It appears that the thief got access to a Duelbits wallet, perhaps through a private key compromise.
Duelbits crypto casino exploited for $4.6 million
The Duelbits crypto casino and sports betting website was drained of around $4.6 million on both the Ethereum and BNB Chain blockchains. The funds were quickly bridged or exchanged to ETH.
Yuga Labs bungles "free" Otherside NFT drop
Some fans of Yuga Labs (the company behind Bored Apes and the much-anticipated Otherside metaverse gaming project) are questioning how much progress the company can really have made on the as-yet-unreleased flagship Otherside gaming project, if they managed to screw up an NFT design this badly.
Yuga released a new NFT, intending to function as ship parts that could be combined to create a ship to be used in the game. Players who had completed an Otherside minigame would be eligible to mint these NFTs for free. However, the "free" NFT cost around $30 in gas fees to mint. Worse still, the parts were meant to be repeatedly traded and combined to make new parts and ships, leading fans to wonder why on earth they decided to release the project on a blockchain where each transaction often costs tens of dollars.
Apparently realizing they'd made a mistake, Yuga first responded by announcing they would gift people free "Catalyst" NFTs to make it up to them. This only sparked further rage, though, as it was seen to dilute the value of the Catalyst NFTs and throw off incentives.
Yuga later reversed course on this decision, instead deciding to reimburse the gas fees.
This was not Yuga Labs' first gas-related fiasco, after they caused gas fees to spike into the thousands of dollars across the entire Ethereum network in April 2022 during the initial Otherside land sale.
One observer wrote, "[W]hat's the plan for the marketplace in Otherside that is supposed to support millions of daily microtransaction? I'm afraid this means Otherside is much less developed than we would like to hope. These decisions are entry level mistakes, not mistakes we should see from the biggest company in the space developing a metaverse. If the Otherside mint wasn't an eye opener, then this wont be either."
PlayDapp crypto gaming platform exploited, spurring misleading headlines
The South Korean blockchain gaming platform PlayDapp was hacked on February 9, and an attacker minted 200 million $PLA tokens. These were notionally priced at around $36.5 million, although because only 577 million $PLA were in circulation before the unauthorized mint, there would not have been sufficient liquidity for the attacker to sell them at around that price.
Days after the initial attack, on February 12, the attacker minted another 1.59 billion $PLA. This has led to news reports that the platform was exploited for "$290 million". However, this value is being naively calculated based on the token price without taking into account the massive supply inflation, and ignoring that that dollar figure is more than 2.5x the total claimed market cap of the token. Even reputable outlets like Bleeping Computer have printed the figure in their headline (though Bleeping Computer later changed the headline to a more accurate one).
PlayDapp sent on-chain messages to the attacker, offering a bounty, but the offer was ignored.
Solana goes down for five hours
They were doing so well! After suffering a slew of outages during 2022, Solana had seemed to get their act together in 2023 with only one major outage. Now, however, Solana has gone offline again for five hours.
With blockchains promising to become "world computers" upon which anyone can create projects ranging from mere toys to critical infrastructure, uptime is crucial, and a five-hour-long outage is devastating.
SIM swappers charged over hacks, reportedly including FTX
Three people running a SIM swapping operation have been charged with fraud and identity theft. By gaining access to the personal information of their victims and then convincing cell phone providers to "swap" victims' phone numbers to phones they controlled, they were then able to gain access to various accounts controlled by their victims.
Although the indictment does not name FTX, Bloomberg has reported that "victim company-1" named in the court filings was FTX, which was hacked for around $400 million amid the chaos as the company was collapsing.
Crypto exchange created by Three Arrows Capital founders to shut down
Who can believe this. OPNX, the crypto derivatives exchange created by the people who ran and then blew up the Three Arrows Capital hedge fund, will be shutting down. The exchange was originally announced in January 2023, with a tentative name of "GTX" — "because G comes after F", they said. It was created as an evolution of the CoinFLEX exchange, which had become insolvent and halted withdrawals in June 2022. Much of the exchange's focus was on allowing creditors of bankrupt cryptocurrency projects to trade their claims — including claims on Three Arrows Capital.
Now, as Su Zhu emerges from several months in jail, he, Kyle Davies, and the other executives of OPNX are shutting down the project. Traders have a week to settle their positions, and another week before the platform closes entirely.
Both Zhu and Davies are, of course, trying to promote a new crypto derivatives trading project.
More than $58 million stolen in Twitter phishing schemes in January
Scam Sniffer's January 2024 report describes more than 40,000 victims who collectively lost more than $58 million thanks to various phishing schemes on the Twitter platform.
The top seven victims collectively lost $17 million, with the top victim alone losing $4.7 million.
$112.5 million in XRP stolen from Ripple CEO Chris Larsen
Blockchain sleuth zachxbt noticed the strange movement of around 213 million XRP, the native token for the Ripple project. These tokens were priced at around $112.5 million at the time of the theft. He originally identified the source of funds as Ripple itself, though Ripple CEO Chris Larsen later went on Twitter to claim that the funds that were stolen had come from his personal wallets and not from wallets belonging to the Ripple project.
Larsen attempted to downplay the massive theft, claiming repeatedly that the theft did not represent a threat to Ripple itself, and trying to reassure people that Ripple wallets are still safe. However, fears over a threat to Ripple itself and the true separation between Larsen's wallets and those belonging to the Ripple project continued, and XRP dipped around 5% on the news.
Abracadabra exploited for almost $6.5 million, Magic Internet Money stablecoin depegs
Well that sure is a headline I just had to write.
The Magic Internet Money ($MIM) stablecoin has lost its dollar peg again, dipping all the way below $0.77 in a flash crash before returning to around $0.95.
The depeg appears to be related to an exploit of the Abracadabra lending protocol, which allows people to borrow $MIM. An attacker exploited an apparent flaw in the platform's smart contracts to drain around $6.5 million.
This is the second time the token has depegged, after a June 2022 incident shortly after the Terra collapse.
HyperVerse founder Sam Lee charged
US Attorneys in Maryland and the US Securities and Exchange Commission filed criminal and civil lawsuits, respectively, against Sam Lee, the co-founder of the HyperVerse cryptocurrency investment scheme, which has defrauded victims of between $1.3 billion and $1.9 billion depending on whose estimate you use. The US Attorneys have accused Lee of securities fraud and wire fraud. The SEC has accused Lee and a major HyperVerse promoter, Brenda Indah Chunga (aka "Bitcoin Beautee"), of securities fraud and offering unregistered securities.
This is the second HyperVerse related criminal charge in recent days, following the arrest of promoter "Bitcoin Rodney".