Bittrex used to be a major player in the US cryptocurrency market, with over 20% of US market share in 2018. However, the exchange's dominance had dwindled to below 1% as of 2021.
Bittrex finally closes up for good
After paying a then-record $29 million fine for sanctions violations in October 2022, shutting down US operations in March 2023, filing for bankruptcy in May, and paying $24 million to settle a lawsuit from the US SEC in August, Bittrex is finally throwing in the towel. The company announced that it was closing its global operations, and urged customers to withdraw funds stored with the exchange within only two weeks. The also informed customers who held US dollars on the exchange that they would not be allowed to withdraw, and would have to convert their dollars to Euros or cryptocurrency.
DOJ reportedly seeking $4 billion resolution to Binance investigation, with possible criminal charges against CEO
According to Bloomberg, ongoing negotiations between the U.S. Department of Justice and Binance have involved penalties greater than $4 billion as part of ending an ongoing, multi-year probe into the exchange. Such a settlement would not insulate founder Changpeng "CZ" Zhao from criminal charges.
The negotiation may involve a deferred prosecution agreement, in which the US would file a criminal complaint but agree not to prosecute so long as Binance met agreed conditions under a monitoring process.
It remains to be seen if this is the avenue the DOJ and Binance will go with. A Bloomberg source speculated that a decision could come within the next few weeks.
Kraken sued by U.S. SEC
Kraken is the latest cryptocurrency exchange to face a lawsuit from the U.S. Securities and Exchange Commission. According to the SEC, Kraken violated securities laws by listing tokens like Polygon (MATIC) and Solana (SOL), which the SEC has argued in this and in other lawsuits are unregistered securities.
Furthermore, the SEC claims that Kraken commingled corporate and customer funds, "at times pa[ying] operational expenses directly from bank accounts that hold customer cash."
Kraken's new CEO, Dave Ripley, posted on Twitter that the company "plan[s] to vigorously defend [their] position" that they do not list securities.
DOJ cracks down on $225 million crypto romance scam
At least according to the rather shady Tether stablecoin provider, the U.S. Department of Justice has been working on an investigation into a massive "pig butchering" romance scam and human trafficking operation based out of Southeast Asia.
According to Tether, they "voluntarily fr[oze] approximately 225 million in USDT tokens" in connection to the investigation.
Some romance scammers hoping to lure victims into sending them cryptocurrencies are themselves victims of human trafficking operations, where they are held victim and forced to send such messages.
dYdX insurance fund loses $9 million in apparent attack
Around 40% of the "insurance fund", intended to protect dYdX users from having to backstop other traders' losing trades, was drained in what dYdX CEO described as "pretty clearly a targeted attack against dYdX". An attacker manipulated the market for the Yearn Finance token, which is not normally heavily traded on dYdX, but which experienced a surge in trades around the attack. By taking advantage of flaws in dYdX's risk management, the attacker was able to rack up big losses and then force the dYdX insurance fund to pay out.
Kronos trading firm suffers key breach
The cryptocurrency trading firm Kronos Research announced on Twitter that they had stopped trading while they investigated "unauthorized access of some of our API keys". They claimed that "potential losses are not a significant portion of our equity". They later confirmed the loss at around $26 million.
Aqua web3 gaming marketplace shuts down
It's not that blockchain gaming was a flop, they were "just too early" (said CEO Sean Ryan). The Aqua gaming NFT marketplace announced their shutdown, attributing it to "challenges in raising funds and the slower-than-expected growth within the web3 gaming sector". Users were instructed to transfer their funds off the platform by December 1.
The company launched its marketplace in September 2022, backed by $10 million from the DIGITAL venture fund.
The Blockchain Group suspends stock trading in apparent financial crisis
French blockchain firm The Blockchain Group announced that they had requested trading be halted on the company's shares and postponed a planned company meeting. The announcement disclosed "financial difficulties" that had caused the company to try to obtain rescue financing. They also said that they had begun discussions with creditors around possible restructuring.
The Blockchain Group is behind a number of different services, including a crypto wallet called Eniblock and an open source software bounty project called Bountysource. Users of the Bountysource project have been complaining about issues receiving payments since as far back as May 2023.
Network of fake Twitter accounts impersonating crypto security firms phish panicked victims
On the evening of November 14 I logged on to Twitter to notice that #OpenSeaHackAlert and related hashtags were trending. But they were trending not because OpenSea had truly been hacked, but because a huge network of fake accounts with usernames similar to those of PeckShield, CertiK, and zachxbt — well-known accounts that alert crypto traders to possible scams — were spamming the hashtag. Hoping to spark panic into crypto holders who had used the popular service, as well as other services like Uniswap which they were claiming were breached, the phishers shared links to sites that would supposedly help users revoke access to their wallets by those services, securing their assets. Instead, however, those malicious sites would drain the wallets.
According to researcher zachxbt, who himself was one of the impersonated, the scammers have stolen more than $300,000 in various assets using this technique.
This is not the first time such a technique has been used — a scammer attempted a similar, though less successful, scheme in April 2022. Scams like this take advantage of the poor UX in the crypto world for tracking and revoking wallet permissions that have been granted, requiring people to use third-party websites created for this purpose. Some of them are legitimate, but there are many malicious copies of these revocation sites that prey upon users who may be acting quickly in fear that their assets are at risk.
Up to $1 billion stored in early Bitcoin wallets may be at risk due to "Randstorm" vulnerability
While trying to help a Bitcoin holder who lost their password, researchers at Unciphered discovered a major flaw in the way early Bitcoin wallets had been created. Thanks to a flaw in an open source software library called BitcoinJS, which was later incorporated into many wallet software projects to generate Bitcoin wallets with random keys, wallets created prior to 2016 may be vulnerable to cracking. Wallets created before March 2012 are at particular risk, as the roughly 6% of those that are vulnerable (and which hold a combined ~55,000 BTC, or ~$100 million) could be cracked without requiring major computing resources.
Unciphered worked with various wallet providers to contact people whose wallets may be vulnerable, though ultimately it is up to those wallet holders to secure their funds by creating new wallets and transferring their tokens. Unciphered also noted that some Dogecoin, Litecoin, and Zcash wallets may be vulnerable due to shared code.