After many attempts over the span of a year to contact Paul, directly and via his manager (who CoffeeZilla did speak with), Paul has claimed that CoffeeZilla made no attempts to get his side of the story. Instead of addressing any of the many well-researched claims about the flagrant (alleged) grift that Paul has been perpetrating, he has instead reacted in typical (alleged) cryptoscammer fashion: by threatening to sue CoffeeZilla.
The thief quickly flipped all of the NFTs for around 417 ETH ($525,000). It's unclear if one of the CryptoPunks was stolen, as it was transferred to a wallet to whom CryptoNovo has previously made transfers, but that NFT too was sold for 75 ETH ($94,200).
The thief made a pretty penny, but the loss to CryptoNovo is more substantial based on how much money they spent on the NFTs. They had purchased the Bored Ape in August 2021 for 30 ETH (then around $100,000), and CryptoPunk #4608 in September 2021 for 290 ETH (then $850,000).
The attack appears to have been phishing-related.
Early last year, Coinbase was ordered by regulators to hire an outside monitor to oversee compliance. Under the settlement agreement, Coinbase will be required to continue the monitoring for at least another year as it works to improve its compliance.
- "Coinbase Reaches $100 Million Settlement With New York Regulators", The New York Times
Magic Eden acknowledged the issue in a tweet, asking users to contact their support if they had bought any of the fake NFTs. Various users on Twitter had reported buying the spoofed NFTs, paying 20–50 SOL ($266–$666) for fake NFTs that appeared as though they were a part of a verified collection that usually sold for around 165 SOL ($2,200).
Clicking in to the NFT details showed that they were a part of a different collection that was not verified, but they appeared in listings among the verified NFTs, and were in some cases quickly purchased by collectors who thought they were taking advantage of a seller's mistake in listing the NFT.
Giannaros told Axios that the company was "still operating but will be scaling back".
The sudden sale of such a large number GMX tokens (which are comparatively illiquid compared to much larger cryptocurrencies like Ethereum) caused the price to suddenly drop from ~$41.50 to ~$38 per token, though the token price recovered fairly quickly. GMX is the native token for the defi exchange of the same name.
- "Hackers steal $3.5M worth of digital assets from GMX whale", Cointelegraph
Users of several NFT marketplaces see porn, Big Bang Theory stills appearing instead of their NFT images
"What the fuck is happening, why my 5 years old kid watching porn JPEGs on [Magic Eden's] website" tweeted one shocked user.
The issue was resolved fairly quickly, although some visitors continued to see the unsavory images for a while longer due to browser caching.
On January 3, he released a statement on Twitter explaining that he had become addicted to gambling over the past year — specifically mentioning his use of the Stake cryptocurrency casino. He wrote, "Every dollar I could find I would put into Stake in hopes of winning big. Even when the big wins did happen it wasn’t enough. Eventually I lost everything. In addition to my own life savings, I also irresponsibly used investor funds to try and 'get my money back' from the casino which was wrong for so many reasons."
The impact on the projects he created — and those who put money into them — is not yet fully clear.
Gopalani tweeted that "I was hacked by a clever Phisher (same phone # as apple ID) & sold all my clone x / some other nfts... Obviously pretty upset and hurt by this and I havent really been able to move all day." He didn't provide further details, but a tweet by RTFKT CTO Samuel Cardillo suggested that Gopalani may have provided passwords or private keys to a phisher.
On January 2, Cameron Winklevoss — one of the twin brothers who operates Gemini — published an open letter on Twitter to Barry Silbert, the founder and CEO of DCG, which is the parent company of Genesis. DCG also has a substantial amount of money that they have borrowed from Genesis.
"More than 340,000 Earn users ... are looking for answers. These users aren't just numbers on a spreadsheet, they are real people. A single mom who lent her son's education money to you. A father who lent his son's bar mitzvah money to you. A husband and wife who lent their life savings to you. A school teacher who lent his children's college funds to you. A policeman, and so many more. All together, these people entrusted more than $900 million of their assets to you," wrote Winklevoss, without any apparent self-reflection on the fact that these words could just as easily have been (and should also be) addressed to him by those same customers of his service.