Although some users reported funds missing from their wallets, including one investor who reported that $16.3 million missing, Crypto.com announced that "All funds are safe". Over the next few days this was revealed to be untrue; as of January 20, the total estimated funds stolen from the platform had reached $30 million. Large amounts of stolen funds were quickly laundered through Tornado Cash, a popular crypto mixer.
Popular cryptocurrency wallet provider and trading platform Crypto.com briefly suspended trading after acknowledging there had been "unauthorized activity" in user accounts. The platform restored trading later that day after pushing an update to require their users to re-authenticate their sessions and reset two-factor authentication.
Enthusiasts rushed to buy NFTs from a project called NotASecretNFT after seeing NFT mega-whale Pranksy buy in, even though the OpenSea description was simply, "1000 secrets, endless lies... Farming $LIES starts 24 hours from mint." After funds were drained from the project, Pranksy tweeted, "Ok you may have seen me buy some NotASecretNFT's from opensea - it looks like this was a rug pull / scam, please do not buy anymore based on my purchases and revert any permissions you may have given". A note in the project's smart contract read, "Hello world, Nothing was intended to be obscured from you, you simply did not follow the clues." In a tweet thread, one buyer explained how he didn't research the project himself, but bought in after seeing an alert that Pranksy had bought NFTs. He ended the thread by writing, "Never buy into hypes and always #DYOR [do your own research]. Lesson learned once more!"
The value of the $BURG token associated with the CryptoBurgers game suddenly plummeted after being hacked shortly after launching earlier that day. The game allowed users to earn cryptocurrency by flipping burgers... yes, really. A bug in the smart contract allowed an attacker to use flash loan attacks to drain $BURG, netting them around $770,000 as of that evening. The CryptoBurgers team announced they would be contacting Binance to try to recover funds, and the team would be creating a new smart contract and token. Hope the next one goes better!
Somehow, SpiceDAO managed to raise €2.66 million (about $3 million) to buy the storyboard for Alejandro Jodorowsky's never-made Dune adaptation. In a celebratory tweet the group wrote, "We won the auction for €2.66M. Now our mission is to: 1. Make the book public (to the extent permitted by law) 2. Produce an original animated limited series inspired by the book and sell it to a streaming service 3. Support derivative projects from the community". They were quickly informed that buying the physical book did not somehow confer to them copyright or licensing rights (much like how buying an NFT does not automatically confer you the rights to the underlying artwork!). You'd think they might have checked that first.
Shortly after it was discovered that the images used for the NFT project "InvertedCulture" were nothing more than unauthorized flipped copies from a different NFT project, DNA Cultura, the creator deleted the project's Twitter account and transferred funds out of the project. Simultaneously, another project called "MadHashers" also deleted their Twitter account and drained funds. It didn't take long for people to realize that the money from both projects was going to the same account, suggesting that that the same person was behind both scams.
Eight people were arrested in China after being connected to a rug pull. One investor lost ¥590,000 ($90,000) he had poured into the token in June, when project owners took the website offline and pulled all of the money out. A total of ¥50 million (a bit below $7.9 million) was lost to the scam.
Lack of liquidity in the Uniswap V3 FLOAT/USDC oracle allowed an attacker to manipulate the prices within the pool, then deposit it at a much higher rate. The hacker pulled about 350 ETH (equivalent to $1.1 million) out of the pool, though according to PeckShield they later returned around $250,000 for some reason.
Troy Baker, the voice actor behind video game characters in The Last of Us, Far Cry, and various Batman games, announced he would be partnering with "voice NFT" company Voiceverse. Voiceverse is pretty vague as to what it's actually offering, but it has something to do "provid[ing] you an ownership to a unique voice in the Metaverse". Baker's announcement tweet ended, "You can hate. Or you can create. What'll it be?", which didn't seem to help with the already-negative reaction to the idea. Things were further soured when it was revealed that Voiceverse had stolen work without crediting it from a computer-generated voice project called 15.ai. Voiceverse subsequently apologized for the theft, and Baker acknowledged that his initial tweet "might have been a bit antagonistic".
fees.wtf, a platform allowing people to see how much money a given cryptocurrency wallet has spent in gas fees, decided it was time to release their own token, and promised to follow it up with NFTs. They tempted people with an initial airdrop, where people recruited their friends in exchange for more "WTF" tokens. However, with a small initial liquidity pool and trading bots quickly entering the fray, enormous volatility led to absolute chaos. Some traders who were unfamiliar with setting up tolerances for slippage found their orders executed for substantially less than expected, with one user trading 42 ETH ($135,000) for what ended up being less than 1¢ of WTF. Edward Ongweso Jr wrote for Vice, "Like so many other crypto projects, it was so poorly planned, capitalized, and executed, that it's almost indistinguishable from a scam."
Global Game Jam, an annual event where people collaborate to make video games, proudly plugged The Sandbox as their "primary headline sponsor" on Twitter. The Sandbox is a platform for selling game assets on the Ethereum blockchain. After swift backlash, GGJ deleted the tweet and deleted references to blockchains from The Sandbox's description in their sponsor list. Needless to say this didn't go unnoticed, appearing to many as an attempt to deceive their community. GGJ eventually apologized for this action, and dropped The Sandbox as a sponsor.