Steynberg has been ordered to pay a total of $3.4 billion — $1.7 billion in restitution and another $1.7 billion penalty. Steynberg was arrested in Brazil in December 2021 on an INTERPOL arrest warrant, where he has remained since pending extradition.
CFTC imposes record $3.4 billion fine on Bitcoin scammer
After finding that the South African businessman Cornelius Johannes Steynberg had run Mirror Trading International as a multi-level marketing scheme, in which he accepted 29,421 Bitcoin from at least 23,000 Americans, the CFTC has imposed a record fine. Those 29,421 BTC were priced at $1.7 billion in March 2021 — around the end of Steynberg's multi-year scam. Today they're priced at around $863 million, but unfortunately for Steynberg, the CFTC isn't using today's prices to calculate their penalties.
- "Federal Court Orders South African CEO to Pay Over $3.4 Billion for Forex Fraud", U.S. Commodity Futures Trading Commission
FBI raids home of FTX exec Ryan Salame
The FBI raided the home of Ryan Salame, the former co-CEO of FTX Digital Markets (FTX's Bahamian subsidiary). Salame was close with Sam Bankman-Fried, although it came out in bankruptcy proceedings that Salame had contacted Bahamian securities regulators during the FTX collapse to tip them off to the improper transfer of FTX client funds to Alameda Research.
Salame was also a major donor to Republican candidates in the 2022 midterm elections, splashing out around $24 million in campaign contributions. However, court filings suggest that much of the money donated to political and other causes by FTX executives may truly have been misappropriated customer funds.
Salame is, at the moment at least, not facing charges in connection to the FTX collapse. In July 2023, the Wall Street Journal reported that the search was likely a part of an investigation into Salame and his girlfriend Michelle Bond over possible campaign finance violations pertaining to Bond's 2022 congressional campaign, and was not related to FTX.
- "F.B.I. Searches Home of Top FTX Executive", The New York Times
- "Former FTX Executive Linked to Campaign-Finance Probe of New York GOP Race", The Wall Street Journal
Belgian crypto lender Bit4You suspends activities
The only Belgian crypto platform, the Bit4You crypto lender, announced they would be suspending activities after the CoinLoan crypto exchange was ordered to suspend activities after being declared insolvent.
"To date we have no indication that the virtual currencies held on behalf of our customers with CoinLoan will not be recovered," they wrote in their announcement. Reassuring!
AT&T customers suffer crypto wallet compromises reportedly totaling $15–$20 million
TechCrunch reported that attackers were able to gain access to AT&T email accounts which they then used to gain access to customers' cryptocurrency accounts. Various customers reported their accounts at exchanges including Coinbase and Gemini had been drained. One individual victim lost $134,000 from their Coinbase account.
An anonymous source corresponding with TechCrunch claims that the total amount of cryptocurrency stolen is somewhere between $15 million and $20 million. The tipster also claimed that the hackers have the ability to gain access to any AT&T account via the AT&T employee portal; AT&T has denied this and instead claimed that "the bad actors used an API access."
"Rogue developers" make off with $1.82 million from Merlin
The brand new Merlin DEX had only just launched on the zkSync Ethereum layer-2, with a public token sale beginning on April 25. The following day, they suddenly asked users to revoke permissions to the project, saying they believed there was an exploit. They later wrote: "it is with deepest regret that we have to notify you of a major fault in the structural integrity and controls of the Merlin Platform. In the early hours of this morning the several members of the Back-End Team drained all of our Contracts."
The Merlin DEX had been audited by the CertiK security firm, which stated it was working with the remaining team members to try to trace the thieves. Meanwhile, they wrote that they would be working to compensate affected users.
Some didn't seem to buy the story that the theft was carried out by a few rogue developers, accusing the entire Merlin project team of rug-pulling.
CoinLoan suspends withdrawals
The Estonian crypto exchange CoinLoan announced they were immediately suspending all operations, including withdrawals. The action came after CoinLoan was declared insolvent by an Estonian court, which mandated they suspend activities pending permission from the court.
Protos speculated that the suspension could be related to Vauld, an exchange that collapsed last July. Vauld is rumored to have tens of millions of assets on CoinLoan.
The same day as Vauld's collapse, CoinLoan implemented a withdrawal limit of $5,000/day.
- Notice of restraint on disposition , Ametlikud Teadaanded
- "Did Vauld drive CoinLoan into court-ordered liquidation?", Protos
- "CoinLoan halts all withdrawals, user services", CryptoSlate
Binance cancels Voyager acquisition
After surmounting various obstacles to acquire the assets of the bankrupt Voyager Digital crypto lending firm, Binance.US abruptly backed out of the $1.3 billion deal.
Binance cited "hostile and uncertain regulatory climate" as its reason for calling off the acquisition. A recent lawsuit from the CFTC against Binance and its CEO Changpeng "CZ" Zhao likely contributed to the cancellation, as it seems clear that Binance is being increasingly scrutinized by US regulatory and law enforcement bodies.
The acquisition had been supported by a massive majority of Voyager creditors, who were looking forward to recovering 73% of their assets trapped on the platform. Now that number is uncertain, but likely to be a good deal lower. Attorneys for Voyager estimated the recovery now would likely be between 40 and 65%.
Ordinals Finance rug pulls for at least $1 million
Ordinals Finance was a short-lived project, emerging in late February with promises to help build out a defi ecosystem on the Bitcoin blockchain.
On April 24, the project developer withdrew 256 million OFI tokens and swapped them to ETH worth around $1 million. They then laundered the funds through the Tornado Cash crypto mixer. The project creator deleted the project's Twitter account and took down its website.
"First BRC-20 wallet" UniSat launches, is immediately exploited
Over on the Bitcoin blockchain, people are abuzz over the launch of "BRC-20": a similar concept to the ERC-20 token on Ethereum that allows people to create their own tokens. The standard, which first emerged in early March, is built atop the controversial Ordinals inscription technique that was developed in January. Coins including $ORDI, $PEPE, and $MEME have been created on a blockchain that previously only supported the Bitcoin token.
Not everything has gone smoothly, though. As developers rushed to release wallets to support these new tokens, the UniSat wallet claimed to be the first. However, shortly after it launched, the developers made the Chrome extension inaccessible. They later revealed that the code had contained a vulnerability that exposed it to double-spend attacks. "Currently, we have preliminary investigation results, and out of all 383 transactions, 70 transactions have been identified as affected," they wrote.
It's not yet clear how much was stolen, but the UniSat team promised to compensate affected users. They later tweeted that they had determined the identity of the thief, though the funds have not yet been returned.
€1.5 million stolen in celeb-backed French NFT rug pull that promised to make a movie called Plush
Around 770 people were convinced to spend a combined almost €1.5 million (~$1.66 million) on NFTs of teddy bears, which sold for around €1,250 each (~$1,380). Buyers were told they would become "co-producers" of the Plush animated film, which would star Kev Adams and other French comedians as voice actors. Adams led the promotion of the NFT project, along with a mysterious figure called "Fabi". Other French celebrities and influencers were also involved in touting the project, and Bella Thorne and Amaury Nolasco were listed on the site as "US voices" for the project.
The NFT buyers — er, "co-producers" — were promised credit in the film credits, voting rights on the script, and a split of 80% of the profits. "Although there is nothing guaranteed, on average, you will make six to seven times what you put in 24 months. Which is huge, when you think, you go to the Caisse d'Epargne, a traditional bank, and you make less than 1% in the year," said one promotional video.
A report from French investigative newspaper Mediapart discovered that the project was backed by a Dubai-registered company called "Illuminart", which played on confusion between its name and that of the France-based Universal Studios subsidiary Illumination. An Illuminart marketing campaign even used Illumination titles, such as The Lorax, Minions, and Despicable Me, and their box office proceeds to suggest Plush buyers were in for a 516% profit.
Meanwhile, the project has gone silent, and its Twitter account last posted in September 2022. NFTs are no longer offered for sale on the official project website, and Illuminart's business license has expired.
- "Nounours et cryptomonnaies à Dubaï : le mauvais film de Kev Adams", Mediapart (in French)