Allbridge announced that they were investigating the theft, and were working with law enforcement. Meanwhile, the project suspended operations and announced that they were preparing a user compensation plan.
Allbridge cross-chain bridge exploited for around $574,000
The Allbridge cross-chain bridge project was exploited for around 283,000 BUSD and 291,000 USDT (~$574,000). The thief was able to manipulate a vulnerability in the project's smart contract that allowed them to manipulate the price of assets in the Allbridge liquidity pool.
Bittrex crypto exchange to close US operations
Bittrex, one of the oldest and largest cryptocurrency exchanges serving US customers, announced that it would be shuttering its US platform. "It's just not economically viable for us to continue to operate in the current U.S. regulatory and economic environment," explained CEO Ritchie Lai, who went on to blame "unclear" regulatory requirements that are "enforced without appropriate discussion or input". The exchange gave its customers until April 30 to withdraw their funds.
In October 2022, Bittrex was fined a combined $29 million by the US Office of Foreign Assets Control (OFAC) and the Financial Crimes Enforcement Network (FinCEN). The OFAC fine pertained to Bittrex's service of users based in Crimea, Cuba, Iran, Sudan, and Syria, who altogether performed $263 million in transactions using the platform. FinCEN's fine was imposed as a result of alleged "willful violations" of requirements around anti-money laundering and suspicious activity reports.
Bittrex will continue operations outside of the US, and currently operate in Europe, South America, and elsewhere.
Arbitrum airdrop plagued by downtime, bugs, and scams
A token airdrop from the popular Arbitrum Ethereum L2 illustrated many of the challenges with airdrops: events where tokens are automatically distributed to a group of crypto wallets, in this case based on how much they had used the platform. The tokens will ultimately be used for community voting on protocol changes, but also have value on the secondary market. Users were eager to snap them up, particularly as users speculated that the price could reach $10/token (as yet it has not, remaining around $1.38).
However, the airdrop had a bumpy start, with scammers latching on to the event to proliferate fake airdrop websites. Phishers reportedly scammed more than 10,000 people using these schemes. At one point, Twitter even suspended the real Arbitrum Twitter account after mistaking it for one of the many phishing accounts. Attackers also compromised a Discord account belonging to an Arbitrum developer, using it to post a phishing link to the official Arbitrum Discord server.
Then, when the time for the airdrop came, the token claiming website crashed on the traffic, as did the Arbitrum block explorer. Those who were able to claim their tokens paid exorbitant gas fees, and some wallets attempting to estimate required gas fees malfunctioned, showing estimates in the billions of dollars.
Finally, the airdrop was widely gamed by people commandeering hacked vanity addresses to receive the airdrop tokens allocated to them, with at least $500,000 worth of tokens reportedly claimed by one attacker. Other attackers scrambled to compete with one another to claim tokens allocated to compromised wallets whose private keys had been shared publicly on Github and elsewhere, trying to be the first to siphon the funds. Two additional exploiters siphoned a combined total of more than 1 million ARB tokens from other wallets. One sold them for 713 ETH ($1.27 million); the other transferred the ARB tokens to other wallets.
- "Arbitrum Shows Just How Messy (and Tricky) Crypto Airdrops Can Be", CoinDesk
- "Arbitrum Foundation Homepage Crashes as Users Rush to Claim ARB Tokens", Decrypt
- "Arbitrum airdrop: Hacked vanity addresses used to siphon $500K", Cointelegraph
- "Hackers exploit Discord server to launch fake Arbitrum airdrop", Cryptopolitan
- "Over 1M Arbitrum tokens lost to phishing attack", CryptoSlate
US SEC shuts down Beaxy crypto exchange
The U.S. Securities and Exchange Commission charged the Beaxy crypto exchange and its executives for failing to register as a national securities exchange, broker, and clearing agency. They also added charges against Beaxy's founder, Artak Hamazaspyan, and his company for selling an unregulated security (the BXY token) and for misappropriating at least $900,000.
According to the SEC, the BXY token sale raised more than $8 million. At least $900,000 of that was misappropriated by Hamazaspyan, who used it for personal purposes, including gambling.
Some of the defendants agreed to permanent injunctions, and to pay fines of around $166,000 and disgorgement of around $62,800. The agreement also stipulates that the Beaxy platform shut down. The SEC announced they were continuing to litigate charges against Hamazaspyan for securities fraud and against Hamazaspyan and his company for the unregistered securities offering.
- "SEC Charges Crypto Trading Platform Beaxy and its Executives for Operating an Unregistered Exchange, Broker, and Clearing Agency", U.S. Securities and Exchange Commission
$8.9 million stolen from SafeMoon
If the pump-and-dump didn't get you, the liquidity pool compromise might have! Holders of the SafeMoon token were informed that the SafeMoon liquidity pool had been compromised, and $8.9 million had been stolen, after a code upgrade introduced a bug. The attacker was able to take advantage of the bug to artificially inflate the price of the SafeMoon token, then sell it to steal the erroneous "profit".
US CFTC sues Binance and CEO Changpeng Zhao
The US Commodity Futures Trading Commission (CFTC) filed charges against the crypto exchange Binance and its CEO Changpeng "CZ" Zhao for allegedly violating rules around trading and derivatives. Binance is the largest cryptocurrency exchange in the world.
The CFTC has alleged that "Binance has taken a calculated, phased approach to increase its United States presence despite publicly stating its purported intent to 'block' or 'restrict' customers located in the United States from accessing its platform... All the while, Binance, Zhao, and Lim, the platform's Chief Compliance Officer ('CCO'), have each known that Binance's solicitation of customers located in the United States subjected Binance to registration and regulatory requirements under U.S. law. But Binance, Zhao, and Lim have all chosen to ignore those requirements and undermined Binance's ineffective compliance program by taking steps to help customers evade Binance's access controls."
The CFTC is only one of several US groups looking into Binance, with the SEC also reportedly scrutinizing the exchange and the Department of Justice considering charges.
Kokomo Finance rug pulls
The Kokomo Finance project on the Optimism Ethereum layer-2 network rug pulled for $4.5 million in assets. The project positioned itself as a non-custodial lending platform.
After raising user funds, the project's creators drained its liquidity pools. They also convinced users to send funds to them with a technique known as "ice phishing". They then deleted their social media accounts and disappeared.
- "Kokomo Finance", CertiK
Latest Sotheby's NFT sale is decidedly tepid
Despite Sotheby's estimates that the most popular piece in the "Oddly Satisfying" NFT collection would sell for €70,000–€100,000 ($75,500–$108,000), the "Eternity" NFT attained a highest bid of only €50,800 ($54,600). Altogether the full collection brought in $316,000, with 60% of the NFTs going for less than Sotheby's estimates. This is a marked change from the barn burner NFT sales at Sotheby's in 2021, including one in which a CryptoPunks NFT sold for $11.8 million.
It seems perhaps even Sotheby's prestige is not sufficient to overcome the NFT downturn.
Collector accidentally burns their $123,000 CryptoPunk
The new owner of a CryptoPunk, one of the most popular early NFT projects, accidentally burned the NFT they had only just purchased. After spending 77 ETH ($123,434) on the NFT, the owner tried to wrap it so they could borrow against it.
However, some confusing instructions resulted in the owner sending the punk to the burn address, effectively destroying the NFT. "I was trying to wrap it and don't know what I was doing... Thought I was following the directions exactly..." they later wrote. They also later shared that they had borrowed money in order to purchase the CryptoPunk.
US prosecutors file criminal charges against Do Kwon
Only hours after Do Kwon was arrested in Montenegro, federal prosecutors in New York filed eight criminal charges against him: conspiracy to defraud, conspiracy to defraud and engage in market manipulation, and two counts each of commodities fraud, securities fraud, and wire fraud. Prosecutors accuse Kwon of defrauding people by selling LUNA and UST (Terra) based on false claims about the technology, degree of adoption, and effectiveness of the algorithm intended to maintain Terra's stability.
The criminal charges out of the US add to civil charges he's facing from the SEC, as well as an investigation out of South Korea.