The respondents agreed to a $12.8 million forfeiture of ill-gotten profits, plus a combined $250,000 penalty. The case marked a first from the SEC in the decentralized finance space.
The SEC charged two individuals with selling more than $30 million in unregistered securities in what they described as a defi project that bought "real world" assets like car loans to generate income for investments they promised investors would generate more than 6% interest. Although the company was not able to operate as they'd promised, due to crypto's price volatility, the company lied to investors that all was hunky-dory.
DeviantArt releases software to automatically scan the NFT platform OpenSea for NFTs that use stolen artwork from DeviantArt. While it's awesome that DeviantArt created this tool to help the artists on their platform, it underscores the hands-off, look-the-other-way approach OpenSea has taken to the rampant art theft on their platform. Even reports of blatant copies of artwork have been rejected with no action, and artists are forced to report each infringement of their work individually even if there are many.
The company Uulala, which aimed to provide underbanked individuals with opportunities to build credit, settled with the SEC over charges that they ran an unregistered ICO that raised $9 million. Although they claimed to be using a "proprietary micro-credit algorithm" and proprietary database technology, the SEC said their algorithm was still under development and that they were using database technology belonging to another company. As a part of the settlement, Uulala disabled all $UULA tokens and asked crypto exchanges to disallow trading.
Popsicle Finance, a DeFi platform, lost $25 million to a bug exploited with flash loans. The organization later reimbursed users who lost money to the exploit.
Finiko, a Russian operation that turned out to be a Ponzi scheme, collapsed in July 2021 after defrauding approximately $95 million from people. Investors, facing difficult economic conditions in Russia, were promised they could see returns of up to 30% a month.
An attacker giving out free UniH tokens was able to exploit a bug in a non-standard token contract and steal RUNE tokens from unsuspecting victims. By baiting people into selling their new UniH tokens, the attacker was able to execute malicious code that transferred any RUNE tokens also in their wallet. This was the fourth exploit pertaining to the Thorchain platform in the month of July.
Norton, the makers of the popular Norton Antivirus software, started installing "Norton Crypto" on customers' machines when they install the popular Norton 360 antivirus and malware protection software. It mines Ethereum, skimming 15% for Norton of course. They don't seem to mention that the energy costs incurred by crypto mining on a personal machine are likely to exceed any actual mining proceeds.
Coinbase's USD Coin claimed that there was $1 "in a bank account" to back it, meaning that if everyone hypothetically tried to redeem their USDC at once at any given time, it would be possible. A July disclosure showed that this wasn't true, and that the coin was actually backed by commercial paper, corporate bonds, and other assets. Bloomberg speculated that the FTC might investigate the claim as a possible "unfair or deceptive act or practice".
StableMagnet creators rugpulled about $27 million from users by swapping out linked library code. Users who had StableMagnet linked to their cryptocurrency wallets saw their wallets drained.
The cryptocurrency "titan" dropped from $65 to $0.000000024 within a few hours, despite being a stablecoin that is supposed to be much less volatile than most cryptocurrencies. As the price began to drop, the smart contract encountered a bug that prevented investors from selling their holdings. Among those burned by the coin's crash was billionaire investor Mark Cuban, who had blogged about the token only days prior.