PokeMoney blockchain game rug pulls for $3.5 million

The token associated with yet another crypto Pokémon rip-off, PokeMoney, suddenly crashed in price when around 11,800 BNB ($3.5 million) worth of it was pulled out of the project. The incident appeared to be a rug pull.

The project creators claimed it was a hack, and stuck around to try to keep the hope alive. They claimed on Telegram that for some reason they couldn't access the project Twitter account, and so couldn't inform their community of the hack. They also began rallying their community around hopes for a project relaunch. Meanwhile, they announced a "CHAT MUTE UNTIL TOMORROW TO AVOID FUD"—as any reputable, not-rug-pulled project would do, I'm sure.

Elon Musk deepfake tries to get people to give scammers Bitcoin

Elon Musk, sitting with his hands clasped in front of a purple background. A logo for "BitVex" is visible in the bottom right.Screenshot from the deepfake video (attribution)
A somewhat robotic-sounding deepfake Elon Musk speaks to a deepfaked interviewer, who asks "what can you tell us about your project and how can it help people get rich right now?" Fake-Musk explains that people who invest in the (scam) project, "BitVex", will "receive exactly 30% of dividends every day", and that if Bitcoin falls in price they will still receive twice their investment back.

According to BleepingComputer, only about $1,700 in deposits appeared to have gone to addresses associated with the scam, although they acknowledged that the addresses are likely rotated and so the true amount may be larger.

Someone brought the scam to Musk's attention on Twitter, where he replied, "Yikes. Def not me." The YouTube channel hosting the videos was taken down shortly after.

Researcher discovers vulnerability in the Terra Mirror Protocol that allowed attackers to siphon tens of millions from the project

A crypto researcher who goes by "FatMan" discovered that the Mirror Protocol in the Terra ecosystem contained a serious vulnerability, that was quietly patched with no announcement on May 9. The Mirror Protocol code previously lacked a duplicate check, which meant that attackers could create a short position and then withdraw it repeatedly in the same transaction, taking many times more money than they should have been authorized to withdraw.

FatMan discovered one instance where a person deposited $10,000 and later withdrew $4.3 million. According to FatMan, they found repeated exploits of this type that earned attackers "well over $30 million". Another researcher on Terra forums estimated about $88 million had been exfiltrated from the project in this way, over the many months the bug went undiscovered and unpatched by Mirror developers.

Solana loses track of time

The Solana blockchain clock drifted about 30 minutes behind real-world time on May 26, as a result of slower-than-usual slot times. Solana's status page read that "this has no impact on performance or network operations", though The Block noted that this time drift could result in smaller staking payouts.

Blockchain timekeeping is also selling point of Solana, which talks up its "proof of history" algorithm in a blog post where Solana Labs co-founder Anatoly Yakovenko says, "our clocks never drift".

Terra decides to release "Terra 2.0", because apparently the way to fix a crypto catastrophe is with more crypto

Following the dramatic collapse of Terra earlier this month, the Terra ecosystem voted to pass a proposal by Do Kwon to create "Terra 2.0". The project intends to "effectively create a new Terra chain without the algorithmic stablecoin"—an odd choice given that the whole point of the original Terra was the stablecoin. The proposal also involves renaming the existing Luna ($LUNA) coin to "Luna Classic" ($LUNC), so that Luna 2.0 can take its place—a change that I'm sure will not cause any confusion whatsoever.

Billy Markus, one of the original creators of the Dogecoin cryptocurrency (both of whom have since left the project), tweeted, "luna 2.0 will show the world just how truly dumb crypto gamblers really are".

Scammer steals 29 Moonbirds NFTs nominally worth about $1.5 million from a single collector

A purple pixel art owl with one squinting eye, on a green backgroundMoonbird #8749 (attribution)
A scammer was able to trick a prolific NFT collector into signing a transaction on a fake trading website, which then allowed them to maliciously transfer 29 pricey Moonbirds NFTs in a single transaction. Moonbirds are a popular collection of pixel art owls that currently trade with a floor price of 24 ETH (about $48,000). The trader who was targeted was a big time Moonbirds fan, holding 29 of the NFTs in their affected wallet. The loss has been estimated at around 750 ETH (~$1.5 million).

The highly exclusive group of NFT collectors known as Proof Collective, of which this trader was a member, was reportedly preparing a report for the FBI and police. Because the attacker used an exchange that requires KYC there may be some possibility that their identity could be traced, although falsified KYC is also increasingly common.

The WeWork founders are starting a carbon credit crypto company and they already raised $70 million in funding

Adam and Rebekah Neumann, the duo behind the WeWork coworking space company that imploded spectacularly in 2019, have re-emerged to start a company called Flowcarbon. The company intends to "tokenize carbon credits"—which they're calling "Goddess Nature Tokens"—and sell them to companies hoping to green up their image. The need for a blockchain is unclear.

The company has already raised $70 million in token sales and a Series A funding round led by Andreessen Horowitz (aka a16z), which seems like a startling amount of money to give to someone who resigned from his previous company amidst accusations of some serious self-dealing and the creation of toxic corporate culture.

DecentraWorld project rug pulls for $1 million

An illustration of a world with lines and dots connecting around it, with the word "decentraworld" in white capital lettersDecentraworld logo (attribution)
The creators of the Decentraworld project, and its associated $DEWO token, rug pulled for 3127 BNB, valued at just over $1 million. The project promised an "ecosystem of dapps with privacy protocols by default". The website spoke of how "governments around the world want to keep controlling their citizens by fighting the one thing they can’t control, the blockchain and crypto-assets", and the project promised to "help humanity maintain its privacy, control, and financial freedom". Unfortunately for the believers, this turned out not to be true when the project drained the funds and deleted their online presence.

Representative Madison Cawthorn under ethics investigation related to crypto, violated STOCK Act

Official portrait of Madison CawthornMadison Cawthorn (attribution)
The U.S. House of Representatives Committee on Ethics announced on May 23 that they had unanimously voted to investigate whether Representative Madison Cawthorn (R-NC) "improperly promoted a cryptocurrency in which he may have had an undisclosed financial interest", as well as one unrelated allegation.

On May 26, Cawthorn filed a disclosure to say he had bought between $100,000 and $250,000 of the "Let's Go Brandon" ($LGB) coin on December 21—eight days before posting that the coin would "go to the moon" just before a deal with NASCAR was announced. The coin then went up in price and Cawthorn sold at least $100,000 of his holdings. This timing led to accusations that Cawthorn had advance knowledge of the partnership.

Cawthorn also disclosed in the same May 26 filing that he bought between $101,000 and $265,000 of Ethereum in late December. Although Congressmembers are required by the STOCK Act to disclose purchases of various assets (including cryptocurrencies) within 45 days of the transaction, Cawthorn's disclosure came five months after the purchase. Cawthorn recently lost his primary, ending his chances of re-election, but his current term isn't slated to end until January 2023.

Crypto speculator loses over $200,000 to wallet compromise

Crypto speculator Jonny Reid wrote on May 22 that his crypto wallet had been hacked and drained of approximately $203,000. He wrote that he had never owned a hardware wallet before and had only used MyEtherWallet and MetaMask. "My security has always been great, always cautious with phishing links / websites / discord / telegram / social media scans etc". He wrote that he suspected the compromise might have been the result of a Chrome extension he had downloaded to auto-refresh a page to schedule a passport appointment.

Reid traced the stolen funds until they disappeared into the crypto exchange "Fixed Float". Reid contacted the exchange, who told him they couldn't supply him with server logs without a law enforcement request. Reid wrote that he was "angry [with] the fact they cant provide me with any details to help me follow the trace" and urged crypto Twitter to try to pressure the exchange to release more information to him.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.