On April 24, the project developer withdrew 256 million OFI tokens and swapped them to ETH worth around $1 million. They then laundered the funds through the Tornado Cash crypto mixer. The project creator deleted the project's Twitter account and took down its website.
Not everything has gone smoothly, though. As developers rushed to release wallets to support these new tokens, the UniSat wallet claimed to be the first. However, shortly after it launched, the developers made the Chrome extension inaccessible. They later revealed that the code had contained a vulnerability that exposed it to double-spend attacks. "Currently, we have preliminary investigation results, and out of all 383 transactions, 70 transactions have been identified as affected," they wrote.
It's not yet clear how much was stolen, but the UniSat team promised to compensate affected users. They later tweeted that they had determined the identity of the thief, though the funds have not yet been returned.
The NFT buyers — er, "co-producers" — were promised credit in the film credits, voting rights on the script, and a split of 80% of the profits. "Although there is nothing guaranteed, on average, you will make six to seven times what you put in 24 months. Which is huge, when you think, you go to the Caisse d'Epargne, a traditional bank, and you make less than 1% in the year," said one promotional video.
A report from French investigative newspaper Mediapart discovered that the project was backed by a Dubai-registered company called "Illuminart", which played on confusion between its name and that of the France-based Universal Studios subsidiary Illumination. An Illuminart marketing campaign even used Illumination titles, such as The Lorax, Minions, and Despicable Me, and their box office proceeds to suggest Plush buyers were in for a 516% profit.
Meanwhile, the project has gone silent, and its Twitter account last posted in September 2022. NFTs are no longer offered for sale on the official project website, and Illuminart's business license has expired.
- "Nounours et cryptomonnaies à Dubaï : le mauvais film de Kev Adams", Mediapart (in French)
However, the Kyiv Post has recently been asking questions about the organization. Earlier in April, the newspaper published an article claiming that the group had fabricated its claims that it was supported by Ukrainian governmental bodies. Now, they've published another article claiming that at least $500,000–$700,000 of funds seem to have been misappropriated.
One point of contention has been that the organization claims that 100% of money raised is donated, but in reality the project leader Alona Shevchenko takes a $5,000/month salary. This led to a split between Shevchenko and Pussy Riot's Nadya Tolokonnikova, who had once been active in promoting Ukraine DAO.
The Kyiv Post has raised questions about other transactions from the Ukraine DAO wallet, which went to other leaders of the project, or to centralized exchanges.
Shevchenko a London-based Ukrainian, who has in the past led the FreeRossDAO — a project to raise funds to support Ross Ulbricht, the jailed creator of the crypto-powered darknet Silk Road marketplace. Shevchenko's most recent project is Iran DAO, which claims to support "Iran's women-led revolution".
Blur disabled bid acceptance functionality while investigating the bug. Amusingly, this led people to begin placing huge bids they knew couldn't be accepted in order to farm Blur points, some kinds of which are awarded based on bids rather than purchases.
It's not clear how much money was lost due to the bug, but Blur cofounder "Pacman" announced that "any losses will be refunded once the issue is resolved".
Co-founders of company best known for Bella Hadid NFTs begin $77 million court battle against each other
Although the project promised to provide ongoing access to Bella Hadid and various other perks, the project website has already dropped offline, the Twitter account hasn't posted since October 2022, and the Discord is a ghost town save for occasional questions about whether the project is dead. Hadid made $1.5 million for her involvement in the project.
Things at Rebase seem to have devolved, because now Gagacki has filed suit against Truong, alleging that he "has gone rogue". The suit alleges that Truong tried to oust Gagacki from the company, stole around $2 million from a shared wallet, and damaged Gagacki's reputation. In particular, Gagacki is concerned that Truong is attempting to launch the project on the Arbitrum network without Gagacki's involvement, and that tokens minted there "could reach many times over the Rebase app's last round valuation of $150,000,000" without being shared with Gagacki.
Altogether, Gagacki is claiming damages of no less than $77 million, representing the stolen funds, the value of the app, and the profits from the possible Arbitrum deal.
The complaint also alleges that Bittrex and Shihara had coordinated with token issuers to dodge potential SEC action by having them remove public "problematic statements" predicting price, describing an expectation of profit, or describing offerings in terms of investments.
Hundred Finance announced that they were trying to communicate with the attacker to try to convince them to return some of the funds.
This was not the first exploit to impact Hundred Finance: in March 2022, both Hundred Finance and Agave Finance were targeted with a flash loan attack by a hacker who stole a total of $12 million from the two projects.
Bitrue didn't release details on how the attack had been achieved, but explained that one of their hot wallets had been impacted. They announced that they would be pausing withdrawals for several days as they investigated the incident, and that they would be compensating affected users.
- Post by Bitrue