Crypto researcher zachxbt observed that the wallet targeted for the theft had in 2019 received a transfer from the Binance deployer, suggesting that the compromised wallet may have some ties to Binance itself.
Wallet linked to Binance deployer loses $27 million in apparent hack
An attacker apparently stole $27 million in the Tether stablecoin from a wallet that had just withdrawn the funds from their Binance account. The hacker quickly converted the funds to evade attempts at freezing the stolen assets.
Raft exploited for $3.3 million, then hacker screws up
An attacker exploited the Raft defi project after finding a vulnerability that allowed them to mint 6.7 million of Raft's R stablecoin without any backing.
The attacker then went to convert the R into ETH, which they would then be able to launder and cash out. However, an error in the attacker's code caused 1,570 ETH ($3.25 million) to be sent to the burn address, rendering it permanently inaccessible to everyone including the hacker. Only 7 ETH remained. However, because they had to spend ETH to fund the attack, the hack ultimately resulted in a loss of 4 ETH (~$8,000) for the perpetrator. Oops.
As a result of the hack, the R stablecoin lost its dollar peg, plummeting down to around $0.70. Raft acknowledged the attack and announced that they had paused minting.
Samudai treasury drained
The treasury of the Samudai DAO was apparently drained as an attacker compromised the project's multisignature wallets and the wallet belonging to the project's founder, Kushagra Agarwal. Altogether, around $1.25 million in ETH was stolen.
Agarwal sent a message to the thief shortly afterwards, offering a 10% "bounty" in exchange for the return of the rest of the funds. The attacker didn't seem to be interested, and in mid-January began tumbling the assets through the Tornado Cash cryptocurrency mixer.
Samudai didn't seem to publicly acknowledge the theft, even though they've posted on Twitter a few times since then. The organization had raised $2.5 million in pre-seed capital in June 2022.
- Tweet by CyversAlerts [archive]
- On-chain message from Kushagra Agarwal [archive]
Poloniex hacked for more than $120 million
Assets including Bitcoin, Ethereum, and Tron's TRX token, priced at more than $126 million, were stolen from Justin Sun's Poloniex cryptocurrency exchange. Researchers are still homing in on the exact amount of funds that were stolen from the company's hot wallets across multiple blockchains, but suffice to say it's a lot.
Poloniex was initially tight-lipped, posting on Twitter that they had "disabled for maintenance" an exchange wallet. Justin Sun later updated that they were investigating the "hack incident", and promised to "fully reimburse" the massive theft... somehow. He later tweeted that they would offer a 5% "bounty" to the hacker if they returned the funds within a week, threatening to "engage law enforcement" otherwise.
CoinSpot exchange exploited
The Australian cryptocurrency exchange CoinSpot appears to have been hacked for around 1,283 ETH (~$2.4 million). In two separate transactions, the ETH was transferred out of CoinSpot's hot wallet, then bridged to Bitcoin via Thorchain and another bridge.
Wintermute declares friendship over with Near Foundation and Aurora Labs after they refuse to send $11 million
"Public service announcement or 'how we are not really friends with Near Foundation and Aurora Labs going forward'", wrote Wintermute CEO Evgeny Gaevoy on Twitter. He launched into a thread accusing Near and Aurora of refusing to honor a previous agreement to facilitate the redemption of around 11.2 million USN, the de-pegged stablecoin of the Near network. Wintermute said they had helped FTX to sell that quantity of the USN tokens, providing them with dollars to disburse to creditors, under the belief that Near and Aurora would help them honor the USN redemptions at $1.
However, Near later decided it would not honor the redemption, accusing Wintermute of trying to pull off an arbitrage trade with the distressed asset. They also, somewhat curiously, claimed that the funds that were provided to Wintermute by the FTX estate may have been the tied to illegal activities. Aurora also described Wintermute's claims as "unfounded", and accused Wntermute of "tr[ying] to exploit the programme to profit from the purchase of distressed assets from the Alameda estate".
Wintermute has promised to "pursue all legal avenues" against the Near Foundation and Aurora Labs.
MEV bot exploited for almost $2 million
An MEV bot was exploited after an attacker discovered a vulnerability in its code that allowed anyone to call one of its functions that sold wBTC for wETH. Using a flash loan to imbalance a wETH/wBTC pool on Curve, the attacker then caused the bot to purchase wBTC at its inflated price. They then sold the wBTC for a profit. Altogether, the exploiter made off with 1,047 ETH ($1.975 million).
- Tweet thread by CertiK Alert [archive]
- Transaction on Etherscan [archive]
Arrests made in $300 million Indian crypto scam
Indian police have arrested around eighteen people, including four police officers, in connection with a $300 million cryptocurrency scam that affected around 100,000 people in Himachal Pradesh. Victims were invited to invest in a cryptocurrency called Korvio Coin (KRO), but later the scam incorporated other tokens as well. Around 5,000 government officials and around 1,000 police fell victim to the scam, with some themselves becoming promoters.
The scam was allegedly orchestrated by Subhash Sharma, who has not been apprehended. This particular fraud was uncovered in September, but has been ongoing since as long ago as 2018.
Yuga Labs' social media lead resigns after racist and antisemitic tweets resurface
One might think that a social media lead might have a grasp on his own social media accounts, and might have scrubbed damning tweets made only shortly before they began their position.
One also might think that a company embroiled in constant racism accusations might be cautious about screening its employees.
Neither of these things happened, though, and someone dug up vile tweets by Shpend Salihu, better known as NGBxShpend. Salihu resigned shortly after the tweets came to light, writing that they had "become a distraction from the [Bored Ape Yacht] Club and what we're all about."
Bored Ape collectors experience searing eye pain after "ApeFest" party
Bored Ape collectors attending an ApeFest party in Hong Kong have now been subjected to the kind of eye pain the rest of us have felt for years having to look at their hideous, pricey JPEGs.
The going theory is that event organizers skimped on lighting costs by using UV lights intended for sanitization, not for entertainment, causing burns to the eyes and skin. The eye condition, photokeratitis, is better known as "snow blindness" or "welder's flash", as it more typically affects people who haven't worn proper eye protection while welding or while exposed to sunlight reflected from ice and snow.
Several attendees reported having to seek emergency medical treatment after experiencing excruciating eye pain and vision problems, and tweet threads began circulating giving various other ApeFest attendees advice on recovering from the painful condition.
Bored Ape creator Yuga Labs belatedly issued a tweet two days after the incident, claiming only a small fraction of attendees had experienced "eye-related issues", but encouraging anyone with symptoms to "seek medical attention just in case".