- "Crypto Lender Celsius Files for Bankruptcy After Cash Crunch", Bloomberg
- "Troubled Crypto Lender Celsius Hires New Restructuring Lawyers", The Wall Street Journal
As with many of these attacks, it's not immediately clear if there was truly an outside party who gained unauthorized access, or if the "attack" was actually a rug pull or an inside job. The project tweeted on July 16 that they were "continu[ing] to investigate" and had hired outside security firms to try to help them identify the hacker and recoup lost funds.
One single wallet targeted by the phishing attack lost more than $6.5 million worth of Ether and Bitcoin, and another targeted by attackers lost around $1.68 million worth of those currencies.
Rival firm Nexo has said it is considering acquiring Vauld, though some have expressed skepticism that Nexo is in a position to afford such an acquisition.
The usage of the exchange by residents of sanctioned countries could draw the attention of US regulators. It's also the latest in several investigative reports by Reuters into Binance, in addition to a June report that the exchange facilitated $2.35 billion in illicit transfers from 2017–2021, and an April report that Binance supplied the Putin regime with information about crypto donors to opposition leader Alexei Navalny.
Bifrost wrote in their post-mortem analysis that because the attack was limited to the BTC address registration server, and the hack didn't exploit any smart contract or protocol vulnerabilities, a security audit performed by Theori "is still valid"—leading one to wonder why anyone should trust an "audited" platform if $2.25 million in assets can be stolen without invalidating an audit.
- "Post-mortem: BiFi-BTC illegal address registration", Bifrost blog
Hackers used NFTs from the popular Doodles collection as collateral to borrow wETH, then withdrew all but one of the NFTs, allowing them to perform a re-entrancy attack. The attacker then laundered the funds using the Tornado Cash cryptocurrency tumbler.
According to Omni, only funds belonging to the platform that were being used for testing were taken by the attacker.
- "Hacker drains $1.4 million worth of ETH from NFT lender Omni", The Block
- Exploiter wallet on Etherscan
Although they initially dodged naming the counterparty, CEO Mark Lamb eventually publicly stated that this counterparty was Roger "Bitcoin Jesus" Ver, who he said failed to meet a $47 million margin call. However, Ver publicly refuted this claim, stating that CoinFLEX in fact owed him money. Both parties went back and forth, each accusing the other of misrepresenting the situation.
On July 9, the company stated that they would be seeking arbitration to recover $84 million from Ver—an updated figure that they said factored in the "significant loss in liquidating his significant FLEX coin positions".
In late June, the exchange laid off 30% of staff and took other measures to cut costs. They later disclosed they were short $70 million, partly from exposure to the Terra ecosystem which collapsed in May.
- "Peter Thiel-Backed Crypto Lender Vauld Files for Protection Against Creditors", The Wall Street Journal