Top Super Smash Bros. Ultimate player has his Twitter account hacked to shill NFTs
MkLeo, who is widely considered to be the best Smash Ultimate player in the world, had his 217,000-follower Twitter account hacked and repurposed for NFT shilling. The scammers changed his profile picture to a pink robot creature with green drool, and began posting tweets talking about his supposed collaboration with The Possessed NFT project. The link in the tweets went to a scam website that claimed to allow people to mint NFTs from the actual Possessed NFT project. It's not yet clear how many people fell for the malicious link, but MkLeo's Twitter account appeared to be back under his control later that evening.
Another collector loses a Bored Ape to a phishing scam
NFT collector Cameron Moulène was excited to see a link promising a merch drop in the bio of an account with the same branding as Bored Ape Yacht Club, but with the handle BoardApesYC (rather than BoredApesYC). Clicking the link, which matched the BAYC website link except with a character swapped in ("yarht"), the trader connected his wallet and soon found his favorite NFT transferred to the phisher. He had originally purchased Bored Ape #5778, which he described as his "forever ape" that he never planned to sell, in August 2021 for 53.88 ETH ($166,684 at the time). The scammer flipped the Ape within an hour for 110 ETH ($368,660).
When chastised by other NFT collectors who assumed he had stored the ape on a hot wallet, Moulène clarified that the NFTs had been stored in a Ledger hardware wallet. He later tweeted, "Since I've got a platform, here's what I learned today: COLD WALLET, does not just mean storing assets in a series of ledgers/trezors. It means a wallet that is NEVER Linked to anything besides MM or OS." Moulène went on to threaten legal action, saying, "Oh I will spend 10x that ape tracking these fucks down and suiting [sic] them into oblivion." and "I'm going to pursue legal action in the states and internationally (if need be) to find the people responsible and hold them accountable."
- Tweet by Cameron Moulène
- Bored Ape #5778 on OpenSea
Owner of two pricey Ape NFTs sells them for $140 in a possible hack
NFT trader Calvin Chan recently made some unusual NFT trades. He sold his Bored Ape, which he had bought in August 2021 for 16 ETH (then about $50,000), for 115 DAI ($115 — DAI is a stablecoin pegged to USD). Not only was this a near-total loss compared to the purchase price, Bored Apes' floor price is around 107 ETH (~$360,000), and this Ape likely could've sold for more than that. Chan also sold a Mutant Ape for 25 DAI/$25 to the same buyer — despite Mutant Apes' floor price of 22.5 ETH (~$75,000).
Some initially speculated that he may have mistaken the offer represented in DAI for ETH, as 115 ETH (~$387,500) and 25 ETH (~$84,000) would've been pretty reasonable trades for the respective NFTs. However, the trader posted on Twitter that he had been "swiped ... of his BAYC and MAYC... I am fine. In shock, but okay. Do i know what happened? No. Still trying to wrap my head around how and why."
NFT trader loses a Mutant Ape NFT to an NFT swap scam
A trader known by taylorRichie.eth agreed to swap their Morie NFT for a Doodle, in a trade they'd coordinated with a user on Discord. Because OpenSea doesn't support trading one NFT for another, only buying and selling them for crypto, the traders had to use a different, less-known swap platform to perform the trade. Although taylorRichie.eth took precautions, like typing in the URL themselves instead of clicking a link, they were still fooled into signing a malicious transaction that transferred a different NFT in their wallet, a Mutant Ape, to the scammer. The scammer then quickly flipped the stolen NFT to another buyer for 22 ETH ($73,585).
Revest Finance is hacked for $2 million
The Revest protocol was targeted with an attack that stole $BLOCKS, $ECO, and $RENA tokens from their vault. The protocol wrote that the attacker used a "highly sophisticated attack on a vulnerability that went unnoticed during our Solidity.Finance audit as well as ... multiple peer-reviews". The hacker quickly swapped the stolen tokens for ETH via various decentralized exchanges, then tumbled the funds using Tornado Cash. The protocol wrote that they "do not possess the funds needed for meaningful financial recompense, and are not covered by any DeFi insurance provider", but promised to try to "do everything within our power to make things as right as they can possibly be made".
- "Revest Protocol Exploit Recovery Plan", Revest Finance
Coinbase begins to require users in Canada, Singapore, and Japan to input personal information about the recipients of their crypto transactions
Coinbase began sending out notices to its customers who reside in Canada, Singapore, and Japan, to tell them that in early April, they will need to begin inputting information about the recipients of any crypto they send. Coinbase said the change was in order to comply with various regulations imposed by those countries. The specifics differ somewhat between the three countries: for example, in Canada, the verification is only required for amounts above CA$1,000 (about US$800); Japanese users need to provide verification for any amounts, but only if transferring to entities outside of Japan; and Singaporean users need to verify any amounts sent to anyone. Canadian and Singaporean residents will also need to provide the address of the recipient of their funds, whereas Japanese customers only need to supply the name and country of residence.
Some Coinbase customers in these jurisdictions seemed less than enthused at the announcement. One tweeted, "Wait, then what's the point of crypto/blockchain, being outside of fin.system and all.. I may be better off sending fiat money".
Crypto tax software firm ZenLedger fires executive after the New York Times discovers he lied extensively about his background
New York Times reporter Ron Lieber began fact-checking a story in March about a deal between crypto tax software firm ZenLedger and the Internal Revenue Service. Lieber ran into trouble fact-checking the claims of ZenLedger COO Dan Hannum, who told a compelling story of being arrested as a juvenile, then turning his life around and earning college degrees, working at several major Wall Street firms, and becoming a crypto millionaire. Lieber discovered that Hannum had never earned the degrees he claimed, nor worked at the Wall Street firms he listed. He also found no evidence that Hannum had ever managed $100 million in assets like he said, nor that he had made so much on crypto that he was paying "millions in taxes" alone.
After Lieber put these questions to ZenLedger, the company fired Hannum. ZenLedger founder Pat Larsen was cagey around the circumstances under which Hannum was hired, and an outside spokesperson for the company laid the blame on a bad referral and a federal background check that returned "no flags regarding his education or work history". A venture capital firm that invested in the company reported that they "did more due diligence than a traditional venture capitalist would have done" on the company but had not checked Hannum's background.
Exxon Mobil reportedly gets in on Bitcoin mining
According to Bloomberg, Exxon Mobil has begun a pilot program to set up Bitcoin miners at an oil well in North Dakota. The project reportedly runs off 18 million ft³ of natural gas that would otherwise be flared. Although early proponents waxed poetic about how anyone could mine Bitcoin, the increasing hardware specialization and massive electricity costs have made it practical at scale only for those with access to the hardware and cheap sources of electricity — including, now, the world's second largest oil company.
Some crypto proponents have spoken positively about using excess gas that would otherwise be flared for Bitcoin mining, though climate experts have spoken out against it being a sufficient or reasonable solution. "It's like if you had a leaky gasoline pipeline and, instead of fixing the problem, you plugged in a Humvee next to the leak and left the engine on in perpetuity with the A/C on full blast," said UC Santa Barbara professor Paasha Mahdavi.
Hacked verified Twitter accounts impersonate BAYC founders, scam $1 million with fake ApeCoin airdrop
Some scammers obtained hacked verified Twitter accounts, then rebranded them to claim to be founders of the Bored Ape Yacht Club. They then tweeted about how their team's ApeCoin launch had been so successful, they'd decided to airdrop more tokens. Users who clicked the link and connected their wallets quickly discovered they'd been scammed when their high-value NFTs were transferred from their accounts, then flipped for resale. One victim of the scam said they'd lost $600,000, and tweeted: "@BhawanaCAN put out a tweet refering for more $ape available- I trusted the blue checkmark @twitter @jack now the ape and my gutter cat is gone - fuck you @BhawanaCAN". @BhawanaCAN, prior to the hack, was an account belonging to the former CEO of the Cricket Association of Nepal.
There were multiple scammer accounts involved in the scheme, and one researcher has estimated that the scammers had made around $1 million from reselling the NFTs as of March 24. A similar hack had occurred several days earlier, in which a hacked verified account impersonated a BAYC founder and successfully stole three pricey Bored Apes from a collector.
Roller derby community resoundingly rejects NFT project
After three roller derby stars announced an NFT project called "'Bout Time", the roller derby community was fairly united in its displeasure with the idea. Though the project intended to donate some of their proceeds back to the roller derby community, the overwhelming response appeared to be that engaging with NFTs was indefensible even if the project did provide money for the derby leagues. Most concerns seemed to revolve around the environmental impact of NFTs in general, as well as the scams that are rampant in the NFT world. After considering the feedback to their project, the three skaters announced that they would not be continuing with the project, which was due to mint on March 31. One of the project founders told Vox, "If this community doesn't want us to run this project, then we're not going to do this project for them. The whole reason was to raise money for the derby community, and they so strongly spoke out against us."
- "When NFTs came to roller derby, roller derby put up a fight", Vox
- Bout Time NFTTT website, with statement about project closure