Another $1 million lawsuit is filed against OpenSea for stolen apes

An illustration of a red-furred ape wearing a captain's hat, grimacing with half-lidded eyes, and wearing a dress shirt and maroon vest with an ascotBored Ape #8858 (attribution)
A third "stolen ape" lawsuit was filed against OpenSea, alleging that Opensea's "security vulnerability allowed an outside party to illegally enter through OpenSea’s code and access Plaintiff’s NFT wallet, in order to sell Plaintiff’s Bored Ape at a fraction of the value." Someone was able to buy the plaintiff's Bored Ape for 24.89 ETH (~$60,000)—much less than the 135 ETH (~$332,000) the plaintiff had recently listed it at. The scammer then quickly flipped the NFT for resale for 92.9 ETH (~$225,000) within an hour.

The language in the lawsuit is very similar to the stolen ape lawsuit filed February 18, which is not surprising because the plaintiffs are using some of the same lawyers. Vice interviewed one of the lawyers, and determined that the somewhat odd wording refers to the issue in which OpenSea users didn't realize their old listings of NFTs at lower prices were still active.

Worldcoin, creators of the eyeball scanning orb that promises universal basic income, encounter more difficulties

A man sits staring into a gleaming silver sphereStare into the Orb (attribution)
New reporting from BuzzFeed News and MIT Technology Review described some of the issues that Worldcoin has been encountering on its mission to scan the eyeballs of the world population, in exchange for nebulous promises of crypto. Although "Orb operators" have been out and about scanning eyeballs in countries around the world, those who've agreed to be scanned have only been offered a voucher for Worldcoin tokens and a promise that they may, someday, be redeemable for $20. Meanwhile, the company appears to be flouting data privacy laws and endangering operators of these Orbs, who have encountered threats from angry uncompensated users, and some of whom have been detained by law enforcement. Those who have agreed to have their eyes scanned have accused the company of "stealing their eyes", and fear how their biometric data may be used.

Collectors spend a cumulative $26 million on gas fees alone for "VaynerSports" NFT project—3x the amount made from the NFTs

A rendering of a card with the letters "VSP" on itVaynerSports Pass NFT (attribution)
AJ Vaynerchuk, brother of prominent NFT personality Gary Vaynerchuk (aka Gary Vee), launched his VaynerSports NFT collection. The popularity of the project resulted in surging gas fees on the Ethereum chain, and a poorly-implemented contract worsened issues. Users encountered failed transactions, meaning they lost the gas fee they had spent, and also did not successfully mint an NFT. Once the mint was over, 2411 ETH ($8.2 million) had been spent on mints, and 7652 ETH ($26.4 million) had been spent on gas fees. Some users lost thousands of dollars in gas fees on failed transactions.

Someone mints NFTs of r/place, because what's the point of collective artwork if someone can't profit off it

Pixel artwork showing a Bitcoin with a cancel symbol, and "r/FUCKNFTS"Portion of r/place (attribution)
Reddit reopened its chaotic collaborative art project, r/place, for several days. Users could place colored pixels onto a shared canvas at limited intervals, collaborating to festoon the page with flags, fan art, memes, subreddit names, activist statements, logos, and everything else people could collectively convince others to help create. The collaborative canvas at various times conveyed pro- and anti-crypto sentiment, with r/Buttcoin putting up a valiant effort to stamp "Fuck NFTs" onto the piece.

Sadly, the collaborative and fun community art piece and social experiment was financialized almost immediately after the last pixels were placed, with several projects cropping up to sell portions of the canvas for crypto. One of the projects ended almost as quickly as it began, replacing all its NFT images with the "r/FUCKNFTS" portion of the canvas and rewriting the description to say, "Ok, I guess that was a bad move and a bad Joke. Please use Cryptos as decentralized money against states, not to sale dumb images on the internet. Love U Reddit, got U". Other projects, however, remain for sale.

COVID-19 conspiracy theorist Robert Malone announces to trucker convoy his plans to dox more than 4,000 people using blockchain-based tech "so they can't take it down"

Robert Malone speaks into a microphone at a podium on an outdoor stageRobert Malone speaking to trucker convoy (attribution)
Robert W. Malone, a COVID-19 conspiracy theorist, gave a speech to a group of anti-vax truckers in which he announced plans to dox over 4,000 "[World Economic Forum] trainees" by publishing their names, addresses, and current and historical work information. "We're about to put this up on a blockchain-protected site so they can't take it down" he said, to cheers. "We're going to ask all of you and we're going to ask Steve Bannon's posse to crowdsource the rest of those names," he said, "There are a ton of... people residing in the United States... that are embedded throughout our government, and throughout the tech industry, and throughout the banking industry, and throughout the bloody media!" When a crowd member shouted "Lock them up!" he replied, "locking them up isn't even going to do it", leading another person in the crowd to shout, "hang them!"

Federal authorities seize $34 million in Bitcoin from alleged seller of stolen account information

A Floridian suspected of selling hacked account information for services including HBO, Netflix, and Uber had $34 million in Bitcoin seized by federal authorities. Prosecutors accused a suspect of a scheme from 2015–2017 in which he sold stolen account information on the dark web. Unusually, they filed a civil rather than criminal case against the defendant, and were able to seize the crypto in a default judgment. Tough day for those arguing that crypto is somehow inherently immune from government actions.

Scammer takes advantage of a platform's poor UX to steal several pricey Bored Ape NFTs

An illustration of a light yellow ape with lidded eyes with yellow irises, blowing a bubble of gum, wearing a red t-shirtBored Ape #1584 (attribution)
A trader who owned a Bored Ape and two Mutant Ape NFTs apparently reached a deal to trade them for three different Bored Ape NFTs. Because OpenSea doesn't support swapping NFTs directly, only buying and selling them for ETH, the traders used a less-known platform called KiwiSwap to do the trade. Like many platforms, KiwiSwap aims to help users spot faked NFTs by showing a "verified" badge—however, because the platform shows the badge overlaid on the NFT image, a scammer was able to create imitation Bored Apes that included the same checkmark as a part of the image, making them appear legitimate. KiwiSwap also does not include functionality that would allow a user to click through to verify the NFT is the one it claims to be.

When the user confirmed the transaction, they transferred their three pricey apes to the scammer, receiving three worthless ones in return. NFT trader 0xQuit estimated the loss at around $587,000.

Amidst rumors of market manipulation, Waves' USD-based "stablecoin" loses peg, drops to $0.82

A chart on CoinMarketCap showing USDN/USD. The price had been relatively stable at $1 for the entire three-month view, until suddenly dropping to around $0.80 on April 4Price chart showing USDN depeg (attribution)
The stablecoin belonging to the Waves protocol, "Neutrino dollar" (aka USDN), crashed nearly 20%, despite intending to maintain its 1:1 ratio to the US dollar. The volatility occurred amidst flying accusations on Twitter, where various people first accused the Waves team of manipulating the price of their own token and running a Ponzi scheme, and then Waves' CEO accused an outside trading firm of manipulating the $WAVES price and "organiz[ing] FUD campaigns to trigger panic selling".

User loses £55,000 (~$72,000) to Trezor phishing email

A black plastic rectangle that tapers towards the bottom. It has a "TREZOR" logo and a square screen displaying a lock icon.Trezor hardware wallet (attribution)
A Bitcoin holder using a Trezor hardware wallet fell victim to a phishing scam after attackers stole email lists from a third-party vendor use by Trezor. The user wrote on Reddit that they were "not paying attention and was on autopilot, just doing what it said. Was arguing with my gf via Telegram at the time... had not slept enough, was a bit hungover and was distracted" when they received the email.

The email in question appeared to be from Trezor, and claimed that users' funds were in jeopardy. It prompted them to download a new (fake) version of the Trezor wallet software, and when users entered their seed phrase to restore their wallet from a backup, it drained their crypto. "What a mug I am," wrote the affected user. "Had been building up my BTC for seven years and lost it in a few minutes' utter stupidity."

The Reddit post also included two follow-up edits, displaying the victim blaming that is common when users are hit with phishing scams and other attacks. The user wrote "Edit: yes I entered my keys, because I'm a twat Edit 2: a lot of people saying they'd never fall for it. I hope they're right."

Attack on Inverse Finance results in a $15.6 million loss

An attacker targeting the defi project Inverse Finance was able to manipulate the price oracle of INV/ETH, artificially inflating the apparent price of INV and allowing the attacker to borrow against it. The attacker was ultimately able to turn the borrowed DOLA, ETH, WBTC, and YFI tokens, priced at a total of around $15.6 million, into around 4300 ETH (priced at around $14.5 million). As of early April 2, the attacker had transferred 1,300 ETH (around $4.5 million) to a tumbler to make it more difficult to trace.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.