Skip to timeline

Web3 is Going Just Great

...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.

Created by Molly White. Subscribe to her newsletter for weekly recaps.

Start from the top

Memecoin launch by Pauly0x costs traders at least $2.2 million

Traders hoping to get in on the next big memecoin eagerly snapped up a token called Pond0x, a Pepe the Frog-branded memecoin launched by Pauly0x. Pauly0x is Jeremy Cahen, a crypto personality best known for his creation of CryptoPhunks, NotLarvaLabs, and involvement in the Ryder Ripps lawsuit.

However, serious flaws in the Pond0x contract resulted in traders losing at least $2.2 million as people discovered that anyone could transfer coins belonging to other people. People quickly began rushing to steal coins from one another.

Pauly0x responded by blaming the traders who bought and sold the tokens, and spent the following day variously posting on Twitter that he was teaching people a lesson, that it wasn't his fault that people lost money, and suggesting that the flaw was part of a bigger plan for the project. "No one stole your tokens lol. The contract is literally designed as such," he wrote to angry traders accusing him of a rug pull. He added to the website a message reading, "GREED KILLS".

Theme tags: Hack or scam

DeFiLabs rug pulls for $1.6 million

A defi project called DeFiLabs was able to rug pull for $1.6 million thanks to a backdoor written into the smart contract. After traders bought into the project, its creator was able to call the withdrawFunds function to make off with the project's assets.

DeFiLabs claimed on Twitter that the platform "encountered an unexpected issue" while "undergoing maintenance and updates".

DeFiLabs had been audited by blockchain security firm CertiK.

Theme tags: Rug pull
Blockchain tags: Blockchain: BNB Chain
Tech tags: DeFi

CoinsPaid hacked for $37.3 million

The CoinsPaid crypto payment platform, which provides payment services to various online casinos, reportedly suspended withdrawals under mysterious circumstances. The company later deleted a handful of tweets pertaining to the incident, which they ascribed to a "technical issue".

After prominent Bitcoiner Jameson Lopp tweeted that the issue "look[s] more like a hack", CoinsPaid replied "Our team is aware of the issue... Please wait for the official announcement on this topic." Crypto researcher zachxbt responded, "The issue is you got hacked by North Korea that's what lol", referencing the increasing suspicion that the Lazarus group may be behind the disruption. Sure enough, CoinsPaid later confirmed that they had been hacked for $37.3 million, and announced that they suspected the Lazarus Group was behind it.

Some have been speculating that there are connections between this incident and the $60 million hack of the Alphapo crypto payments processor on July 22. Alphapo also provided services to various online casinos. Indeed, there seem to be connections between Alphapo and CoinsPaid, and they may in fact be operated by the same people.

Theme tags: Hack or scam, Shady business
Blockchain tags: Blockchain: Bitcoin

EraLend exploited for $3.4 million

The EraLend crypto lending platform was exploited for around $3.4 million after an attacker took advantage of a re-entrancy vulnerability to manipulate token prices and drain funds from the project. The thief then quickly distributed the stolen funds across various wallets and blockchains.

EraLend paused various functions of their protocol while they investigated the attack, and said they were working with various security research organizations and law enforcement to investigate the theft.

The BlockSec security research firm warned other projects that re-used a portion of code to be cautious if they re-used a portion of code from SyncSwap, because they could also be vulnerable.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: DeFi, lending

IEGT token rug pulls for $1.14 million

The IEGT token was created on Binance Smart Chain on July 13. However, its creators "covertly minted a large amount of tokens, primed for a rug pull", as blockchain security firm SlowMist described it. Although the project reportedly had only 5 million tokens in supply, this allowed the team to sell 1 billion tokens, cashing out approximately $1.14 million in the USDT stablecoin.
Theme tags: Rug pull
Blockchain tags: Blockchain: BNB Chain

Alphapo hacked for more than $60 million

The crypto payment processor Alphapo suffered a hot wallet hack on July 22 in which at least $60 million in Ethereum, Tron, and Bitcoin was stolen. Alphapo processes payments for several gambling platforms including HypeDrop, Bovada, and Ignition.

HypeDrop disabled withdrawals on their platform, and wrote on Twitter that they were experiencing "ongoing deposit and withdrawal issues" due to "an issue on the cryptocurrency provider's side."

Theme tags: Hack or scam
Blockchain tags: Blockchain: Bitcoin, Ethereum, Tron

Conic Finance exploited again, hours after first hack

Hours after suffering a $3.2 million exploit on their ETH pools, Conic Finance was hacked for a second time. Although Conic had assured the public that the incident was limited to the ETH pool and other pools were not at risk, an attacker successfully exploited their crvUSD pool. The attacker stole around $934,000, though ultimately only was able to realize around $300,000 in profit.
Theme tags: Hack or scam
Tech tags: DeFi

Party Parrot team prepares to "vote" to allocate themselves 80% of initial offering funds, around $60 million

You almost have to hand it to the Party Parrot team, they really figured out how to take advantage of ostensibly "decentralized" governance to line their own pockets. After raising $80 million in an "IDO" — initial DEX offering — in September 2021, the project is now embarking on a governance "vote" that would cash out the project treasury and distribute it to PRT token holders. However, the project team also unilaterally decided to unlock tokens held by the team in November 2022, meaning that the project now has access to 80% of the token supply — the same tokens that will decide the outcome of the vote.

If the vote passes, and it likely will given the massive supply of tokens available to the team, the team will have just decided to distribute around $60 million in remaining funds to themselves, leaving $12 million to the token holders.

One commenter on the proposal described the move as "a pure financial crime". Another wrote, "The community has already explained in painstaking detail why we're not interested in this. The pro-rata value is an extreme lowball and fails to account for many of the team's misuses of the treasury without the community's consent. The team also prematurely unlocked the team and VCs' vesting tokens, so they are the majority token holders, making this vote meaningless and a total farce."

Theme tags: Shady business
Tech tags: DAO, DeFi

Conic Finance exploited for $3.2 million

A re-entrancy vulnerability in the Conic Finance defi project enabled an attacker to steal 1,700 ETH (~$3.22 million) from the project's ETH pool.

Conic Finance announced that they had disabled deposits on the front-end of their project, and were working to patch the vulnerable smart contract. The team also attempted to contact the exploiter via blockchain message, asking if they "would be open to discussing any potential next steps".

Theme tags: Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: DeFi

Melania Trump's space NFTs likely violate NASA policy

A photo of Buzz Aldrin in a space suit on the surface of the moon, superimposed on an iPod Nano-esque object where the screen would beMan on the Moon NFT (attribution)
Melania Trump doesn't seem willing to let the flop of her first NFT project, which ended with her allegedly buying the NFT herself, slow her down. She's just announced a line of Apollo 11-themed NFTs, because apparently our former first lady is a big space buff. The Man on the Moon NFTs sell for $75 each, and feature a 1969 photo of Buzz Aldrin on the moon surface, bizarrely superimposed on what appears to be a 2007-era iPod Nano.

As a photo produced by a federal agency, NASA's image is not copyrighted. However, NASA policy outlines "strict laws and regulations", including that "NASA is not approving any merchandising applications involving Non-Fungible Tokens (NFTs), as they are not consistent with the categories of products the agency is approved to merchandise... NASA does not wish for its images to be used in connection with NFTs."

The NFTs don't seem to be exactly flying off the shelves. The collection contains 500 copies, and according to the website, only 55 have been sold in the week following the project's release, garnering Mrs. Trump $4,125.

Theme tags: Bad idea, Shady business
Blockchain tags: Blockchain: Solana
Tech tags: NFT

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.