The trader ended up with a worthless counterfeit and a measly 0.5 ETH for his pricey NFT. The scammer quickly flipped the real Mutant for 13.5 ETH, making a tidy $17,500 profit.
A whale was able to take advantage of this "feature" by taking large positions in AVAX, the token belonging to the Avalanche blockchain, which has relatively low liquidity compared to larger tokens like Bitcoin or Ether. The whale then manipulated the price by making large trades on a centralized exchange, taking an estimated profit of between $400,000 and $450,000 after fees.
Some had publicly expressed concerns about the possibility of such an exploit earlier in September: Taureau, a founder of another decentralized exchange, had outlined the possibility of an exploit like this on a podcast episode on September 1.
GMX responded to the incident by capping the size of positions that users can take on AVAX. Another project, MM.Finance, announced they would be pausing order execution on their MadMex platform, which is a fork of GMX.
Binance distributed around 4.8 million HNT before discovering and patching the bug, valued at around $19 million.
Hours after Ethereum transition to proof-of-stake, SEC Chair says PoS crypto could be classed as securities
Later that day, SEC Chairman Gary Gensler pointed to the staking mechanism as a signal that an asset might be a security as determined by the Howey test.
There has been much discussion over whether cryptocurrencies in general or individually should be considered securities, commodities, or possibly even something else. Broadly, people within the crypto community don't want to see the assets fall under SEC jurisdiction, as the SEC is seen as much less friendly to the industry than the CFTC.
- "Ether’s New ‘Staking’ Model Could Draw SEC Attention", The Wall Street Journal
0xdeadbeef52aa79d383fd61266eaa68609b39038e(beginning with deadbeef), or one with lots of 0s at the end, or some other address the user thinks looks cool.
However, because of the way the Profanity tool generated addresses, researchers discovered that it was fairly easy to reverse the brute force method used to find the keys, allowing hackers to discover the private key for a wallet created with this method.
Attackers have already been exploiting the vulnerability, with one emptying $3.3 million from various vanity addresses. 1inch wrote in their blog post that "It's not a simple task, but at this point it looks like tens of millions of dollars in cryptocurrency could be stolen, if not hundreds of millions."
The maintainer of the Profanity tool removed the code from Github as a result of the vulnerability. Someone had raised a concern about the potential for such an exploit in January, but it had gone unaddressed as the tool was not being actively maintained.
Now, he's just announced that Coinbase will be "integrating our crypto policy efforts right into our app" by providing a rating of Congressmembers' negative or positive "crypto sentiment". He also said that they plan to "help pro-crypto candidates solicit donations from the crypto community (in crypto)", and wish to get their users to attend town hall events. "We've also added a very easy way for you to contact your member of Congress to urge them to support pro-crypto policies," Armstrong said in a video demonstrating the feature.
Most of the tweets say something like "To celebrate the Merge, Ethereum Foundation giving away 50,000 ETH!", and link out to various websites that invite people to send some amount of Ethereum with the promise that they'll receive twice as much in return — a classic double-your-money scam.
At least 36 verified Twitter accounts were compromised and used for the scam, including the 6 million-follower Cityarabia account that normally tweets for Arabic-speaking fans of the Manchester City football club. On the afternoon and evening of September 14 alone, at least 195 ETH (~$314,000) was drawn in by the accounts and scam websites I found.
Kwon and the others named in the warrant are currently in Singapore. In June, Korea banned current and former Terraform Labs employees from leaving the country, and in July Korean authorities raided multiple exchanges in connection to their investigation.
Despite that, Starbucks has apparently decided that what its rewards program really needs are "digital collectible stamps", a euphemism for NFTs that somehow makes them sound even less appealing.
These NFTs promise to provide their holders with "immersive coffee experiences", which sounds an awful lot like what cost McDonald's a few million in the mid-nineties.
Unfortunately for Starbucks, between the time they came up with the idea, announced it at their town hall, and are now inviting people to sign up to the waitlist, the NFT craze has died down considerably. Even at the peak of NFT mania, though, I'm not sure if people would have been lining up to buy "digital collectible stamps" that allow them to "claim an ownership stake in their loyalty to Starbucks" (what??)
Well, despite being pretty bullheaded about their stance on NFTs and web3, even Ubisoft is now backing away from it all. In April, only a few months after launch, Ubisoft announced that there would be no more NFTs for the Ghost Recon Breakpoint title. Now, the CEO is putting a different spin on the company's once determination to introduce NFTs: "we are still in research mode" when it comes to web3 technologies, he said. "We probably were not good at saying we are researching. We should have said we were working on it, and when we have something that gives you a real benefit, we'll bring it to you." I imagine that might come as a shock to the handful of people who actually bought the Ghost Recon Breakpoint NFTs, given they were promised "real benefit" back in December and are now left with useless collectibles.