Prime Trust files for bankruptcy

After the Nevada Financial Institutions Division issued a cease and desist describing Prime Trust as insolvent in June, then successfully requested the company be placed into receivership days later, it's no huge surprise that Prime Trust has filed for bankruptcy.

Prime Trust is a crypto custodian that previously served companies including Binance US, Swan Bitcoin, and BitGo. Just a year ago, the company announced they had raised $100 million in a Series B funding round, and planned to add crypto retirement accounts to its list of products. It's probably a good thing that didn't pan out.

According to bankruptcy documents, Prime Trust has between $50 million and $100 million in assets, but between $100 million and $500 million in liabilities. They report having between 25,000 and 50,000 creditors.

RocketSwap exploited after key compromise

Exploiters stole around 471 ETH (~$857,000) from the RocketSwap project on the Base Ethereum layer-2 blockchain. According to RocketSwap, the project had stored private keys on a server which was then hacked via brute force. "We are very sorry for your loss," they wrote on Twitter.

RocketSwap later announced a plan to airdrop tokens to "compensate" users for the theft. They also tried to reassure projects that were migrating away from RocketSwap that there was "no need to run away, your funds are safe".

Zunami Protocol exploited for more than $2.1 million

The Zunami Protocol stablecoin-focused yield farming aggregator was exploited for more than $2.1 million when an attacker was able to perform a price manipulation attack on the project's primary pool. Zunami attracted users by promising "the highest APY on the market": around 14%. The project had been audited by Ackee and HashEx.

The attack was a "classic price manipulation" exploit, according to the Ironblocks security firm. The attacker was able to steal 1,152 ETH ($2.13 million) from the protocol. They then tumbled the stolen funds through Tornado Cash.

Uniswap developer fired over FrensTech rug pull

After pulling off a rug pull that only netted 14 ETH (~$25,900), Allen Lin (known as AzFlin) lost his day job for the company that maintains the Uniswap DEX. Hope it was worth it.

Lin had created a project called "FrensTech", which aimed to capitalize on the popularity of a product called "friends.tech", and which ultimately accumulated the 14 ETH in fees before he decided to drain liquidity. Lin had not tried to conceal his identity. After the rug pull, Uniswap founder Hayden Adams wrote on Twitter: "Wanted to let people know this person is no longer with the company. Not behavior we support or condone."

Lin was unapologetic, tweeting: "got fired from uniswap, but gained 600 new followers and [crypto Twitter] villain status. net neutral tbh".

Bittrex settles with SEC for $24 million

The Bittrex crypto exchange was charged in April by the SEC for operating an unregistered exchange, broker, and clearing agency. In May, Bittrex filed for bankruptcy. Now, Bittrex has agreed to a $24 million fine to settle the charges from the SEC. If approved, Bittrex will have sixty days after filing a liquidation plan to pay the amount to the SEC — $18.4 million of which is disgorgement, plus a $5.6 million fine.

SpiritSwap to shut down after Multichain collapse

SpiritSwap announced on its Discord that the project will be shutting down on September 1 unless they can find a new team to take over the project by that time. SpiritSwap lost their entire project treasury in the collapse of Multichain, and announced that they have "run out of funds to cover the necessary operational costs." The project plans to remain operational until September 1 to remove their liquidity.

SpiritSwap was previously one of the most popular DEXes on Fantom, boasting an all-time-high of $374 million in January. It now has less than $3 million TVL, thanks in part to the Multichain collapse and to the broader cryptocurrency bear market.

SpiritSwap is only the most recent project to announce its closure as a result of the Multichain fiasco. In July, Geist Finance and Hector Network also announced they would be shutting down due to Multichain contagion.

Multiple wallets compromised due to irresponsible encryption in Libbitcoin project

A team of researchers led by the Distrust security research firm have disclosed a vulnerability they've called "Milksad". The popular Libbitcoin project was used by multiple cryptocurrency wallets to generate private keys, but it turns out it was irresponsibly implemented, producing flawed output. The team used a pseudo-random number generator seeded with only 32 bits of system time to produce private keys, meaning that private keys could be brute-forced in "a few days of computation on the average gaming PC, at most".

Nevertheless, when Distrust disclosed this to Libbitcoin, the team replied first that they were too busy, then twice that "they do not feel this is a bug".

The research team has not yet disclosed which wallets were affected by the vulnerability, but they have estimated that around $900,000 were stolen as a result.

Hundred Finance shuts down after hacks

Hundred Finance is a lending protocol that was exploited in April 2023 for around $7 million, and in March for over $6 million. Since then, they've worked with law enforcement and security contractors to recover the funds, but "imminent return of the stolen assets does not appear to be forthcoming."

The project undertook a vote to shut down the lending service, and use remaining funds in the project treasury to try to compensate those who lost funds in the attack. The project also aims to distribute to victims of the hack claims on any funds that might be returned or otherwise recovered in the future.

The vote passed with 99% of votes in support, effectively sunsetting the project.

Disney exits the metaverse

Disney has shut off the last light in its metaverse division, parting ways with "metaverse chief" Michael White. In February 2022, Disney's then-CEO described the metaverse as "the next great storytelling frontier". That sentiment appears to have been short-lived, because in March 2023, Disney cut its 50-person metaverse team, leaving only White.

Scammers target victims via web3 job search boards

Job listing website called cryptojobs.com, with a highlighted "Premium Job" reading "Beta Testers Needed for... Eco Land"Scam job listing (attribution)
Scammers are constantly coming up with creative new ways to pull off their scams, and the latest seems to be targeting web3-interested individuals via dedicated web3 jobs portals. One Twitter user described an experience in which he applied for a beta testing job for a play-to-earn crypto game, only to have his wallet drained when he downloaded what was supposed to be the game file, but was actually malware. He lost 875 ARB ($1,032), 60 OP ($140), and various other tokens.

"Jobless and a bit poorer, thanks guys!" he wrote. "You're passionate about its technology, you wanna be part of it. You DCA. You hodl. You do everything you can to do things right... you're passionate, love the space, the tech. The people. Your willingness to get a job in Web3 is enormous! I stand for on-chain values, and I wanna be a part of the wave!" he wrote in frustration, trying to explain how he'd gotten scammed. "The apparent legitimacy of these [web3 job listing] sites made me remove the 'watch out filter', and boom."

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.