The attack was unusual in that it lasted almost two weeks, going unnoticed because it was draining pools slowly enough that the Levana team assumed it was organic activity. However, when the network became congested, the attack suddenly became more profitable — and more noticeable.
Levana Protocol loses over $1.1 million in slow motion
An attacker successfully manipulated an oracle to drain around 10% of the liquidity pool for the Levana Protocol, an Osmosis-based perpetual futures project. This amounted to $1.146 million.
- "Levana exploit postmortem", Medium [archive]
Barry Silbert resigns from Grayscale board
New SEC filings have revealed that Digital Currency Group CEO Barry Silbert and president Mark Murphy have resigned from the board of Grayscale Investments, the organization behind the Grayscale Bitcoin Trust and a subsidiary of DCG.
Grayscale is in the midst of an application process with the SEC for approval to convert the trust into a spot bitcoin ETF. This has been an ongoing effort by Grayscale, and has been denied before.
DCG, meanwhile, is in the middle of financial difficulties and ongoing legal battles, including a lawsuit from the New York Attorney General alleging a $1 billion fraud by DCG and its Genesis subsidiary. The lawsuit from the NYAG also names Silbert personally.
Telcoin exploited for $1.25 million
$TEL, the token associated with the Telcoin remittances project, plunged 40% as an exploiter was able to steal around $1.25 million from the project. The company later disclosed that the issue had to do with how the project had been implemented on the Polygon network. The app was taken offline as the company investigated the hack.
Telcoin later announced that they "plan[ned] to restore all wallets to their previous balances", though did not say whether or how they would be making up the $1.25 million deficit.
Telcoin had been audited by CertiK, though CertiK tweeted to say that "this contract was not in the scope of the audit conducted by CertiK".
Tether mints itself a $1 billion Christmas present
I wish I could give myself a billion dollars for Christmas, too.
On December 25, Tether minted 1 billion of its USDT dollar-pegged stablecoin. CEO Paolo Ardoino announced on Twitter that the mint was an "authorized but not issued transaction, meaning that this amount will be used as inventory for next period issuance requests and chain swaps". This seems to be a recent trend for Tether, as similar language was used for a $1 billion mint in September.
The activity has raised more questions around where the real money backing Tether is coming from, and if it even exists at all. Some have argued that these recent Tether mints are being used to artificially inflate the price of Bitcoin, which has been on an upward trend since mid-October.
Tether, which boasts a market cap of more than $90 billion, has never been audited, and has lied about its backing in the past.
Megabot exit scams for almost $750,000
The Megabot project rug pulled, stealing $742,000 from those who bought in to the project's presale. The majority of the money — around $692,000 — was stolen on the Solana network.
Megabot had advertised itself as an AI trading bot that would earn users "up to 30% monthly". The team had promised that the bot would perform trades while "sidestepping potential risks such as honeypots, rugs, and slow rugs".
"No one will be able to rug you anymore", their website boasted. Ah, well.
Defunct BarnBridge reaches $1.7 million settlement with SEC
About six months after the SEC filed a complaint against the BarnBridge DAO, the group has agreed to disgorge almost $1.5 million in proceeds from their "SMART Yield bonds" — which the SEC also says attracted more than $509 million in investments. The two co-founders will also pay $125,000 each in civil penalties.
The SEC charged that the group had not registered their sale of the bonds as was required under US securities laws. BarnBridge shut down very shortly after the complaint was filed, without any input from its community, despite ostensibly being community governed.
- "BarnBridge DAO Agrees to Stop Unregistered Offer and Sale of Structured Finance Crypto Product", Securities and Exchange Commission press release [archive]
Catalyx exchange ordered to freeze trading after theft
The Canadian Catalyx cryptocurrency exchange has frozen trading and halted withdrawals after an emergency order by the Alberta Securities Commission on December 21. Catalyx consented to the order.
Catalyx announced in a press release on December 28 that they had "recently discovered a security breach on the Platform in connection with the holding of crypto assets on behalf of clients. Management suspects that this security breach, which may involve an employee, has resulted in the loss of a portion of the crypto assets held by the Company on behalf of its clients".
Catalyx did not state how much had been stolen.
- Interim Cease Trade Order by the Alberta Securities Commission [archive]
- "CatalX CTS Ltd. Announces Security Breach, Loss of Crypto Assets and Ongoing Investigation", press release by Catalyx [archive]
Qredo dumps CEO, raises emergency financing after burning through funding
Despite raising $80 million in February 2022 in a Series A round that saw the company valued at $460 million, the Qredo crypto custody platform just had to secure debt financing to keep the company afloat. Its lead investor also pushed to oust the company's CEO and COO, and shake up the board.
Qredo had already been forced to perform layoffs in September and then November, and in November was searching for a rescue after saying their user "activity ha[d] fallen" in the "prolonged cryptowinter".
On December 15, Qredo had also announced that they would be shutting down their Ankex trading platform, which was previously led by Michael Moro, who was previously booted as CEO from Genesis Trading.
New wallet drainer steals almost $60 million in 9 months
A new wallet drainer tool has stolen $58.98 million in cryptocurrency assets from more than 63,000 victims in the past nine months. People using the drainer software have pulled in victims by running ads on Twitter and through Google ads, employing various tricks to thwart ad reviewers trying to thwart malicious ads on their platforms.
Aurory bridge hacked for over $1 million
The Aurory gaming platform uses a bridge called SyncSpace to move assets between the blockchain and the game's off-chain network. On December 17, the bridge was targeted on Arbitrum's Camelot DEX, and an attacker successfully siphoned around 600,000 $AURY tokens from the liquidity pool. As a result, the pool went from around $1.5 million in liquidity to around $312,000, and the price of the $AURY token dropped 11% as the attacker sold it off in bulk.
The Aurory team posted on Twitter to acknowledge the hack, writing that they'd disabled SyncSpace as they investigated. They also wrote that SyncSpace had been audited months ago, but that the audit had failed to detect the vulnerability.