Norton Antivirus now sneakily installs a crypto miner on your computer so you can mine crypto (and give some to them)
Norton, the makers of the popular Norton Antivirus software, started installing "Norton Crypto" on customers' machines when they install the popular Norton 360 antivirus and malware protection software. It mines Ethereum, skimming 15% for Norton of course. They don't seem to mention that the energy costs incurred by crypto mining on a personal machine are likely to exceed any actual mining proceeds.
Coinbase's USD Coin claimed that there was $1 "in a bank account" to back it, meaning that if everyone hypothetically tried to redeem their USDC at once at any given time, it would be possible. A July disclosure showed that this wasn't true, and that the coin was actually backed by commercial paper, corporate bonds, and other assets. Bloomberg speculated that the FTC might investigate the claim as a possible "unfair or deceptive act or practice".
StableMagnet creators rugpulled about $27 million from users by swapping out linked library code. Users who had StableMagnet linked to their cryptocurrency wallets saw their wallets drained.
The cryptocurrency "titan" dropped from $65 to $0.000000024 within a few hours, despite being a stablecoin that is supposed to be much less volatile than most cryptocurrencies. As the price began to drop, the smart contract encountered a bug that prevented investors from selling their holdings. Among those burned by the coin's crash was billionaire investor Mark Cuban, who had blogged about the token only days prior.
Belt Finance fell victim to a flash loan attack which netted an attacker $6.3 million. This was yet another exploit targeting a protocol built on the Binance Smart Chain protocol, following other attacks over the previous five months on C.R.E.A.M. Finance, bEarn, Bogged Finance, Uranium Finance, Meerkat Finance, SafeMoon, Spartan Protocol, BurgerSwap, and PancakeBunny.
- "Belt Finance loses millions in latest BSC-based DeFi exploit", Cointelegraph
- "Belt", Rekt
The SEC filed an action against five individuals that they alleged promoted unregistered securities in a $2 billion investment scheme, which they described as a "lending program". In September, the SEC also charged BitConnect's founder, Satish Kumbhani, for his role in the scheme, as well as an additional promoter.
- " SEC Charges U.S. Promoters of $2 Billion Global Crypto Lending Securities Offering", U.S. Securities and Exchange Commission
- SEC v. BitConnect
A missing line of code made it "trivally" easy for an attacker to use a flash loan attack to pull $7.2 million from the DeFi platform BurgerSwap. BurgerSwap said it would "strive to cover all [users'] loss".
Attackers exploited a flaw in the smart contract of Bogged Finance's BOG token to drain half the liquidity pool, equivalent about $3 million. This resulted in the BOG token tanking in value from about $1.80 to $0.0003.
Rumors swirl around what actually happened with DeFi100: a rug pull, or a simple website defacement?
DeFi100, a Binance-based DeFi protocol, suddenly replaced its website with a statement: "We scammed you guys and you can't do shit about it". One crypto analyst estimated a scam would've netted the team $32 million. However, the developers subsequently denied the scam and claimed the website had been hacked, restoring it soon after. Although the developers maintain they never stole any money, rumors around what actually happened sank the project.
A hacker used flash loans to manipulate the price of other token pools, to then exploit a bug in PancakeBunny logic that calculates how many tokens should be minted. They were able to mint and then sell 7 million tokens, making off with $45 million and tanking the price of BUNNY tokens from $146 to $0.90. PancakeBunny tweeted shortly after the attack that they would be "working on a reimbursement plan" for those affected.