People briefly borrow Bored Ape NFTs to claim as much as $1.1 million in $APE tokens

The Bored Ape Yacht Club recently created a token called ApeCoin, some of which they announced would be distributed to people who owned various Bored Ape NFTs and NFTs from their related collections. However, because the token distribution didn't use a snapshot of ownership data, but rather distributed tokens per-NFT to the first owner who claimed them, people were able to game the system. Some owners of Bored Ape and related NFTs had put their NFTs into an NFTX vault, which is a setup where someone takes a subset of their NFTs and creates a token that is based on them. The token can then be staked to generate yield, or can be sold, and if someone owns enough of the tokens, they can redeem them for the NFTs. A clever operator found a vault containing five Bored Ape NFTs, which had unclaimed $APE associated with them since they were locked up in the vault. They used a flash loan to purchase a large amount of the vault's token, redeem the five BAYC NFTs, claim the airdropped tokens, return the BAYC NFTs, sell back the tokens, and repay the loan, all in one transaction that cost them nothing but netted them 60,564 $APE, which they then swapped for 399 ETH ($1.1 million).

People were somewhat split on whether this could be classed as a vulnerability in the $APE airdrop, since (as with many crypto hacks and scams) the person was operating completely within the rules set out in code.

Australian regulatory agency begins lawsuit against Facebook over failing to address scammy crypto ads

The Australian Competition & Consumer Commission (ACCC) announced that they had begun federal court proceedings against Facebook, alleging that the company "engaged in false, misleading or deceptive conduct by publishing scam advertisements featuring prominent Australian public figures". The ACCC claims that Facebook ads featured prominent Australian individuals without their approval, and implied that the crypto schemes were associated with or endorsed by those individuals. When a person clicked through the link, they were invited to provide contact information to a group of scammers who reportedly incessantly called the targets to pressure them into putting money into the schemes — in one case, a Facebook user lost more than $650,000. The ACC alleged that Facebook "aided and abetted or was knowingly concerned in false or misleading conduct and representations by the advertisers", but didn't take sufficient action to stop the misrepresentation, even after public figures raised the alarm about their likenesses being used without consent to scam people.

Binance says it will stop operating in Ontario, for real this time, and admits they lied to investors

In June 2021, Binance announced they would stop operating in Ontario after the province introduced new prospectus and registration requirements for crypto exchanges. However, in December, Binance said in an email to Ontarian investors they were allowed to continue operating in the province — prompting the Ontario Securities Commission to release a statement titled "Binance is not registered in Ontario", which said, "Binance represented to OSC Staff that no new transactions involving Ontario residents would occur after December 31, 2021. Binance has issued a notice to users, without any notification to the OSC, rescinding this commitment. This is unacceptable."

On March 16, Binance confirmed that they would actually stop servicing Ontario residents, for real this time. They also admitted to sending an email to investors on January 1 that said that they could no longer trade or onboard to the platform, despite not putting any such restriction in place.

Discord hack targeting Rare Bears NFT project nets attacker $800,000

An illustration of a bear wearing a crown, with laser beams firing from its eyes, with headphones around its neck, holding a molotov cocktailRare Bear (attribution)
After hackers successfully compromised the account of one of the Rare Bears Discord moderators, they posted an announcement that new NFTs were being minted. Those who tried to participate in the mint wound up having their accounts compromised and their NFTs stolen. The hackers sold most of the 179 NFTs they stole, for a combined total of 286 ETH (more than $800,000).

Not only did the attackers post a fake mint link, they took steps to prevent the project from thwarting their attack by banning other members and removing user rights that would have allowed other project members to delete the fake links. They also added a bot to the server that locked channels so people couldn't send warnings that the links were fake.

The Rare Bears team did eventually regain access and secured their Discord server. In an apology posted on their Twitter page, they addressed the multiple security breaches that Rare Bears have faced to date, and said they had "stepped up" and would be having a firm audit their project.

Bored Ape Yacht Club launches their new ApeCoin, which immediately tanks in price

Price of ApeCoin, compared to USD, showing a brief and large spike, followed by a drop and then fairly steady valueApeCoin price (attribution)
Bored Ape Yacht Club decided to release "ApeCoin", a new cryptocurrency token. The token distribution heavily favors current BAYC owners, truly underscoring the fantasy about a fairer distribution of wealth that some people thought crypto would somehow magically bring about. Holders of Bored Ape NFTs — already priced at several hundred thousand dollars apiece — received airdropped tokens in proportion to their holdings of Yuga Labs NFTs; one holder of 12 Bored Apes, 10 Mutant Apes, and 11 Kennel Club NFTs reported receiving 150,964 APE (valued at $1.3 million when $APE was at $8.56).

The $APE price briefly soared to around $40 shortly after launch, before crashing precipitously to around $8.50 not long after, presumably as people cashed out their free money. Even many cryptocurrency enthusiasts were nonplussed by the launch, with many describing it as a "money grab" or an attempt to enrich the founders, which apparently is a bad thing (despite many crypto projects openly doing the same). One angry Redditor wrote, "Owners of Bored Ape NFTs were given the coin first(very rich people), then it was sold to the normies who got FOMO and pumped the price, then it crashed. Yet again, leaving regular people holding bags of pure garbage while the coin pushers wave bye-bye from their lambos."

Winamp joins LimeWire in the emerging "legacy software comes back from the dead to do NFTs" trope

The first Winamp skin, a dark grey interface with buttons resembling those used in Windows 95 or 98Original Winamp skin, which they say will "be the base Artwork for all your derivative needs" (attribution)
A week after LimeWire emerged from cryostasis to announce it would become an NFT platform, Winamp decided to jump in as well. Winamp was a Windows media player that first launched in 1997, and was sold for a hefty sum to AOL in 1999, before fading into obscurity after facing tough competition from iTunes in the early 2000s. Although Winamp has been promising new versions of the software since its 2014 sale to Radionomy, only a single beta release in 2018 has ever materialized. However, on March 16, the Winamp Twitter account announced "the auctioning of Winamp Original Skin as 1/1 NFT AND the launch of Winamp Foundation". The Winamp Foundation, they wrote, would "collect money to help musicians across the world to make the music they love". The response on Twitter was overwhelmingly negative, with a top comment reading, "It is incredible how you took decades of good will nostalgia and removed it with a single tweet."

Official Formula 1 blockchain game suddenly shuts down

A rendering of a blue and white F1 racecar, hovering above a black triangular plastic base that says "Tiberon [sic] Car""Tiberon [sic] Car" NFT (attribution)
F1 Delta Time, a crypto car racing game that was officially licensed with F1 racing, shut down in mid-March. The game had previously generated a lot of hype — one of its car NFTs was the most expensive NFT sold in 2019 (more than $100,000). However, game owner Animoca was unable to renew their license to use the F1 brand, resulting in a sudden and unceremonious shut down. Players were given a single day of notice before the game went offline. Users, of course, keep their NFTs, but their ostensible use is now no more. The developers have tried to placate their players by offering various replacement options, primarily based around Animoca's Polygon-based "REVV Racing" game.

NFTBOOKS enters the race to see who can remake DRM the worst

A pie chart where none of the sections appear to be proportional to the numbered percentages, and are all slightly overlappingNFTBOOKS token distribution chart (attribution)
A project called NFTBOOKS has cropped up, promising to "transform the world of book-readings" by creating an NFT economy of authors, book-lenders, readers, translators, and, of course, investors. A writer named Tiffany Hutchinson contacted the project to politely inquire about how it intended to prevent the theft that is so rampant in the NFT space, and received some pretty disappointing answers. After trying several times to wave her off with vague answers about "there will be a review process" to check ownership of the work, they explained that they would implement "a filter on our system" that would check against identical copies. When she asked how that system would work if the original author was not the first person to create an NFT of the work, or how they would prevent someone from making small changes to the work to trick the filters, the project first gave staggeringly poor answers, then wrote that Hutchinson simply didn't understand, then became combative with her.

Fortunately there doesn't actually appear to be much to the project yet — actually creating a platform and an app to allow people to borrow books doesn't come until the fifth and sixth stages of their roadmap. The project is currently on the fourth step, and has been focusing their attentions on things like "marketing campaign" (stage 1), "aggressive marketing rollout" (stage 2), and "extreme marketing campaign" (stage 3). The stage 3 "extreme marketing campaign" also came with a "website relaunch", which we have to thank for one of the most outrageous pie charts I have ever seen (pictured) (which was later determined to have been a stock photo of a pie chart where they'd just changed the numbers). Perhaps they should focus some of their marketing efforts on coming up with answers to the simplest of questions that they should probably expect from authors — the type of people they're claiming to help.

Hundred Finance and Agave Finance are both exploited for a collective $12 million

An attacker using a flash loan attack targeted two projects on the Gnosis blockchain: Hundred Finance and Agave Finance. Each project paused their smart contracts, but not before the attacker made off with a considerable sum of money. That day, the attacker put the funds through a cryptocurrency tumbler, making it much more difficult to trace the collective 4,479 ETH that was stolen in roughly equal amounts from each protocol.

Hundred and Agave were the second and third defi protocols targeted by flash loan attacks that same day, with Deus Finance losing more than $3 million to hackers using the same class of exploit.

Binance pauses withdrawals and deposits via Polygon

After an extended Polygon outage on March 10, Binance temporarily paused deposits and withdrawals via Polygon on March 15. Although Binance reported it was "due to the network wide issues of the Polygon network", Polygon stated that "Polygon PoS network is stable, and working fine. All funds are safe. Binance is upgrading its nodes, and currently syncing the block data, hence they have paused the deposit and withdrawal." It was unclear why this would happen days after the original outage.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.