran hacker makes $700,000 stealing and flipping big name NFTs
NFT collecter "iloveponzi", aka Larry Lawliet, apparently authorized what he thought was a legitimate application to access his NFT wallet. Unfortunately for him, he had actually authorized another person to transfer all his NFTs: one Bored Ape, five Mutant Apes, and one Doodle. The hack, which affected iloveponzi and several others, was made possible after the Discord for the "Moshi Mochi" NFT project was compromised, and the attacker sent out an "official announcement" for a final round of NFT minting that actually enabled them to steal NFTs. The attacker then flipped the NFTs for a total profit of a little less than $700,000. Iloveponzi said they believed that the attacker could've sold the NFTs for millions (though they admittedly have a vested interest in the NFTs sounding valuable). Iloveponzi also said they believe the hacker just sold quickly and cheaply to try to beat OpenSea freezing the NFTs, which OpenSea did later do. The hacker appears to be an old hand at shady NFT dealings — although they netted "only" $700,000 from this scam, the wallet used has moved around 600 ETH in total (worth around $1.5 million) through the cryptocurrency tumbler Tornado Cash. Slightly over a month earlier, iloveponzi reported that another of their Bored Apes had been stolen, "because of some coincidences and my carelessness".
Qubit continues to try to tempt the attackers who stole $80 million to return it, with increasingly-desperate messages
After a bug in their code allowed an attacker to make off with $80 million, Qubit immediately began trying to contact the exploiter and convince them to return the money. First they wrote that they were "prepared to offer the maximum bounty", which was $250,000, or 0.3% of the amount the attacker had just stolen. The exploiter presumably felt that $80 million was truly the maximum bounty, and didn't take them up on the offer. The next day, Qubit wrote a message asking the exploiter to "negotiate directly with us... if the maximum bounty offer is not what you are looking for". The day after that, Qubit bumped the reward to $1 million (a whole 1.25% of the $80M!) and begged the exploiters to "please consider the big amount of people, families, stories involved in this". On January 30, Qubit announced they would be offering "the highest bounty in history", $2 million (2.5% of $80M), continuing to underscore that they wouldn't seek prosecution if the attacker returned the funds. A number of hours later, Qubit apparently decided to change tactics, writing that they were "developing a website that users can easily search their losses related to the exploit... users can connect their wallets to get documents to report to the police".
Fake Bored Ape project pulls in $17,500 following high-profile endorsement of Bored Apes
After Paris Hilton and Jimmy Fallon engaged in a frankly bizarre discussion of their beloved Bored Apes on The Tonight Show, a fake projects imitating the Bored Ape Yacht Club began popping up on OpenSea. OpenSea shut down several projects of this type, which each brought in several hundred dollars an hour. One such project was left up for two weeks, duping investors out of nearly $65,000.
Attacker exploits a bug in Qubit Finance allowing them to mint unlimited collateral and drain the platform of $80 million
An attacker exploited a bug in Qubit Finance, a decentralized lending platform. The bug allowed them to call the "deposit" function without actually depositing any funds. This enabled the attacker to mint 77,162 xETH collateral, which they exchanged for BNB worth nearly $80 million. The platform has said they have tried to contact the exploiter to offer the "maximum bounty", which is apparently $250,000. Tempting, I'm sure.