Hacker steals more than $1.5 million after compromising wallets belonging to crypto whale Arthur_0x

CloneX #13992, one of the stolen NFTsCloneX #13992, one of the stolen NFTs (attribution)
Arthur_0x, a crypto investor and NFT whale, had two of their hot wallets compromised. The attacker stole ETH and transferred some big-ticket NFTs out of the wallets, including at least five CloneX NFTs and 17 Azuki NFTs. CloneX NFTs have been selling for an average of 16.76 ETH (about $50,000) over the past 30 days, and Azuki NFTs have been going for 12.5 ETH ($37,600). The attacker had not yet sold all the NFTs they had stolen, but within two hours of the attack they had 545 ETH (about $1.6 million) in their wallet.

Arthur_0x wrote on Twitter that they had previously only ever used a hardware wallet on their PC, but when they started more regularly trading NFTs they'd started using a hot wallet. "Hot wallet on mobile phone is indeed not safe enough", they wrote on Twitter, "Guess no more hot wallet usage then." They also wrote, "The only thing I can say to the hacker is: you mess with the wrong person" and tweeted the wallet address to which the NFTs were being transferred, asking for it to be blocklisted.

Hacker steals $1.45 million from OneRing Finance using code that self-destructs after the attack

A hacker was able to use a flash loan attack to exploit an issue with OneRing Finance. By manipulating the price of tokens in the project's liquidity pool, the hacker was able to draw out 1.45 million USDC, a stablecoin pegged to the US dollar. According to PeckShield, the loss to the protocol was larger than what the hacker actually was able to cash out.

The hacker complicated things somewhat for OneRing by covering their tracks. They used a "self-destruct" mechanism—typically used by developers to destroy smart contracts that are found to have a bug—to destroy the contract they used to carry out the attack, making it more difficult for OneRing to determine which parts of their codebase were vulnerable and led to the attack.

NFT scammers take over the Twitter account of a Florida gubernatorial candidate

Twitter profile of Nikki Fried, showing banner and profile pictures for "Skulltoons", and the name "nikki.eth"Nikki Fried's compromised Twitter profile (attribution)
The Twitter account belonging to Nikki Fried, the current Florida Agriculture Commissioner and a Democratic candidate for the 2022 Florida gubernatorial race, was compromised and repurposed as an NFT shill account. The account, which was verified and had more than 270,000 followers, suddenly underwent what I imagine was a bit of a startling rebrand for her followers: her name was changed to "nikki.eth", and the Twitter bio was replaced with "Mod for SkulltoonsNFT, ThugBirdz, AzukiZen. Web3 Enthusiast". The account also changed its banner and profile pictures to Skulltoons images, and started tweeting about giveaways. By March 20, Fried had apparently regained control of the account, though the account privacy had been changed to protected.

The Fried account compromise is only one instance of what has become a trend on Twitter: Twitter accounts belonging to high-profile individuals, or accounts that are verified or have a large number of followers, being compromised and sold to NFT scammers. On March 11, ESPN baseball reporter Jeff Passan also had his twitter account compromised and repurposed to shill Skulltoons NFTs. Skulltoons distanced themselves from that incident, writing that they believed the hackers were trying to scam their NFT community.

Kaiju Kongz NFT project artificially inflates its floor price by destroying your NFTs if you list them for sale at too low a price

A pixel art image of a large ape creature with green and yellow eyesKaiju Kongz (attribution)
An NFT project's value is often discussed in terms of its floor price—that is, the lowest price at which any given NFT in a collection is listed for sale. The new NFT project Kaiju Kongz decided to take advantage of the fact that you can pretty much do anything you want with a smart contract to ensure that the floor price of its project only increases shortly after the NFTs are launched. They released their project with a "burn schedule"—a list price that gradually increases as time goes on, where if someone lists their NFT below that price, it will automatically be burnt—the closest thing to "destroying" an NFT that's possible. This serves to ensure that the floor price stays above the minimum value the project creators want, which doubles daily from 0.065 ETH (~$190) on the day of launch to 0.64 (~$1900) on March 22.

Some NFT collectors criticized the choice. One described it as "illegal market manipulation tactics", and others said the project should grow the floor "organically". Given the rampant manipulation in the NFT space, one wonders if the real criticism collectors have with the project is that they were too transparent about their price manipulation, and should've just done it quietly like other projects have.

Founder of crypto investment scheme "IGObit" and the sham organization "World Sports Alliance" is convicted of wire fraud

Asa Saint Clair created an organization called the World Sports Alliance, which he falsely described to prospective investors as being closely affiliated with the United Nations (for some reason). Saint Clair convinced more than 60 people that they should invest in his IGObit digital coin offering, stating they would received guaranteed return on investment, but instead he just took the money and used it for his own purposes. Saint Clair was convicted on March 18, and faces a maximum sentence of 20 years in prison.

People briefly borrow Bored Ape NFTs to claim as much as $1.1 million in $APE tokens

The Bored Ape Yacht Club recently created a token called ApeCoin, some of which they announced would be distributed to people who owned various Bored Ape NFTs and NFTs from their related collections. However, because the token distribution didn't use a snapshot of ownership data, but rather distributed tokens per-NFT to the first owner who claimed them, people were able to game the system. Some owners of Bored Ape and related NFTs had put their NFTs into an NFTX vault, which is a setup where someone takes a subset of their NFTs and creates a token that is based on them. The token can then be staked to generate yield, or can be sold, and if someone owns enough of the tokens, they can redeem them for the NFTs. A clever operator found a vault containing five Bored Ape NFTs, which had unclaimed $APE associated with them since they were locked up in the vault. They used a flash loan to purchase a large amount of the vault's token, redeem the five BAYC NFTs, claim the airdropped tokens, return the BAYC NFTs, sell back the tokens, and repay the loan, all in one transaction that cost them nothing but netted them 60,564 $APE, which they then swapped for 399 ETH ($1.1 million).

People were somewhat split on whether this could be classed as a vulnerability in the $APE airdrop, since (as with many crypto hacks and scams) the person was operating completely within the rules set out in code.

Australian regulatory agency begins lawsuit against Facebook over failing to address scammy crypto ads

The Australian Competition & Consumer Commission (ACCC) announced that they had begun federal court proceedings against Facebook, alleging that the company "engaged in false, misleading or deceptive conduct by publishing scam advertisements featuring prominent Australian public figures". The ACCC claims that Facebook ads featured prominent Australian individuals without their approval, and implied that the crypto schemes were associated with or endorsed by those individuals. When a person clicked through the link, they were invited to provide contact information to a group of scammers who reportedly incessantly called the targets to pressure them into putting money into the schemes—in one case, a Facebook user lost more than $650,000. The ACC alleged that Facebook "aided and abetted or was knowingly concerned in false or misleading conduct and representations by the advertisers", but didn't take sufficient action to stop the misrepresentation, even after public figures raised the alarm about their likenesses being used without consent to scam people.

Binance says it will stop operating in Ontario, for real this time, and admits they lied to investors

In June 2021, Binance announced they would stop operating in Ontario after the province introduced new prospectus and registration requirements for crypto exchanges. However, in December, Binance said in an email to Ontarian investors they were allowed to continue operating in the province—prompting the Ontario Securities Commission to release a statement titled "Binance is not registered in Ontario", which said, "Binance represented to OSC Staff that no new transactions involving Ontario residents would occur after December 31, 2021. Binance has issued a notice to users, without any notification to the OSC, rescinding this commitment. This is unacceptable."

On March 16, Binance confirmed that they would actually stop servicing Ontario residents, for real this time. They also admitted to sending an email to investors on January 1 that said that they could no longer trade or onboard to the platform, despite not putting any such restriction in place.

Discord hack targeting Rare Bears NFT project nets attacker $800,000

An illustration of a bear wearing a crown, with laser beams firing from its eyes, with headphones around its neck, holding a molotov cocktailRare Bear (attribution)
After hackers successfully compromised the account of one of the Rare Bears Discord moderators, they posted an announcement that new NFTs were being minted. Those who tried to participate in the mint wound up having their accounts compromised and their NFTs stolen. The hackers sold most of the 179 NFTs they stole, for a combined total of 286 ETH (more than $800,000).

Not only did the attackers post a fake mint link, they took steps to prevent the project from thwarting their attack by banning other members and removing user rights that would have allowed other project members to delete the fake links. They also added a bot to the server that locked channels so people couldn't send warnings that the links were fake.

The Rare Bears team did eventually regain access and secured their Discord server. In an apology posted on their Twitter page, they addressed the multiple security breaches that Rare Bears have faced to date, and said they had "stepped up" and would be having a firm audit their project.

Bored Ape Yacht Club launches their new ApeCoin, which immediately tanks in price

Price of ApeCoin, compared to USD, showing a brief and large spike, followed by a drop and then fairly steady valueApeCoin price (attribution)
Bored Ape Yacht Club decided to release "ApeCoin", a new cryptocurrency token. The token distribution heavily favors current BAYC owners, truly underscoring the fantasy about a fairer distribution of wealth that some people thought crypto would somehow magically bring about. Holders of Bored Ape NFTs—already priced at several hundred thousand dollars apiece—received airdropped tokens in proportion to their holdings of Yuga Labs NFTs; one holder of 12 Bored Apes, 10 Mutant Apes, and 11 Kennel Club NFTs reported receiving 150,964 APE (valued at $1.3 million when $APE was at $8.56).

The $APE price briefly soared to around $40 shortly after launch, before crashing precipitously to around $8.50 not long after, presumably as people cashed out their free money. Even many cryptocurrency enthusiasts were nonplussed by the launch, with many describing it as a "money grab" or an attempt to enrich the founders, which apparently is a bad thing (despite many crypto projects openly doing the same). One angry Redditor wrote, "Owners of Bored Ape NFTs were given the coin first(very rich people), then it was sold to the normies who got FOMO and pumped the price, then it crashed. Yet again, leaving regular people holding bags of pure garbage while the coin pushers wave bye-bye from their lambos."

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.