Hacker steals over $1.2 million from Inverse Finance, their second such exploit in under three months

A hacker was able to perform an oracle manipulation attack enabled by flash loans to siphon crypto worth around $1.26 million from Inverse Finance. The loss to the protocol was higher, at around $5.8 million. The attacker has already moved most of the stolen funds to the Tornado Cash cryptocurrency tumbler.

Inverse Finance is a borrowing and lending protocol that was hit with a different oracle manipulation attack in early April, which resulted in a $15.6 million loss.

8 Blocks Capital calls on platforms to freeze Three Arrows Capital's funds after the firm goes silent

8 Blocks Capital is a Hong Kong-based trading firm. In a Twitter thread, Danny Yuan explained that 8BC had been using 3AC's trading accounts to reduce their trading fees. He wrote, "We had known them since 2018, thought they were competent and didn’t think they were degen enough to lose billions and not employ basic risk management."

When 8BC contacted 3AC to make a withdrawal on June 13, they never received a reply. "We didn't think much of it at the time. After a while, the market stablized so we no longer needed the funds. We thought maybe they were just busy." The following day, 8BC noticed $1 million missing from their accounts. When they tried to contact 3AC, they again received no response.

According to Yuan, "What we learned is that they were leveraged long everywhere and were getting margin-called. Instead of answering the margin calls, they ghosted everyone." He called on platforms that still have assets from 3AC to freeze those assets, "so that those who 3AC owes can be paid back in the future after legal proceedings."

Kraken crypto exchange announces đźš© culture overhaul đźš©

The U.S.-based crypto exchange Kraken has announced that, despite the layoffs and hiring freezes among its competitors in the ongoing "crypto winter", they intend to keep hiring aggressively. They also took the opportunity to announce that they "believe bear markets are fantastic at weeding out the applicants chasing hype from the true believers in our mission", and that they had "taken this opportunity to align our internal culture around a set of shared values". They also make it clear that anyone who disagree with the changes can GTFO: "In commitment to these values, we also expanded our permanent benefits program to make moving on a bit easier for anyone who feels it's time for the next chapter in their career."

These internal values include requiring employees to believe in "The Mission", "to accelerate the worldwide adoption of cryptocurrency". Their culture explainer also includes various points (emphasis in the original):

  • "We will engage in lobbying, as a single-issue donor, supporting controversial politicians and legislation that furthers The Mission, possibly to the detriment of other civil rights causes"
  • We will advertise with and sponsor controversial television programs, podcasts, influencers and events, if it furthers The Mission
  • We may incorporate firearm and self-defense training in to corporate retreats
  • Should we aim to be exemplary in terms of stereotypical team diversity measurements? No.

The culture document goes on to say that "Someone Must be Offended, Some of the Time":

  • "Krakenites are welcome to request (and deny) personal language and communication preferences of each other"
  • Everyone is responsible for their own feelings
  • Being offended doesn't necessarily make you right
  • Being offended doesn't necessarily make you "harmed"
  • Words nor silence are ever "violence"
  • We do not call someone's words toxic, hateful, racist, x-phobic, unhelpful, etc.

Throughout the document are various notes to clarify that although some of what they're describing definitely sounds like they might be breaking the law, they're definitely not breaking the law: e.g., "Note: We are committed to eliminating all forms of discrimination against legally protected groups in every jurisdiction in which we operate."

BlockFi fined almost $1 million by Iowa regulators for offering unregistered securities

The Iowa Insurance Division announced that they had levied a $943,000 fine against BlockFi for failing to register securities they offered on their platform. The regulator also accused BlockFi of making "misrepresentations and omissions about the level of risk in its loan portfolio", particularly pertaining to statements that their loans were "typically" overcollateralized when in reality only around 16–17% were.

SEC reportedly begins probe into insider trading at crypto exchanges

According to FOX Business, the SEC has sent an inquiry to at least one "major crypto exchange", in what their source said they believed was an investigation spanning several exchanges. It's not clear whether this is a targeted probe spurred by specific instances of alleged malfeasance that might be a harbinger of impending enforcement action, or a broader examination pertaining to broad regulatory interest.

Three Arrows Capital crypto hedge fund may be insolvent

Blockchain data showed that Three Arrows Capital (3AC), a crypto-focused hedge fund based in Singapore, appeared to be dumping stETH as quickly as possible. stETH is Lido-staked Ethereum, a project that is facing liquidity issues and deviating from its peg as of late. The sales appear to be 3AC selling off stETH to pay off debts, presumably due to margin calls as the crypto ecosystem as a whole fell dramatically.

Making matters worse, 3AC co-founder Su Zhu tweeted during the mass sell-off to promote stETH, which certainly gives the appearance that he was trying to pump the price to improve price or liquidity. BlockFi later confirmed that they had liquidated some positions that 3AC held with them.

Speculation about 3AC has swirled, with little comment from 3AC or its executives besides a June 14 tweet from Zhu: "We are in the process of communicating with relevant parties and fully committed to working this out". Meanwhile, other organizations including 8 Blocks Capital have reported that they've been unable to reach 3AC about money they're owed.

Merit Circle DAO votes to renege on deal with investor, provide 30% of what was owed

Members of the Merit DAO, a DAO operating in the play-to-earn space, voted on proposals renege on a deal signed with an early investor to the DAO, Yield Guild Games (YGG). The proposal argued that YGG had not "added value" to Merit (besides monetarily, of course).

YGG pointed out that the seed investor agreement did not require investors to "provide any specific value add services", and "there is no provision for Merit... to unilaterally cancel the contract". The core team replied to say that, "We would like to honor all agreements, however... the DAO holds the ultimate power". One minority voice in the community argued, "You can not just look back 6 months later and be angry with someone who took an early bet on you and say 'here is a refund'. We must uphold trust in compensating those who take early risks."

Surprisingly, YGG ultimately accepted a deal with the DAO rather than take it to court. The final decision did not entirely eliminate their promised returns, but still only granted them around 30% of what they would have been owed with the original deal (which would have been over $5 million).

In a Twitter thread, CEO of the 101.xyz web3 platform detailed the saga and wrote, "it's hard to see this as anything other than a horrendous stain on the reputation of web3... Merit Circle DAO may not need outside support anymore, but many other projects do. And now they’ve made it harder for earlier projects to get the capital they need. Investors might rightfully ask 'what if your DAO decides to fuck us'".

Axie Infinity says it was never about the money after describing their game as a job-creator

After playing up how Axie Infinity had "created hundreds of thousands of jobs in the Philippines" and other locations where salaries are low, Axie Infinity has crumbled. Some players had quit their traditional jobs to become full-time Axie players, and for a few months in 2021, some skilled players could make more than the average wage in the Philippines by playing the game.

Even without the $625 million hack in March, Axie's economy was in trouble. A November 2021 report from Naavik, titled "Infinite Opportunity or Infinite Peril?" wrote that the game's "economic policies are fundamentally unsustainable" and that "the value of new Axies and SLP is propped up by new players putting fresh money into the game".

As of May, even top-ranked players were making around $0.68 a day—certainly well below the $41.50 average daily wage in the Philippines that the game was once beating. Now, Axie Infinity downplays the financial promises of its game, with the company's head of product writing, "Axie Infinity first and foremost needs to be a game".

Coinbase lays off 1,100 employees in 18% cut

Coinbase announced that they would be cutting 18% of their employees, amounting to 1,100 people. This announcement came only two weeks after they rescinded already-accepted job offers from some new employees, a move that itself came only two weeks after the company announced a hiring freeze. Coinbase has attributed their decisions to "current market conditions" and "crypto winter".

Coinbase broke the news to affected employees in a particularly cold way: by email, sent to employees' personal email accounts because they immediately cut access to employees' work accounts. "Given the number of employees who have access to sensitive customer information, it was unfortunately the only practical choice, to ensure not even a single person made a rash decision that harmed the business or themselves," wrote CEO Brian Armstrong in a message to employees that was subsequently published as a blog post.

Known Origin is the latest project to have their Discord compromised

The Discord server for Known Origin, a fairly major NFT platform, was compromised. The scammer used their access to advertise a fake free NFT mint, which actually would steal NFTs if a user tried to connect their wallet.

This is the latest in a long string of Discord compromises. Other hacked servers in recent days included those for Curiosities, Meta Hunters, Parallel, Goat Society, RFTP, and Gooniez.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.