Bitcoin briefly spiked by about $1,000 before dipping around $1,000 below its previous price, as traders excitedly reacted to the news, and then the news that the news was fake.
SEC Twitter account compromised, used to falsely announce approval of bitcoin spot ETFs
As the crypto industry collectively turns blue holding its breath for a decision on a raft of bitcoin spot ETFs currently in front of the SEC, the SEC Twitter account was hacked. The hacker posted an announcement stating that the Commission had approved bitcoin ETFs, even including a graphic with a fake quote from Chairman Gary Gensler.
"Bitcoin Rodney" arrested in relation to Hyperverse scam
A crypto influencer known as "Bitcoin Rodney" was arrested by US authorities for his involvement in the HyperVerse crypto scam, which fleeced victims out of over $1 billion. In addition to promoting the scam, Bitcoin Rodney allegedly received more than $7.8 million directly from victims, which he exchanged for HyperVerse's $HU token. $5.8 million of this money was received after HyperVerse had disabled converting $HU to cryptocurrency, meaning that the victims never even had the opportunity to cash out their "investments".
Bitcoin Rodney has been charged with operating an unlicensed money transmitting business and conspiracy to operate an unlicensed money transmitting business.
- USA v. Rodney Burton criminal complaint [archive]
"Undead Apes Society" creator charged over rug pull
The creator of a Solana-based NFT project called Undead Apes Society has been charged with money laundering conspiracy and making false statements to investigators after rug-pulling fans of his NFT project. Devin Rhoden, an active duty Senior Airman in the US Air Force, had created the project and minted two collections: UndeadApes and Undead Lady Apes. They promised to then mint a third collection, "Undead Tombstones", which was highly anticipated. However, the project turned out to be a rug pull, and the prices of the two previous collections also plummeted as a result of their connection to a scam project. The Undead Tombstones project raised 1,250 SOL in April 2022, which was at the time priced at around $128,000.
When investigators subpoenaed Discord for Rhoden's chat logs, they found messages celebrating the rug pull. "good shit on us making a fuck ton of money," he wrote to his co-conspirator.
MangoFarmSOL rug pulls for $2 million
A Solana yield farming project called MangoFarmSOL encouraged people to deposit Solana tokens into the protocol to earn airdrops by January 10. However, on January 6, the project appeared to make off with all the tokens — around $2 million worth. They subsequently deleted their website and Twitter account, and closed their Telegram channel to new members.
MangoFarmSOL is unrelated to the other Solana-based mango-themed project, Mango Markets, which was exploited in October 2022 for more than $100 million.
Narwhal likely exit scams for $1.5 million
A cryptocurrency project called Narwhal appears to have rug-pulled, claiming that they were hacked. In a post on their Twitter account, they claimed that a "hacker attack" caused "significant losses to [their] community members", but urged followers to "maintain trust in the platform".
However, investigation by the CertiK blockchain security firm suggests that the "hack" may have been an inside job, with much of the $1.5 million that was "stolen" going to wallets with links to the Narwhal team.
The Narwhal project had launched in mid-December.
xKingdom rug pulls for $1.25 million
The xKingdom project promised users a way to "build your kingdom" on Twitter, earning tokens by interacting with tweets and doing "quests". Users had to borrow XKING tokens in order to participate.
On January 6, the project's creators drained the tokens that had been put into the project, then deleted their website and social media accounts. Altogether, they withdrew 558.3 ETH (~$1.25 million).
CoinsPaid hacked again
The crypto payments platform CoinsPaid was hacked for the second time in six months. This time, around $7.5 million in various tokens was stolen.
In July 2023, an attacker stole $37.3 million from the CoinsPaid platform. CoinsPaid said at the time that they suspected the attacker was the North Korean Lazarus hacking group, which has been a prolific perpetrator of cryptocurrency thefts.
Blockchain security firm CertiK suffers compromise of their own
The Twitter account of the blockchain security company CertiK was hacked, then used to post tweets ostensibly warning of a massive crypto vulnerability and urging users to click a link to protect their wallets, but which instead linked the account's some 340,000+ followers to a site that would drain their wallets if connected.
CertiK quickly regained control of the account and deleted the tweets, later explaining that an employee had been contacted by a "verified account, associated with well-known media". The journalist's account, apparently compromised, successfully phished the CertiK employee by sending what looked like a Calendly meeting scheduling link, but what was in fact a malicious link used to take over the CertiK Twitter account.
Blockchain sleuth zachxbt criticized CertiK, which describes itself as a leading blockchain security firm, for not protecting against the attack, and asked if they would be reimbursing phishing victims.
Gamma Strategies exploited for $6.2 million
The Gamma Strategies defi protocol suffered an exploit when an attacker targeted their vaults on several projects across the Arbitrum layer-2 network. The attacker successfully stole almost $6.2 million from these vaults by manipulating the price of some of the assets involved.
Gamma has contacted the hacker to try to negotiate a return of some of the assets, and also says they have engaged law enforcement. Although they have promised to try to repay some of the stolen assets, they are estimating between 25% and 40% recoveries for various categories of users.
- "Post-Mortem & Remediation Plan", Gamma Strategies [archive]
- "DeFi protocol Gamma Strategies suffers an estimated $3.4 million exploit", The Block [archive]
Radiant Capital lending protocol hacked for $4.5 million
Radiant Capital, a cross-chain lending protocol built on the Arbitrum layer-2 network, was hacked for 1,900 ETH (~$4.5 million). The exploit relied on a flaw in the underlying code, which was forked from Compound and Aave. The original code has a known rounding issue, which makes new projects vulnerable to attack shortly after they are deployed if they are not specifically configured to avoid the issue. In this case, the attacker had observed the contract being deployed and performed the exploit only six seconds after the project was activated.
Radiant Capital sent an on-chain message to the attacker, offering to negotiate a bounty.
- Tweet thread by Radiant Capital [archive]
- Tweet thread by PeckShield [archive]
- On-chain message from Radiant Capital to the exploiter [archive]