Prior to these attacks, FEG had earned some notoriety from a May 2021 Vanity Fair article outlining an alleged pump-and-dump scheme, titled "Inside the Rise and Fall (and Rise and Fall) of Shit Coins". Despite the bad press, much of the FEG community maintained that the article was a smear and nothing more than an attempt by the author to create FUD. "You could literally take every token and this would apply to everyone..." wrote a moderator of the official FEG subreddit.
Flash loan attacks on "Feed Every Gorilla" token take $1.9 million
A flash loan attack on the "Feed Every Gorilla" (FEG) token swap contracts pulled $1.3 million from the project, also tanking the token price by 80%. The project operates on both the Ethereum and BSC chains, and the attacker was able to use the exploit against the contracts on both networks. Shortly after the first attack, FEG was hit with a second flash loan attack that drained another $590,000 from the project.
People continue to wait for a public accounting of what happened to Terra's $3.5 billion in Bitcoin reserves
Now that the dust is settling somewhat from the dramatic collapse of Terra, people are beginning to wonder when they'll hear more about what exactly happened to the 80,394 Bitcoin (priced at $3.5 billion at time of purchase; priced closer to $2.5 billion at the time of writing this entry) that previously belonged to Luna Foundation Guard (LFG). The project had previously purchased the assets to hold as reserves, and as UST began to lose its peg, LFG announced they would use those reserves to buy UST to help maintain the peg. Over the next few days, the reserves were emptied, but after they were moved to the Gemini exchange they became impossible to trace further. Although transactions are usually quite traceable on the blockchain, when funds are moved to services like the Gemini exchange, they become impossible to trace using public data because of how exchanges pool funds and transactions internally.
Terraform Labs CEO Do Kwon tweeted on May 13 that "We are currently working on documenting the use of the LFG BTC reserves during the depegging event. Please be patient with us as our teams are juggling multiple tasks at the same time." It's not clear when this documentation will be released. Binance CEO Changpeng Zhao joined the group of people asking about the BTC reserves, tweeting, "I would like to see more transparency from them. Much more! Including specific on-chain transactions (txids) of all the funds. Relying on 3rd party analysis is not sufficient or accurate."
Blockchain insurance company InsurAce shortens their claims window for Terra holders to just a week
InsurAce is a defi insurance provider (oh yes, they exist) that allows people to buy insurance against events including smart contract vulnerabilities and stablecoin depegs. Following the Terra collapse, InsurAce suddenly announced that its customers who held Terra had only a week to file claims, and that "Late submission [sic] will be rejected without further appeal".
Altogether, InsurAce says they paid out about $11 million to around 173 claimants as a result of the depeg. Evidently there were 61 others who did not submit their claims within the deadline.
SpiritSwap is the latest victim of a domain hijacking attack
In what is beginning to become a pattern, SpiritSwap was the latest project where attackers gained control of their domain and were able to modify the frontend to divert funds to a wallet under their own control. SpiritSwap tweeted that the "the hacker has managed to exploit Godaddy" (unlikely — it was more likely a case of stolen credentials) and swap out the recipient address.
The hacker only managed to exfiltrate around $18,000 before being discovered, and SpiritSwap shut down their swapping through their router to prevent the attack from continuing.
MM.Finance suffered a similar attack earlier in the month, losing $2 million after an attacker gained control of the domain and swapped in their own address to siphon funds.
Phishing attack targets users of sites including Etherscan and CoinGecko
Popular cryptocurrency websites including Etherscan, CoinGecko, and DeFi Pulse were showing users a pop-up prompting them to connect their MetaMask wallets. CoinGecko founder Bobby Ong stated that he believed the culprit was a malicious advertising script from a crypto ad network called Coinzilla. The advertisement appeared to be from a site mimicking the popular Bored Apes Yacht Club NFT project, which was taken down after the scam was discovered. It's as yet unclear how many users accepted the prompt, or what malicious actions (if any) were taken.
Crypto.com reverses some Luna trades, offers $10 consolation prize
One of the features of crypto that its proponents sometimes highlight is that transactions can't be reversed. This, of course, is not true when making trades on exchanges like Crypto.com, who can largely do whatever they want with the wallets they maintain and the coins they keep track of on users' behalf.
On May 13, the company announced it would be reversing transactions made during an hour-long period on May 12 when "users who traded LUNA were quoted an incorrect price". Some users were able to profit off the discrepancy, but later were told that their transactions were being reversed. Crypto.com offered $10 in CRO, their cryptocurrency token, "for the inconvenience caused". Crypto.com halted Luna trading after discovering the issue, and it remains halted as of May 13.
The issue sounds quite similar to issues that affected various defi projects around the same time. Several projects who failed to account for unexpected Luna price data coming from blockchain oracles including Chainlink suffered major attacks.
- "LUNA Trading Incident on Crypto.com App", Crypto.com
Unexpected oracle data in the wake of Terra blockchain halt enables multiple attacks on other platforms
Earlier today, Terra halted their blockchain after a devastating few days. Subsequently, Chainlink's oracle paused the price feed, causing it to fall out of sync with the apparent market price of the token. This enabled multiple attacks on various platforms.
$13.5 million was fraudulently borrowed from the Venus protocol on BSC. Blizz Finance on Avalanche reported their protocol had been entirely drained, amounting to around $8.3 million. Blizz subsequently announced in a post-mortem that "Blizz has no treasury or development fund and a significant portion of the stolen assets belonged to our team. As such we regret to announce the protocol has been paused and we do not intend to resume operations."
FBI charges EminiFX CEO with fraud
Eddy Alexandre, CEO of the cryptocurrency and forex trading platform EminiFX, was charged by the FBI with fraud for his role in what he described to investors as a crypto investment scheme. Promising to double investors' money in five months with his secret robo-investing software and team of "experienced traders", in reality Alexandre pocketed most of the money. He spent $15 million of the money on his own expenses, including luxury vehicles. The small portion of funds he did invest ended up losing money.
Alexandre was sentenced to nine years in prison on July 18, 2023 and ordered to pay $249 million in forfeiture and $214 million in restitution.
Terra blockchain is halted after token crash increases threat of governance attacks
After $LUNA dropped below $0.01, Terra announced that they halted the Terra blockchain. "Terra validators have decided to halt the Terra chain to prevent governance attacks following severe $LUNA inflation and a significantly reduced cost of attack", they wrote on Twitter. This means that no transactions can continue on the Terra chain, and that holders of any tokens based on that chain (including the TerraUSD stablecoin or LUNA) can't do anything with those tokens.
Terra only announced this after halting the network, giving their users no opportunity to try to withdraw funds. They have made no announcement about whether or when they intend to bring the network back online, although it seems safe to assume that the enormous loss of confidence in Terra would make any restart short-lived.
Tether loses peg, drops below $0.95
Tether, the largest stablecoin, had a major wobble. Pegged to the U.S. dollar and widely used throughout the cryptocurrency ecosystem, even a fractional cent deviation from its peg can have enormous ramifications. Tether spent six hours below $0.99 — at one point slipping down to $0.95 — in the most significant deviation from its peg in recent history. The dip was widely connected to the recent and even more dramatic de-peg of the previously third-largest stablecoin, TerraUSD, as well as the general crypto market crash.
Tether began to recover somewhat as the day progressed, gradually returning to above $0.99. However, the de-peg has clearly shaken the cryptocurrency ecosystem. The heavy reliance on Tether means that a substantial or protracted loss of its peg would be devastating, and the open secret that Tether does not have the backing assets it once claimed has intensified fears about a possible run on Tether.