Phishers take advantage of fears surrounding the USDC de-peg

When USDC deviated from its dollar peg on March 10, phishers were quick to devise a scheme to take advantage of holders' fears. A group launched a website appearing to be the blog belonging to Circle, the company that backs USDC. On the fake blog, they announced a supposed defi exchange where users would be able to exchange their USDC for stablecoins like Tether.

Holders trying to use the exchange approved transactions which they didn't realize allowed the phishers to drain their ETH. So far, the scammers have stolen around 74 ETH ($130,500).

Over $35 million lost as contagion from Euler hack spreads throughout defi

Contagion from the massive exploit of the Euler project has spread to around a dozen defi projects, including Balancer, Angle Protocol, Yearn Finance, InverseFinance, and others. Some are still evaluating if and how they may be affected, and how much they've lost.

Around $11.9 million of tokens were sent from the Balancer defi liqiuidity project to Euler during the attack, prompting Balancer to pause the project.

The Angle Protocol decentralized stablecoin project also disclosed that almost half of the total value locked in the project — around $17.6 million in the USDC stablecoin — were sent to Euler during the hack.

Meta pulls the plug on NFTs

In a Twitter thread, Meta (formerly Facebook) Head of Commerce and Fintech Stephane Kasriel announced that they would be "down digital collectibles (NFTs) for now to focus on other ways to support creators, people, and businesses". Meta had only launched its support for NFTs in Facebook and Instagram partway through last year — a bit late to the NFT craze, which had largely cooled by that point.

Mark Zuckerberg had once talked about eventually using NFTs for Meta's metaverse projects, suggesting that eventually "the clothing that your avatar is wearing in the metaverse, you know, [could] be basically minted as an NFT and you can take it between your different places". It sounds like that plan may no longer be on the table now.

Euler Finance exploited for almost $200 million

The decentralized lending platform Euler Finance suffered a flash loan attack in which an exploiter stole $197 million from the project. The attacker stole $8.7 million in the Dai stablecoin, $18.5 million in wrapped Bitcoin, $135.8 million in Lido staked Ethereum (stETH), and $33.8 million in the USDC stablecoin. Although Euler was well known for its many code audits, the project had later added a vulnerable function that had not been as heavily audited.

Euler announced that they were aware of the exploit, and were "working with security professionals and law enforcement".

On April 3, Euler Finance announced that they had completed successful negotiations, and that "all of the recoverable funds taken from the Euler protocol on March 13th have now been successfully returned by the exploiter". Unfortunately, based on on-chain transfers, this appeared to only be around $31 million.

Regulators shut down crypto-friendly Signature Bank

Two days after the collapse of Silicon Valley Bank and four days after the collapse of Silvergate Bank, the New York Department of Financial Services announced they had taken possession of Signature Bank, a New York-based bank that was a major bank partner for cryptocurrency companies. The bank was placed into receivership with the Federal Deposit Insurance Corporation (FDIC). According to a Signature board member, a bank run of billions of dollars began on Friday after the seizure of Silicon Valley Bank.

A joint statement from federal regulators announced that "All depositors of this institution will be made whole... no losses will be borne by the taxpayer. Shareholders and certain unsecured debtholders will not be protected. Senior management has also been removed."

The shutdown of Signature and the collapse of Silvergate leave many companies in the crypto industry without much access to the US banking system.

PeopleDAO loses $120,000 after payment spreadsheet is shared publicly

PeopleDAO is the successor to ConstitutionDAO, a group that made an ill-fated attempt to buy a copy of the US Constitution in November 2021. When the accounting lead for PeopleDAO accidentally shared an editable accounting spreadsheet link in a public Discord channel, an enterprising member of the Discord decided to take advantage. They inserted a row with their own wallet address for a 76 ETH (~$120,000) payment, then hid the row so it wouldn't display to the other viewers.

When team leads reviewed the spreadsheet to sign off on the payments, they didn't see the row, and there was no rollup showing total payments or anything else that would've helped them catch the malicious activity. The transactions were uploaded to a tool allowing asset transfers via CSV, and the required six out of nine multisig members approved the transaction.

PeopleDAO have reported that they're working with various security researchers to track the funds, and have reported the theft to the FBI and FTC.

USDC loses peg to the dollar

The major stablecoin USDC lost its peg to the US dollar on March 10. Earlier that day, the collapse of the Silicon Valley Bank sent shockwaves through the financial system, and some in crypto were concerned about possible contagion to crypto companies. In particular, it was known that some of Circle's cash reserves backing USDC were stored at SVB, but it wasn't clear quite how much. After some delay, Circle disclosed that $3.3 billion of their roughly $10 billion in cash reserves were stored with SVB.

That evening, Coinbase announced they would be pausing USDC redemptions for dollars until the following Monday, claiming it was only because in times of high volume, they needed to process transfers via the traditional banking system. Despite their stated reason, this deepened fears about the stability of USDC, which is supported in part by Coinbase.

The price of USDC began to wobble on smaller, less liquid exchanges like Gemini and Kraken before the issue was reflected more widely. However, most exchanges were showing USDC trading at prices between $0.90 and $0.98 later that night — a noticeable departure from USDC's normally fairly steady peg.

A sustained de-peg would wreak havoc on the crypto industry, where USDC is the second largest stablecoin and boasted a $43 billion market cap (at least before substantial outflows surrounding the SVB concern). Other stablecoins even have exposure to USDC, with both FRAX and DAI using USDC for significant portions of their collateral.

Someone attempting to swap ~$2 million in 3CRV token ends up with $0.05 due to apparent Kyber issue

Someone tried to swap around 2.03 million 3CRV tokens (priced at around $1.97 million) for stablecoins using the KyberSwap decentralized exchange protocol. However, due to an apparent flaw in which the protocol routed the trade through a project with very little liquidity. The trade suffered from massive slippage, and was frontrun by an MEV bot. The MEV bot made off with a nice $34,400, and the trader wound up with only five cents in the Tether stablecoin.

Kyber seemed to acknowledge that the issue was on their end, tweeting that "We have been in touch with him and are investigating the issue. We will provide an update soon."

Coinbase pauses redemptions of USDC for dollars

The collapse of the Silicon Valley Bank on March 10 led to concerns over the stability of the stablecoin USDC, after it was revealed that a portion (later specified at $3.3 billion) of its cash reserves were kept with SVB. This led to somewhat of a run on USDC, which began wobbling from its dollar peg down to as low as $0.95 on some exchanges.

On the evening of the tenth, Coinbase announced that they would be "temporarily pausing USDC:USD conversions over the weekend while banks are closed," stating that "during periods of heightened activity, conversions rely on USD transfers from the banks that clear during normal banking hours".

"Your assets remain safe & available for on-chain sends," they said: cold comfort for those who are afraid their USDC may not be worth $1 come Monday.

Coinbase is one of the firms behind USDC, and its decision to stop processing redemptions is likely to add to the concern over the stablecoin's... stability.

Bankrupt BlockFi has at least $227 million at collapsed Silicon Valley Bank

BlockFi, which has been in bankruptcy since shortly after the November FTX collapse, appears to have exposure to the collapsed Silicon Valley Bank. According to a court filing, approximately $227 million in BlockFi funds has been kept in one of several accounts the company maintained at Silicon Valley Bank. The account is a money market mutual fund, meaning it is not FDIC insured.

The US Trustee reportedly warned BlockFi counsel on March 6 that the company needed to "immediately take steps to safeguard these funds in compliance with" the depository agreement, because a MMMF was not in compliance. BlockFi responded that the account was FDIC insured (up to the FDIC's $250,000 limit), but the Trustee maintains that that is not accurate.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.