Gopalani tweeted that "I was hacked by a clever Phisher (same phone # as apple ID) & sold all my clone x / some other nfts... Obviously pretty upset and hurt by this and I havent really been able to move all day." He didn't provide further details, but a tweet by RTFKT CTO Samuel Cardillo suggested that Gopalani may have provided passwords or private keys to a phisher.
Hacker drains the wallet of the RTFKT crypto project's COO
An attacker drained the wallet of Nikhil Gopalani, the COO of the Nike-owned crypto organization RTFKT. Most of the stolen NFTs were RTFKT NFTs, and the priciest were the nineteen CloneX NFTs that the thief flipped for between $5,850 and $13,960 each, for a total of 112.3 ETH ($136,000). Gopalani's wallet was also relieved of nineteen RTFKT Animus Eggs (priced at a cumulative ~$20,000 based on floor price) and eleven RTFKT x Nike Dunk Genesis CRYPTOKICKS NFTs (priced at a cumulative $3,300).
Gemini founder writes open letter to Barry Silbert begging for the return of $900 million
On November 16, Genesis halted withdrawals from its lending service shortly after the FTX collapse. Gemini, who partners with Genesis lending to power their Earn program, halted withdrawals hours later. On December 3, the FT revealed that Genesis owes Gemini's customers $900 million.
On January 2, Cameron Winklevoss — one of the twin brothers who operates Gemini — published an open letter on Twitter to Barry Silbert, the founder and CEO of DCG, which is the parent company of Genesis. DCG also has a substantial amount of money that they have borrowed from Genesis.
"More than 340,000 Earn users ... are looking for answers. These users aren't just numbers on a spreadsheet, they are real people. A single mom who lent her son's education money to you. A father who lent his son's bar mitzvah money to you. A husband and wife who lent their life savings to you. A school teacher who lent his children's college funds to you. A policeman, and so many more. All together, these people entrusted more than $900 million of their assets to you," wrote Winklevoss, without any apparent self-reflection on the fact that these words could just as easily have been (and should also be) addressed to him by those same customers of his service.
Bitcoin core developer claims his wallets were compromised, more than 216 BTC (~$3.6 million) stolen
One of the original Bitcoin core developers, Luke Dashjr, claimed on Twitter that attackers had managed to compromise multiple wallets — which he described as both hot and cold wallets — to steal all of his Bitcoins. Dashjr originally blamed the attack on a PGP key compromise, but later said the PGP compromise was only a part of a much broader hack where attackers also bypassed two-factor authentication and got access to what he had believed to be a cold wallet.
Dashjr complained on Twitter about having trouble getting in contact with the FBI about the theft. Some joked about the irony of a Bitcoin maximalist running to the FBI when his coins were stolen.
There are some questions about the veracity of Dashjr's claims, given his supposed security practices, the extent of the breach, and some of his odd comments on Twitter.
Swiss crypto broker Covario goes bust
Just before the holidays, employees of the Covario crypto broker based in Zug, Switzerland learned that their employer was no longer solvent. Attempts to secure a buyout had been unsuccessful, and the company is entering bankruptcy.
The firm had attempted to keep up appearances that all was well, spending lavishly and even opening new offices several weeks before entering bankruptcy. However, it turns out that employee pension contributions had not been being paid since early summer. Employee salaries had not been paid since October.
- "Pleite von Zuger Krypto-Startup: PK, AHV, Löhne offen", Inside Paradeplatz (in German)
Tax loss harvesting service emerges to help collectors unload their worthless NFTs
If you bought an NFT for $1,000 and it's now worthless, you still have to find someone willing to buy it before you can claim it as a loss on your taxes. A project called "Unsellable" has emerged to fill that need—buying worthless NFTs for $0.01 (for a small fee) so that people can claim the losses.
"This tool really helped me unload those embarrassing early NFT Hype investments. Should shave about $1000 off my tax bill", a supposed user writes in a testimonial blurb on the site (although the testimonials appear to be faked).
Perhaps someone has finally found a viable crypto business model after all.
Wallets linked to Sam Bankman-Fried's Alameda Research unexpectedly begin selling off $1.7 million in tokens
Wallets known to be controlled by Alameda Research, the crypto trading firm founded by Sam Bankman-Fried and currently in bankruptcy with the other FTX companies, suddenly began selling off large quantities of mostly small altcoins on December 28. Whoever controls the wallets swapped the tokens for Tether stablecoins or Ethereum, then tumbled the funds through cryptocurrency mixers — a strong sign that this was probably not just the FTX liquidators consolidating wallets.
Altogether, an estimated $1.7 million was moved through various services to obfuscate the flow of funds.
3Commas finally owns up to API key leak
In October, several people reported losing more than a million dollars each from accounts that were connected to the 3Commas trading platform. 3Commas vociferously denied that there was any security breach of their crypto trading service, instead claiming that some of their users were at fault for being phished and having assets stolen. Now that someone has published the API key database that was exfiltrated from 3Commas, however, the company has finally owned up to the breach. They confirmed the data in the files was legitimate on Twitter, and wrote that they had contacted Binance, Kucoin, and other exchanges with whom they integrate to ask them to revoke all API keys connected to 3Commas.
3Commas did not come off looking very good after this incident, after they spent weeks denying any breach and accusing those who were concerned 3Commas had been compromised of spreading misinformation and "FUD".
Researcher zachxbt wrote that he had verified 44 victims who had lost a combined $14.8 million due to the leak, although he acknowledged that this was only the number of people he could verify and that the total number of people affected was likely much higher.
Midas Investments platform closes after revealing they're $63.3 million in the hole
Midas Investments announced suddenly that they would be shutting down their platform, which previously enabled users to deposit cryptocurrencies which would then be invested in various defi projects. The team revealed that they had only $51.7 million in assets compared to $115 million in liabilities, a fact they had not disclosed to most of their employees.
Users with assets on the platform will see a significant haircut in what they are allowed to withdraw. Midas intends to keep 55% of the Bitcoin, ETH, or stablecoins held by users in their accounts, as well as any rewards users had earned.
Lest the users be too upset that more than half of their assets no longer belong to them, fear not: Midas will be making up the difference in a new, valueless token that does not yet exist, but that will be associated with some future project that Midas has not described yet. You're welcome!
They've also announced they will be pivoting to "CeDeFi". Yes, that is indeed short for "centralized decentralized finance". No, I am not joking.
Mango Markets exploiter arrested despite claiming all his actions were legal
In October, an exploiter was able to manipulate collateral prices to extract tokens from the Mango Markets defi project, ultimately resulting in a $116 million loss for the project. The exploiter then tried to create a governance proposal in which he would agree to return some of the stolen funds in exchange for an agreement that the protocol would not try to freeze the tokens or pursue criminal charges.
It quickly became apparent that a man named Avraham Eisenberg was behind the exploit. In screenshots leaked from a conversation in a private Discord channel shortly before the attack, Eisenberg talked about the exploit he had planned. "I'm investigating a platform that could maybe lead to a 9 figure payday. Should I do it?" he wrote. When someone replied, "unles[s] it is highly illegal", Eisenberg responded: "Are there rules these days?" When someone suggested responsibly disclosing the vulnerability to the protocol, Eisenberg refused, saying the bug bounty was likely to be too small.
Eisenberg later owned up to the attack, tweeting a thread in which he wrote that he "was involved with a team that operated a highly profitable trading strategy last week. I believe all of our actions were legal open market actions, using the protocol as designed, even if the development team did not fully anticipate all the consequences of setting parameters the way they are."
The feds apparently disagreed with his evaluation, and arrested Eisenberg in Puerto Rico on December 26. He is charged with commodities fraud and commodities manipulation.
BTC.com suffers $3 million attack
In a press release, BIT Mining reported that their subsidiary BTC.com had experienced a "cyberattack" in which $700,000 of customer assets were stolen. They also reported that $2.3 million of company assets were stolen, though they said that some of these funds had been recovered. They wrote that they were working with Shenzhen law enforcement to investigate the attack, but provided few details on the attack vector.
BTC.com is the seventh largest Bitcoin mining pool, which also operates other crypto mining services. Its parent company, BIT Mining, is publicly traded on the NSYE.
- "Bitcoin mining pool BTC.com reports $3M cyberattack", Cointelegraph
- "BIT Mining Limited Subsidiary Experiences Cyberattack", press release