BTC.com suffers $3 million attack

In a press release, BIT Mining reported that their subsidiary BTC.com had experienced a "cyberattack" in which $700,000 of customer assets were stolen. They also reported that $2.3 million of company assets were stolen, though they said that some of these funds had been recovered. They wrote that they were working with Shenzhen law enforcement to investigate the attack, but provided few details on the attack vector.

BTC.com is the seventh largest Bitcoin mining pool, which also operates other crypto mining services. Its parent company, BIT Mining, is publicly traded on the NSYE.

Millions of dollars of user funds stolen in BitKeep wallet hack

BitKeep, a popular cryptocurrency wallet in Asia, suffered a hack in which at least $8 million in various cryptocurrencies were stolen from user accounts.

BitKeep has claimed that attackers were able to compromise a version of their software and introduce malicious code which enabled them to drain user funds. BitKeep recommended their users contact the team behind BNB Chain on social media to plead with them to freeze an address used by the hackers, although the attackers had already begun to tumble the funds.

This is the second BitKeep-related hack in the last few months. In October, hackers stole more than $1 million worth of BNB when the Swap feature of the BitKeep wallet was exploited.

Rubic cross-chain exchange hacked, $1.4 million in user funds stolen

The Rubic cross-chain exchange suffered an exploit in which attackers were able to siphon a total of around $1.4 million in user funds from their wallets. The exploit was enabled by an error by the project team, who erroneously added the USDC stablecoin address as a router, which allowed attackers to arbitrarily withdraw USDC held by Rubic users. The hacker then transferred the stolen funds through the Tornado Cash cryptocurrency mixer.

Rubic paused their project to limit further thefts, and stated they would pursue audits before coming back online. They also stated that they would "strive to compensate for the losses".

Police arrest two executives of shuttered AAX exchange

The Hong Kong-headquartered AAX cryptocurrency exchange suddenly halted withdrawals on November 13, claiming they were performing temporary system maintenance. However, withdrawals were never re-enabled, and customers quickly realized the exchange was unlikely to resume withdrawals. Some even began searching for the whereabouts of AAX execs, showing up at offices in Hong Kong and Singapore.

Now, Hong Kong police have arrested Liang Haoming and Thor Chan, two executives connected to AAX. Police have reportedly accused the men of using the maintenance excuse to halt customer withdrawals while dealing with a liquidity crisis.

Defrost Finance fails to rug pull

Defrost Finance, a defi trading platform built on the Avalanche Network, apparently tried and failed to rug pull its users. The project claimed on December 23 that they were "sad to announce that our V2 has suffered a hack, with an attacker using a flash loan function to withdraw funds". They later announced that this "hacker" had also managed to exploit the v1 version of their project. Altogether, it appeared that tokens valued at around $12 million had been stolen.

Observers were quick to notice that the "hack" was made possible by the addition of a fake collateral token, which was then manipulated to liquidate the protocol's users, suggesting the "hack" was likely an inside job.

On December 26, Defrost claimed that the "hacker" had miraculously returned the money. The announcement didn't seem to convince the project's users, who left comments like, "It was never hacked. You tried to rug your users".

Defrost Finance's team had previously run a project called FinNexus, which also suffered a "hack" in May 2021 that was widely believed to have been a rug pull.

The latest Pokémon knockoff is stopped in court

Knock-off Pokémon crypto products — including NFTs and blockchain games — have been so prevalent in the past two years that they've earned their own collection on this blog.

Now, it seems that The Pokémon Company International (TPCI) is doing something about it. They hired private investigators to try to locate and serve a company called Kotiota with legal papers, though ultimately were unsuccessful in finding their offices or any employees.

Kotiota was engaged in unusually brazen Pokéfraud, sending legal letters to news outlets who had written about the real Pokémon games and insisting they be named as a developer. Their website falsely claimed Kotiota had been working on various recent Pokémon games, and the company had even forged an agreement with TPCI to claim they had a license agreement.

Kotiota had been planning to release a Pokémon-based play-to-earn blockchain game and collection of NFTs in January 2023, but an Australian court has barred the company from doing so, and ordered them to stop using the Pokémon brand or claiming to have developed the games.

FTX executives Caroline Ellison and Gary Wang plead guilty to criminal charges, are cooperating with investigation

Side-by-side photos of Caroline Ellison and Gary WangCaroline Ellison and Gary Wang (attribution)
Two of Sam Bankman-Fried's inner circle, Caroline Ellison and Gary Wang, have pled guilty to federal criminal charges and are cooperating in the case against Sam Bankman-Fried. Ellison was the CEO of Alameda Research, the trading firm founded by Sam Bankman-Fried in 2017. Wang was a co-founder of FTX alongside Bankman-Fried, and served as its CTO.

Ellison's and Wang's pleas were announced in a short message by U.S. Attorney Damian Williams, who did not elaborate on what the charges were. He again urged any others who had knowledge of criminal activity at FTX to come forward, and warned that these were not the last charges he expected to file.

Simultaneously with the charges from the Justice Department were civil complaints from the Securities and Exchange Commission, which alleged that both had been involved "in a multiyear scheme to defraud equity investors in FTX". In particular, the SEC accused Ellison of artificially manipulating the price of FTT, the FTX-issued token that formed a large portion of Alameda's balance sheet. The SEC accused Wang of creating a backdoor in FTX software that allowed Alameda to move customer funds from FTX for use in its trading activities.

The CFTC filed an amendment to their complaint against Sam Bankman-Fried, adding Ellison and Wang as defendants.

Paxful crypto marketplace delists ether, citing "scams that have robbed people of billions"

Peer-to-peer crypto marketplace Paxful announced that it will be delisting ether, citing "scams that have robbed people of billions".

So close. You're almost there.

Paxful CEO Ray Youssef said in an email to the platform's claimed 11.6 million customers that the decision was based on Ethereum moving from proof-of-work to proof-of-stake, not being decentralized, and spawning an ecosystem of scammy Ethereum-based altcoins. The email featured a header photo of Youssef himself posing triumphantly, and Youssef spent much of the subsequent day tweeting memes he made from pictures of himself.

With the loss of ether, the platform will only allow swaps of Bitcoin, Tether (USDT), and USDC — despite both Tether and USDC being Ethereum-based tokens.

Swan Bitcoin releases a new product to streamline the process of losing your house speculating on Bitcoin

"Convert home equity into Bitcoin", Swan Bitcoin advertises with their new home equity product. Relatively few details are available on the new loan product they're offering, but they advertise that you can close on the loan in "as little as 5 days", obtain loans with no income or credit check, and obtain loan amounts from $20,000 to over $1 million. What could go wrong?

"Rates starting at 7.5%, with 80% Bitcoin upside appreciation", they say. Downside risk is, naturally, not mentioned.

For those unfamiliar, Swan Bitcoin is a US-based Bitcoin-only crypto platform (although CEO Klippsten would surely yell at me for saying it is a "crypto platform", as he insists at every opportunity that "Bitcoin is not crypto").

Core Scientific Bitcoin mining firm files for bankruptcy

Core Scientific warned in October that it was teetering on the edge of bankruptcy, so it was no huge surprise when the company filed for bankruptcy protection on December 21. Core Scientific is one of the largest Bitcoin miners, responsible for around 10% of the computing power on the Bitcoin blockchain. The company operates around 143,000 miners, and host an additional 100,000.

Core Scientific is only one of many Bitcoin miners in distress, as low Bitcoin prices and other factors make mining much less profitable. Other mining firms, including Argo Blockchain and Greenidge Generation, have warned that they may face bankruptcy in the near future. Some firms, such as Iris Energy, have powered off a significant amount of their mining capacity.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.