People joke about being "rugged" by Ukraine as the country cancels its planned airdrop

March 3, 2022

People joke about being "rugged" by Ukraine as the country cancels its planned airdrop

Ukraine canceled its promised cryptocurrency token airdrop on the day it was expected to happen. Government officials had previously announced that anyone who donated by March 3 would receive an airdropped cryptocurrency token as a reward; this was a promise that spurred a large total number of donations, though relatively few of much size. Protocol reported that 95% of people donated amounts of 0.01 or 0.001 ETH (equivalent to $28 or $2.80), apparently primarily in hopes of getting the promised reward.

Some publications have speculated that the airdrop was canceled because someone tried to spoof the tokens, but it doesn't appear that Ukraine has given a reason for the change in plans. After the cancellation, many commenters on Twitter, all of whom were hopefully joking, wrote that they had been "rugged" by Ukraine — using the common slang for crypto scams in which people are convinced to buy in on a project that then takes the money and doesn't follow through on its promised plans. In the tweet announcing the cancellation, Ukrainian Vice President Mykhailo Fedorov wrote, "After careful consideration we decided to cancel airdrop. Every day there are more and more people willing to help Ukraine to fight back the agression. Instead, we will announce NFTs to support Ukrainian Armed Forces soon. We DO NOT HAVE any plans to issue any fungible tokens". What a world we live in.

"Ukraine Cancels Crypto ‘Airdrop’ Rewards for Donations", Bloomberg News
"Ukraine canceled its crypto airdrop. It’s turning to NFTs instead.", Protocol

March 3, 2022

Someone tries to spoof promised Ukraine airdrop

After embracing cryptocurrency donations to help fund its resistance to Russian invasion, the Ukrainian government decided to try to solicit even more donations by announcing they would airdrop a token to anyone who donated. There was some excitement on March 3 as it appeared that Ukraine was seeding liquidity pools on Uniswap with $WORLD tokens. However, blockchain analysis tool Etherscan shortly afterwards marked the token as "misleading... and may be spam or phishing". It's not yet clear what the person apparently spoofing the tokens was trying to do.

"Apparent Ukraine WORLD Airdrop Might Be Spoof", CoinDesk

March 2, 2022

Conspiracy theorists Brian Rose and David Icke get in on the defi and NFT grift

Brian Rose and David Icke pose next to one another with their arms crossed

Brian Rose and David Icke (attribution)

Conspiracy theorists Brian Rose and David Icke are together known for their April 7, 2020 interview where Icke attempted to draw unsubstantiated links between the rollout of 5G cellular technology and the COVID-19 pandemic. Independently, Icke is also known for many other conspiracy theories, including the antisemitic theory that an interdimensional race of reptilian creatures form the Illuminati, and control humans through fear.

Rose, for his part, runs a show called Brian Rose's DeFi Real, where he has published episodes like "Create your Career in Crypto: How to Become a DeFi Influencer, Educator & Fund Manager", and "The Next 100x Coins: How to Pick the Big Crypto Winners". As for the Rose and Icke duo, not only have they teamed up to broadcast COVID-19 conspiracy theories, they've also turned that project into NFTs, with a 100-item collection consisting of several-minute-long portions of their COVID-19 conspiracy TV series. Although all of the NFTs were given away, only a single NFT has experienced any trading so far.

Personally, I'm shocked to see the conspiracy theorists and crypto communities overlapping in this way.

March 2, 2022

Bug in Treasure NFT marketplace results in listings being sold for free

A pixel art monkey with a large brain, who appears to be made out of gold

Smol Brains #5203 (attribution)

The Treasure NFT marketplace on Arbitrum (a layer 2 network built atop Ethereum) apparently experienced a bug that allowed someone to "buy" NFTs in transactions where they sent 0 currency. The attacker particularly seemed to target the "Smol Brains" NFT project, likely because of its relatively high value — the project has a floor price of almost $10,000. Some of the NFTs that were transferred at no cost to the attacker had been listed for several times that floor price, including one gold-colored Smol Brain (pictured) that had been put of for sale for the equivalent of $560,000.

At least 17 Smol Brains NFTs were stolen, which were listed for a combined total of around $1.4 million. PeckShield reported that more than 100 NFTs from multiple collections had been stolen. They reported that the exploit was due to a bug in their contract that allowed an attacker to set a quantity of 0 in a transaction, which when multiplied by the item price resulted in a total price of 0.

TreasureDAO co-founder John Patten wrote in a tweet while the hack was ongoing that "We will cover the costs of the exploit — I will personally give up all of my Smols to repair this."

March 1, 2022

Waves protocol Vires Finance loses $530 million after questionable withdrawals

(attribution)

An up-and-coming defi lending project called Vires Finance, which was based on the Waves protocol, offered high returns of 30–70% APY on stablecoins placed in the project. As with so many promises of huge returns, this one fell apart when wallets began siphoning millions of dollars from the protocol by putting up the Waves-based algorithmic stablecoin USDN as collateral, and then withdrawing stablecoins like USDC and Tether. When the USDN stablecoin later de-pegged, those with funds on Vires Finance were left with around $530 million in bad debt.

Waves founder Aleksandr Ivanov blamed the withdrawals on outsiders. However, various crypto researchers believe they have identified Ivanov as the one behind wallets involved in the mass withdrawals.

"Waves founder’s role in lost $530m raises questions about who’s to blame", DL News

March 1, 2022

One contracted developer writes malicious code for 32 different NFT projects

Rendering of a spherical planet with dark green trees interspersed with futuristic skyscrapers

Thestarslab #6333 (attribution)

A developer offering his services on the freelancer marketplace Fiverr was hired by 32 different NFT projects, for which he wrote and deployed the smart contracts. The first project to be compromised via the malicious code was "TheStarsLab" project, when the developer renounced ownership on the mint contract, making it impossible for the project team to access the funds. The developer is the only one who has the ability to move the money out of the project contract, though as of a month after the attack on the project, the 197 ETH stuck in the contract (~$580,000 at the time of the attack; ~$648,000 as of April 10).

About 2/3 of the other affected projects had yet to launch or had no social media presence. Crypto sleuth zachxbt tried to contact the other 1/3, and some of the projects were able to migrate contracts before any malicious actions. zachxbt wrote, "Funny enough when I reached out to all the different projects the ones that responded said they either didn't read over the smart contract beforehand or weren't the most technically inclined teams." On April 7, OpenSea contacted zachxbt to say they had frozen trading for all contracts created by the developer.

March 1, 2022

Hackers who stole data from Nvidia demand the chipmaker remove cryptomining limitations on GPUs

(attribution)

In late February, the Lapsus$ ransomware group claimed to have breached Nvidia's corporate network and stolen more than a terabyte of data, which they say includes schematics and source code for drivers and firmware, as well as employee credentials. Instead of the typical monetary ransom, Lapsus$ demanded something unusual: that Nvidia remove the "Lite Hash Rate" (LHR) feature from their graphics card. LHR is an artificial limitation that Nvidia has applied to their line of gaming chips, which makes them less attractive to cryptominers who have otherwise been causing shortages in GPUs.

Lapsus$ initially promised that if Nvidia removed LHR from their 30-series line of chips, they would "forget about [the hardware] folder (it's a big folder)". However, they updated their demand on March 1, demanding that Nvidia either make all current and future drivers for all of their cards open source ("while keeping the Verilog and chipset trade secrets... well, secret"), or else they would publish all files for Nvidia chips. They wrote that Nvidia had until March 4 to make a decision. As of March 3, Nvidia had not made a statement around whether they would acquiesce to the hackers' demands.

"Cybercriminals who breached Nvidia issue one of the most unusual demands ever", Ars Technica

March 1, 2022

Former ConsenSys employees demand audit regarding MetaMask and Infura's transfer to a new company

(attribution)

A group of 35 former employees of the startup incubator ConsenSys filed a request for an audit of a transfer of the company's "crown jewel" assets to a new company, which they say "was to the detriment of the minority shareholders". The requested audit relates to an August 2020 deal that saw the cryptocurrency wallet MetaMask and the developer platform Infura be transferred to a brand new entity. The transaction also resulted in the banking giant JPMorgan taking a 10% share in ConsenSys, and in a $39 million loan by ConsenSys founder being offset. The shareholders allege that MetaMask and Infura were massively undervalued in the trade; an allegation that a ConsenSys spokesperson has rebutted, saying that "the group would like to apply a valuation that might be achieved today to a set of projects that were pre-monetization during the darkest days of Covid when the transaction took place".

"Crypto Company ConsenSys Under Fire From Shareholders Demanding Audit", Blockworks
"Crypto Powerhouse ConsenSys Faces Action by Former Employees", Bloomberg

March 1, 2022

Far-right social network Parler launches an NFT platform where you have to pay with credit cards

An illustration of Donald Trump wearing rhinestone sunglasses and a rhinestoned tuxedo and bow tie, in front of rhinestoned text reading "TRUMP"

CryptoTrump (attribution)

You might think if Parler was going to create an NFT celebrating their hero, they wouldn't include along with their promotional material the example most reminiscent of Milo Yiannopoulos, the man who's been so effectively deplatformed that he's had to resort to selling statues of the Virgin Mary on a home shopping TV channel. On March 1, the far-right social network Parler announced their "CryptoTrump" NFTs, which will sell on their "DeepRedSky" NFT platform. The platform is built on the Solana blockchain, and has already helped Melania Trump "sell" (wash trade) her NFTs. Their inaugural project is a collection of 250 algorithmically-generated Trump NFTs, which will sell for $2,750 each and eventually be part of a collection of 10,000 items.

Although Parler's press release contains a lot of their usual chest-thumping about "freedom from Big Tech", the DeepRedSky NFTs can only be minted with credit cards, with payments being processed through Stripe. The good news: if you aren't getting enough of a rush out of the risks involved with crypto in general, you can get a new thrill from giving your personal information to a platform that's been hacked multiple times.

"Parler Launches NFT Marketplace With New Trump NFTs", Forbes

February 28, 2022

GenomesDAO wants you to give them your genetic data, which they acknowledge is "data that can be exploited in ways we cannot even imagine yet"

An illustration of a calico cat with green eyes

Who's going to tell them cats don't have human eyebrows? (attribution)

GenomesDAO has created a platform which they promise will allow people who wish to sell their genetic data to have more control over it. They write that genetic data is "data that can be exploited in ways we cannot even imagine yet" and go into a list of these possible exploits — and this is apparently why you should definitely entrust it to a company building in a space known for its endless hacks. The company promises to help users earn money through selling access to their genome — though of course this isn't until step five in their roadmap. They're currently at step two or step three, depending on which version of your roadmap you look at; both steps seem focused on creating cat NFTs out of your genetic data for some reason.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.