...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.
Created by Molly White. Subscribe to her newsletter for weekly recaps.
Generally, it is very bad practice to store sensitive secrets in Github, even when projects are set to private.
"Got drained of everything," he wrote on Twitter. A commenter asked how long it took for the attacker to steal the money after the private key became publicly visible. "2 min", he replied.
The theft was first noticed by outside researchers, who saw the suspicious outflows and accused the platform of not communicating the security breach to its customers. The following day, Lykke acknowledged the attack and informed customers via email.
According to the DOJ, banks became suspicious when the revenue for the Epoch Times increased 410% — from around $15 million to around $62 million — from the previous year.
In an unusual move, the operators of the Linea layer-2 blockchain chose to unilaterally halt the chain in order to stop the outflow of stolen assets. Because Linea — like many layer-2 chains — is highly centralized, it was possible for the Linea team to unilaterally stop the production of blocks.
This was very controversial, as a single operator being able to unilaterally control the operation of a blockchain goes against much of the cryptocurrency ethos. Following their action, they tried to explain that "Linea's goal is to decentralize our network - including the sequencer. When our network matures to a decentralized, censorship-resistant environment, Linea's team will no longer have the ability to halt block production and censor addresses - this is a primary goal of our network".
The company claims it will replace the lost funds with help from other companies in their group.
This is one of the largest cryptocurrency thefts in recent history, rivaling the roughly $320 million theft from the Wormhole bridge in February 2022 and the $477 million theft from FTX in November 2022.
In his sentencing memo, Salame asked for a sentence of no more than 18 months imprisonment, claiming that "he was duped, as was everyone else, into believing that the companies were legitimate, solvent, and wildly profitable." Judge Kaplan didn't seem to agree, ultimately passing down a sentence greater than the five to seven years requested by prosecutors. He also will pay $6 million in forfeiture, $5 million in restitution, and spend three years on supervised release.
Salame is the first of Bankman-Fried's co-conspirators to be sentenced.
First, the team sniped their own $CAT token launch to obtain 63% of the token supply, ultimately selling a portion of it for around $5 million. Then, they took out $2.3 million and $1 million long positions on the ORDI and ETHFI tokens, respectively. Finally, they posted from the compromised influencer account to shill the ORDI and ETHFI tokens to his massive following. Ultimately, their gambit doesn't appear to have been incredibly successful: they made around $34,000 on the ORDI position, but lost $3,500 on the ETHFI position. However, as zachxbt noted, it's possible they also opened positions on centralized exchanges where the outcomes aren't publicly visible.
Although the token claimed to have a market cap of $42 million, the attacker was only able to cash out around 224 wETH (~$882,000). However, the losses to some holders of the token were much more substantial. One individual had put around $1.16 million into $NORMIE, and those holdings are now priced at around $150.
The attacker has been negotiating the possible return of funds to the project team, who has expressed interest in relaunching the token.
At first, people widely believed her account had been hacked, given how frequently celebrity token promotions turn out to be compromised Twitter accounts. Then, she began joining Twitter spaces and posting videos about the token, but with the emergence of more and more convincing deepfakes, even those didn't convince people that it was truly Jenner behind the token.
Despite the confusion — or perhaps because of it — the token has been popular.
The token launch was linked to Sahil Arora, a person allegedly connected to multiple celebrity rug pulls and pump-and-dumps. However, Jenner quickly turned on Arora shortly after the token's launch, posting on Twitter "FUCK SAHIL! He scammed us! BIG TIME!" and that "Sahil appears to be fully out".
Jenner is not the first in her family to get mixed up with crypto. In October 2023, her stepdaughter Kim Kardashian was fined over $1 million for unlawful touting of a crypto security.
Altogether, the attacker was able to swap around $21 million of the GALA tokens into ETH before the address was frozen.
The attacker was able to perform the exploit because they had access to a wallet with admin access to the Gala Games smart contract. It's not clear if the attacker is a rogue employee, or if an admin wallet was compromised.
As of writing, Gala Games has not publicly acknowledged the attack.
No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.
