The group announced that they were working with "the FBI, the Department of Homeland Security, our regulators and Chainalysis" to investigate the attack. The group had previously earned SOC 2 certification for its cybersecurity controls.
FPG halts withdrawals after $15–20 million hack
Texas securities regulator alleges in cease-and-desist that Abra crypto lender has been insolvent for months
According to the complaint, although Abra claimed it stored customer funds with the Fireblocks crypto custodian, they had actually been "secretly transferring assets" to Binance.
The regulator also alleged that Abra had around $30 million in assets with Babel Finance, $30 million with Genesis, and $10 million with Three Arrows Capital — three companies in various stages of liquidation or bankruptcy. They also have $8.8 million with Auros, a firm that was in liquidation but has since exited the process.
Delio crypto lender suspends withdrawals
Delio, like Haru, advertised yields of more than 10%.
- "출금 중지 조치 안내", Delio (in Korean)
- "Two Crypto Platforms Halt Withdrawals in an Echo of the Sector’s 2022 Woes", Bloomberg
Banq goes banqrupt
In the bankruptcy filings, Banq alleges that $17.5 million in assets were stolen by former officers, described in the listing as "computers, trade secrets, proprietary information and technology, business records, etc." The transfer allegedly was made to Fortress NFT Group, a rival company founded by the former CEO, CTO, and CPO. A lawsuit from Banq filed against Fortress and the executives in May 2022 alleges that the executives "stole not only Banq's technology, but also significant other value of Banq's, and used the purloined property to launch Defendants Fortress NFT and Planet NFT using Banq's assets, employees, trade secrets and proprietary technology, claiming all of it to be their own." They also claim that the defendants deleted files and engaged in other fraudulent activity to try to cover up the theft.
Haru Invest suspends withdrawals
The following day, the company named the partner as B&S Holdings (formerly Aventus), and announced that they were taking legal action against the company for filing falsified management reports.
Haru Invest advertised APR in the double digits.
On June 22, Haru laid off 100 employees. Haru explained in a blog post: "after much consideration, it comes with a heavy heart to inform you that we will be minimizing the operations of Haru Invest and its affiliated companies to prevent further damages that are likely to be incurred". Haru's CEO told local media that Haru's offices were empty because employees were working from home for their own safety. After Haru halted withdrawals, they closed their office, and CoinDesk reported that "all company officials disappeared".
BNB Chain team prepares to step in to prevent massive Venus Protocol liquidation
The recent SEC lawsuit against Binance has caused the BNB token to plummet almost 25%, from $305 to ~$230. This puts the hacker's position dangerously close to the liquidation threshold of $220, which could cause substantial impact on the market via cascading liquidations.
In November, BNB Chain passed a governance proposal giving the BNB Chain core team the ability to liquidate the position if it approached the liquidation threshold, meaning they could repay the debt in a more controlled manner that wouldn't dump hundreds of thousands of BNB onto the market all at once.
On June 12 the Venus team tweeted a reminder: "BNBChain core team is ready to take over the $BNB position on Venus as planned if the BNB price hits the liquidation threshold. The liquidator address has prepared $30M already to refund the account loans with more to come if needed. No BNB will be dumped into the market and no shortfall is expected on Venus."
This is not the only bad debt on the Venus platform, which has been described as "opaque" by Protos and has been accused of trying to hide some of its liabilities.
Abandoned Atlantis Loans project exploited for $1.1 million
Evidently, few people continued to pay much attention to the project, because an exploiter was able to come along and perform a governance attack targeting the users who still had active smart contract approvals with the defunct project. They published and voted on a proposal to allow them to upgrade the smart contract in such a way that they could then take advantage of the approvals to transfer the tokens to their own wallet address. Ultimately they made off with around assets notionally worth around $1.1 million.
Sturdy Finance exploited for $775,000
Roughly an hour after the attack, the project tweeted that they were aware of the attack, and had paused all markets. On June 19 the project sent a message to the attacker, pleading with them to return the funds and threatening: "There are criminal organizations following the same evidence trails we are. This isn't going away until you return funds. We are your best option out of this."
Minting of TrueUSD stablecoin through Prime Trust halted; TUSD deviates from peg
The decision may have been related to insolvency rumors surrounding Prime Trust, a US-based fintech company. On June 8, BitGo announced a non-binding letter of intent to acquire Prime Trust.
After the announcement, the TUSD stablecoin dipped as low as $0.9951. This is a seemingly small deviation from the $1 peg, but in the stablecoin world, such small variances can be serious.
- "TrueUSD stops minting via Prime Trust, loses dollar peg", CoinTelegraph