Fake NFTs listed under verified collections on Magic Eden marketplace

A simplistic drawing of a girl holding a broom with a carrot at the end of it. She has blue skin and there is a bird next to her.ABC #2157 (attribution)
Magic Eden, as with many NFT marketplaces, has a verification layer that shows popular projects as "verified" to reduce the chances of people being tricked by NFTs with the same images and names that are not a part of the official collection. However, someone was able to list NFTs they had arbitrarily created on the Magic Eden marketplace in such a way that they appeared as though they were a part of a verified collection of "ABCs" NFTs. The issue also affected a handful of other collections, including the popular "y00ts" collection.

Magic Eden acknowledged the issue in a tweet, asking users to contact their support if they had bought any of the fake NFTs. Various users on Twitter had reported buying the spoofed NFTs, paying 20–50 SOL ($266–$666) for fake NFTs that appeared as though they were a part of a verified collection that usually sold for around 165 SOL ($2,200).

Clicking in to the NFT details showed that they were a part of a different collection that was not verified, but they appeared in listings among the verified NFTs, and were in some cases quickly purchased by collectors who thought they were taking advantage of a seller's mistake in listing the NFT.

Crypto payments platform Wyre to shut down or "scale back"

Crypto payments platform Wyre inked a deal to be acquired by Bolt in a $1.5 billion deal in April 2022, but the acquisition was canceled in September after the two firms "mutually agreed to continue their partnership as independent businesses". However, Wyre only made it a few more months before CEO Ioannis Giannaros abruptly emailed employees on December 30 to inform them that he would be liquidating the company, terminating services, and that nearly all employees would be let go.

Giannaros told Axios that the company was "still operating but will be scaling back".

Hackers steal $3.2 million from GMX whale

A chart of the GMX price over a one day period on January 3, 2023. Around 3pm there is a sudden drop from around $41.50 to just above $38, which then rebounds to around $40 fairly quickly before drifting back up towards $41.50.GMX/USD on January 3 (attribution)
An apparent wallet compromise netted hackers 82,519 GMX tokens from a wallet belonging to a GMX whale. The hackers exchanged these tokens for 2,627 ETH ($3.18 million), then swapped the assets cross-chain.

The sudden sale of such a large number GMX tokens (which are comparatively illiquid compared to much larger cryptocurrencies like Ethereum) caused the price to suddenly drop from ~$41.50 to ~$38 per token, though the token price recovered fairly quickly. GMX is the native token for the defi exchange of the same name.

Users of several NFT marketplaces see porn, Big Bang Theory stills appearing instead of their NFT images

A grid of Goonie NFTs from the RetroGoons project. Most are illustrations of monkey figures, but one has been replaced with a photograph of a nude woman.A collection on Magic Eden during the compromise (attribution)
Users of NFT marketplaces and explorer applications including Magic Eden, NFT Explorer, and Rand Gallery were briefly shown pornographic images and still frames from the Big Bang Theory television show instead of the expected NFT images after someone compromised a third-party image caching service. The affected NFTs used images stored on the decentralized storage system IPFS, and the NFTs themselves were not impacted. However, a third-party caching service used by the NFT platforms caused in some cases very unexpected images to display instead.

"What the fuck is happening, why my 5 years old kid watching porn JPEGs on [Magic Eden's] website" tweeted one shocked user.

The issue was resolved fairly quickly, although some visitors continued to see the unsavory images for a while longer due to browser caching.

Streamer and crypto founder DNP3 admits to gambling with investor funds

DNP3 is a streamer known for giving away large sums of money to other streamers. He is also a crypto founder behind projects including CluCoin, the Xenia play-to-earn game, the Gridcraft play-to-earn game platform, and the Goobers NFT project.

On January 3, he released a statement on Twitter explaining that he had become addicted to gambling over the past year — specifically mentioning his use of the Stake cryptocurrency casino. He wrote, "Every dollar I could find I would put into Stake in hopes of winning big. Even when the big wins did happen it wasn’t enough. Eventually I lost everything. In addition to my own life savings, I also irresponsibly used investor funds to try and 'get my money back' from the casino which was wrong for so many reasons."

The impact on the projects he created — and those who put money into them — is not yet fully clear.

Hacker drains the wallet of the RTFKT crypto project's COO

A silver robot wearing a pink octopus as a hat, and with light pink wings and rainbow-colored pointy teethCloneX #17088, which the hacker flipped for almost $14,000 (attribution)
An attacker drained the wallet of Nikhil Gopalani, the COO of the Nike-owned crypto organization RTFKT. Most of the stolen NFTs were RTFKT NFTs, and the priciest were the nineteen CloneX NFTs that the thief flipped for between $5,850 and $13,960 each, for a total of 112.3 ETH ($136,000). Gopalani's wallet was also relieved of nineteen RTFKT Animus Eggs (priced at a cumulative ~$20,000 based on floor price) and eleven RTFKT x Nike Dunk Genesis CRYPTOKICKS NFTs (priced at a cumulative $3,300).

Gopalani tweeted that "I was hacked by a clever Phisher (same phone # as apple ID) & sold all my clone x / some other nfts... Obviously pretty upset and hurt by this and I havent really been able to move all day." He didn't provide further details, but a tweet by RTFKT CTO Samuel Cardillo suggested that Gopalani may have provided passwords or private keys to a phisher.

Gemini founder writes open letter to Barry Silbert begging for the return of $900 million

Tyler and Cameron Winklevoss, both wearing Gemini t-shirtsTyler and Cameron Winklevoss, Gemini founders (attribution)
On November 16, Genesis halted withdrawals from its lending service shortly after the FTX collapse. Gemini, who partners with Genesis lending to power their Earn program, halted withdrawals hours later. On December 3, the FT revealed that Genesis owes Gemini's customers $900 million.

On January 2, Cameron Winklevoss — one of the twin brothers who operates Gemini — published an open letter on Twitter to Barry Silbert, the founder and CEO of DCG, which is the parent company of Genesis. DCG also has a substantial amount of money that they have borrowed from Genesis.

"More than 340,000 Earn users ... are looking for answers. These users aren't just numbers on a spreadsheet, they are real people. A single mom who lent her son's education money to you. A father who lent his son's bar mitzvah money to you. A husband and wife who lent their life savings to you. A school teacher who lent his children's college funds to you. A policeman, and so many more. All together, these people entrusted more than $900 million of their assets to you," wrote Winklevoss, without any apparent self-reflection on the fact that these words could just as easily have been (and should also be) addressed to him by those same customers of his service.

Bitcoin core developer claims his wallets were compromised, more than 216 BTC (~$3.6 million) stolen

One of the original Bitcoin core developers, Luke Dashjr, claimed on Twitter that attackers had managed to compromise multiple wallets — which he described as both hot and cold wallets — to steal all of his Bitcoins. Dashjr originally blamed the attack on a PGP key compromise, but later said the PGP compromise was only a part of a much broader hack where attackers also bypassed two-factor authentication and got access to what he had believed to be a cold wallet.

Dashjr complained on Twitter about having trouble getting in contact with the FBI about the theft. Some joked about the irony of a Bitcoin maximalist running to the FBI when his coins were stolen.

There are some questions about the veracity of Dashjr's claims, given his supposed security practices, the extent of the breach, and some of his odd comments on Twitter.

Swiss crypto broker Covario goes bust

Just before the holidays, employees of the Covario crypto broker based in Zug, Switzerland learned that their employer was no longer solvent. Attempts to secure a buyout had been unsuccessful, and the company is entering bankruptcy.

The firm had attempted to keep up appearances that all was well, spending lavishly and even opening new offices several weeks before entering bankruptcy. However, it turns out that employee pension contributions had not been being paid since early summer. Employee salaries had not been paid since October.

Tax loss harvesting service emerges to help collectors unload their worthless NFTs

If you bought an NFT for $1,000 and it's now worthless, you still have to find someone willing to buy it before you can claim it as a loss on your taxes. A project called "Unsellable" has emerged to fill that need—buying worthless NFTs for $0.01 (for a small fee) so that people can claim the losses.

"This tool really helped me unload those embarrassing early NFT Hype investments. Should shave about $1000 off my tax bill", a supposed user writes in a testimonial blurb on the site (although the testimonials appear to be faked).

Perhaps someone has finally found a viable crypto business model after all.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.