eth.link service about to go offline because domain owner is in prison

August 25, 2022

eth.link service about to go offline because domain owner is in prison

Some people might be familiar with ENS, the "Ethereum Name Service", which seeks to be a web3 equivalent of DNS. If you've seen people with usernames ending in .eth, that's an ENS address. The problem is that .eth is not a functional top-level domain, and so many services relied on eth.link to surface these DNS records to other services.

However, the eth.link domain is only rented for a set period of time and needs to be renewed. ENS DAO tweeted that the domain's owner, Virgil Griffith, is "unavailable". By this, they mean that he is currently serving his first of five years in prison for helping North Korea evade sanctions. With Griffith "unavailable", the project has found itself at the mercy of GoDaddy. Welcome to the decentralized web3 we've all been promised!

Although GoDaddy previously allowed another person to renew the domain on Griffith's behalf, they reversed that decision, and now say they intend to allow the domain to expire on September 5.

The ENS DAO issued a series of tweets urging people to switch to a different service, given the risk that the domain could be snapped up. "If the name expires and is acquired by someone with ill intent, the damage they could do via phishing is substantial - so please update your links and alert your users of the issue immediately," they wrote.

August 24, 2022

The latest Pokémon-themed rug pull nets $708,000

(attribution)

It's not much compared to at least three separate crypto Pokémon ripoffs since February that have each taken millions, but apparently the love of Pokémon still drew people in to the tune of $708,000.

One might think the blatant rip-off of the Pokémon IP (which belongs to a notoriously litigious company) might have been a red flag, but nevertheless, people bought in to PokémonFi — a play-to-earn game that seems like a much worse version of the original thing.

The project and tokens first launched in April. After apparently running off with the money, the project deleted its Twitter account, though its website remained live.

Tweet by CertikAlert

August 24, 2022

Researcher zachxbt alleges that teenager who stole crypto worth $37 million in 2020 is responsible for a spate of crypto-related Twitter hacks

BirdPartner - The Secret Twitter Panel
Today, I will start to lease out access to my exclusive Twitter panel. This support hub allows you to request usernames, ban accounts, restore access to stolen/locked accounts, report instances of rule violations, and more.
Due to the extreme nature and power of the panel, access will be restricted to a limited amount of users at once. There are several packages; each becoming more discounted the bigger package you buy.

Post on SWAPD advertising access to Twitter panel (attribution)

In 2020, a Canadian teenager used SIM swapping to steal US$37 million in Bitcoin and Bitcoin Cash from a single person. Canadian police announced his arrest in November 2021 after he tried to buy a rare gaming username, also writing that they had seized around $5 million of the stolen funds.

Now, crypto investigator zachxbt thinks the same individual is indirectly responsible for a slew of compromised Twitter accounts that have then been used to promote crypto scams, including those of Beeple, DeeKay, and others. According to zachxbt, he has been selling access to a Twitter admin panel, which allows employee-level access to Twitter tools. This might explain how many of the accounts were compromised despite being protected by multi-factor authentication. According to zachxbt, "It's still unclear as to how Redman gained access to the panel to make elevated requests & reset passwords. As of now it appears the method stopped working".

Tweet thread by zachxbt

August 23, 2022

10% of Ethereum nodes at risk of being booted from cloud hosting provider

The virtual server provider Hetzner posted a clarification that using its service to mine Ethereum — either in its current form or in the promised proof-of-stake version — violates its terms of service and that the company has been "internally discussing how we can best address this issue".

16% of all hosting nodes (a category that makes up 62% of all nodes by network type) are hosted with Hetzner — 10% of all nodes. If 10% of all Ethereum nodes being supported by one company sounds awfully centralized to you, wait til you hear that 30% run on Amazon services.

August 23, 2022

SudoRare NFT exchange rug pulls for $820,000

(attribution)

Six hours after its launch, the team behind the new SudoRare NFT exchange took the money and ran, deleting the project website and social media. People had already warned about issues in the project contract that signaled it could be a scam, but those were either unseen or unheeded by the people who put a collective $820,000 of various tokens into the project.

At least one of the scammer wallets interacted with the Kraken crypto exchange, a U.S.-based exchange that requires KYC, so it's possible that Kraken could help identify the scammers — though they've not made any public moves to do so.

"NFT Exchange SudoRare Goes Dark After $820,000 Rug Pull", CryptoBriefing
"SudoRare Pulled the Rug for $820,000. How Will Kraken Respond?", CryptoBriefing

August 23, 2022

Group charged for stealing over $4 million in transaction reversal scheme

The U.S. Attorney's Office of the Southern District of New York announced charges against three men responsible for a scheme in which they stole millions from cryptocurrency exchanges and traditional banks. The group used stolen identities to buy cryptocurrency from various crypto exchanges, then convinced the banks that the fraudulent transactions were, well, fraudulent. The banks would refund the transactions to the thieves, who would then make off with both that and the cryptocurrency they had purchased.

The three men were charged with wire fraud, bank fraud, and identity theft charges, and face potential decades in prison if convicted.

"Three Members Of Miami Crew Charged With Defrauding Banks And Cryptocurrency Exchange Of More Than $4 Million", U.S. Attorney's Office of the Southern District of New York

August 22, 2022

Bank run leaves BendDAO with 5 ETH and a bunch of NFTs they can't sell

(attribution)

Honestly, who can blame BendDAO for failing to consider that the hype bubble around Bored Apes and other NFT projects might not last forever! "We underestimated how illiquid NFTs could be in a bear market when setting the initial parameters", the project wrote in a governance proposal.

BendDAO allows people to take out loans with their NFTs as collateral. However, if the floor price of those NFTs drops too far and the borrower doesn't pay back some of the loan to adjust its risk rating, other people can bid on the NFT.

The problem with this whole plan was revealed when lenders' confidence was shaken when it was reported that $5.3 million in Bored Apes were at risk of liquidation. Panicked users withdrew their assets from the platform, resulting in a bank run that drained the reserves to a low of 5 ETH (~$8,200). BendDAO had other assets, of course: the NFTs below the liquidation threshold. However, a lack of interested buyers willing to pay the minimum prices (95% of the collection floor price) left the project in a tough spot.

Since the extremely close brush with a liquidity crisis, the project has begun to consider a proposal that would reduce the threshold at which NFTs can be liquidated, reduce auction and liquidation protection periods, remove the 95% floor price bid requirement, and increase interest rates.

"Bank Run at NFT Lender BendDAO Prompts Attempt to Avert Another Liquidity Crisis", CoinDesk

August 20, 2022

OpenSea's stale listing issue burns another collector

An illustration of a white penguin wearing a bow tie and gold crown on a light blue background

Pudgy Penguin #2951 (attribution)

The same issue that led to OpenSea paying out $1.8 million to users who lost their NFTs is apparently still alive and well (despite OpenSea's introduction of an "Inactive listings" panel). Users who have listed NFTs for sale and never removed the listing have occasionally been surprised in a very bad way when their NFT suddenly sells for an old price — sometimes much different than the going prices for those NFTs.

In this case, a person successfully sold their Pudgy Penguin NFT for 8.69 ETH a year ago ($27,500 at the time of sale). Those particular NFTs have been having a comeback lately, and so the collector bought the same NFT back — this time for 20 ETH ($31,500 at the time of sale). However, an old listing from their previous ownership was still active, and someone was able to snap up the NFT from them for only 9.89 ETH ($15,600) within minutes.

The collector's near-instantaneous $20,000 loss has a happy ending for them, though — the person who bought the NFT was willing to reverse the trade.

August 20, 2022

Someone buys a Bored Ape, gets scammed out of it two hours later

An illustration of an ape with black fur, sticking out its tongue, wearing a tuxedo t-shirt and a gold stud earring

Bored Ape #887 (attribution)

In what might be a new record, someone bought a Bored Ape NFT for 70.69 ETH (~$116,000) and had it stolen from them less than two hours later. The scammer quickly flipped the NFT for 61.6969 ETH (~$101,000), then bridged the funds through RenBridge to cover their tracks.

August 19, 2022

Hodlnaut seems to have lied about their Terra exposure

(attribution)

When Terra was collapsing in May, concerned users of the Hodlnaut lending platform asked whether the firm was exposed. CEO JT wrote on Twitter, "Hodlnaut as a firm did not take any losses on UST, users who held/bought UST on our platform did". Their social media manager wrote, "[Holdnaut] had 0 company exposure to [Anchor Protocol]", referring to the Terra-based lending protocol.

However, documents from the legal proceedings surrounding the now-underwater firm revealed that Hodlnaut had 317 million UST, which it liquidated at a loss when the previously dollar-pegged UST hit $0.85. In the filing, they wrote, "Due to the market's lack of liquidity, the average exit price of UST to USDC was around 42 cents on the dollar, resulting in realized losses to Hodlnaut Trading Ltd of about USD 189.7M. As a result, Hodlnaut's total debt to depositors of USD 500M became backed by realisable assets of around USD 315M as of 13 May 2022 due to the de-pegging event."

"Hodlnaut Cuts Staff as Terra Exposure Is Revealed", Crypto Briefing
Tweet by FatMan

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.