The U.S. began sanctioning various wallet addresses belonging to the hackers in mid-April, though have faced obstacles given that it is trivial for the hackers to create new wallets. The use of cryptocurrency tumblers (also called "mixers") has also stymied the government's attempts to limit the DPRK's access to the ill-gotten funds. Blender is not the primary tumbler that Lazarus has been using — that would be Tornado Cash, which they have used to tumble more than $213 million from the hack. Tornado has taken perfunctory steps to comply with sanctions, but nothing that would meaningfully impact Lazarus' ability to use the service.
U.S. Treasury sanctions cryptocurrency tumbler Blender, the first sanction of its kind
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced that they had sanctioned the North Korean cryptocurrency tumbler Blender.io. This was the first U.S. government sanction levied against a cryptocurrency tumbling service. Blender was used to launder more than $20.5 million of the $620 million stolen in March from the blockchain used by the play-to-earn game Axie Infinity. The U.S. government has alleged that the North Korean state-sponsored cybercrime group Lazarus was behind the hack.
- "U.S. Treasury Issues First-Ever Sanctions on a Virtual Currency Mixer, Targets DPRK Cyber Threats", U.S. Department of the Treasury
Someone hijacks a Ferrari domain to host scam NFT mint
Someone was able to gain control of a ferrari.com subdomain to create a scam NFT mint. Most scam NFT projects rely on eager NFT collectors not noticing a URL that isn't quite right — for example, something like ferrari-nft.com. This one was able to gain some additional legitimacy by using an actual ferrari.com subdomain. Additionally, Ferrari had recently announced an upcoming NFT project, making the scam project seem more plausible.
Sadly for the scammer, the scam was discovered and shut down when they had only managed to scam one person. The unsuspecting collector sent 0.3 ETH ($800), which the scammer transferred to Tornado Cash.
- "Ferrari subdomain hijacked to push fake Ferrari NFT collection", BleepingComputer
Day of Defeat project rug pulls for $1.35 million
The token associated with the Day of Defeat project, which describes itself as a "radical social experiment token mathematically designed to give holders 10,000,000X PRICE INCREASE" (🚩🚩🚩), suddenly dropped in value by more than 96% as the project rug pulled. More than $1.35 million worth of assets were drained from the BSC-based project and transferred to external wallets.
The project's website is one of the most absurd I've seen, promising that "all final holders will get 10,000,000x gains". Their project roadmap includes a "mystery plan" that results in a 1,000,000x price increase. Their FAQ states, "First of all, we promise that the team will not redeem the fund pool." Apparently projects based on pinky swears aren't great investments.
After the funds were drained, the project claimed that they had been compromised by an external actor, and had "reported to Binance and local authorities".
OpenSea Discord hacked
The OpenSea Discord server was compromised, allowing a scammer to post a seemingly-official announcement that OpenSea was partnering with YouTube on a line of NFTs. They urged people to act quickly to snag one of only 100 free NFTs that would offer "insane utility".
Given OpenSea's prominence, it's surprising that the hacker managed to obtain relatively few NFTs of much value. The wallet appeared to have successfully stolen only 13 NFTs, none of which were from high-value collections, that are worth a collective $20,000 if resold at the collections' floor prices.
OpenSea tweeted several messages acknowledging the hack and urging users not to click any links. They have not yet confirmed that they've conclusively re-secured their server.
"Double your money" scam using an old livestream of Elon Musk, Jack Dorsey, and Cathie Wood earns crypto scammers $1.3 million in 24 hours
Crypto scammers on YouTube rehosted a "live" panel discussion — actually from "The ₿ Word" conference in July 2021 — in which Elon Musk, Jack Dorsey, and Cathie Wood discussed "Bitcoin as a Tool for Economic Empowerment". The scammers added a frame around the video that advertised "giveaways" and "double your money" scam websites. The websites promised that if you sent cryptocurrency to the address, you would receive twice as much in return — a classic scam I remember from the Runescape days, which has also enjoyed success in crypto markets for years. The scammers inflated YouTube subscriber and active watcher numbers to add legitimacy to their streams, and some of them faked screenshots of tweets from Musk.
McAfee identified 26 scam websites that were linked from the YouTube livestreams, which altogether took in $1.3 million in Bitcoin and Ether in a 24 hour period.
Mining Capital Coin CEO indicted for $62 million investment fraud scheme
The Department of Justice unsealed an indictment on May 5, showing that Mining Capital Coin's CEO and founder Luiz Capuci Jr. was charged with orchestrating a $62 million investment fraud. Capuci allegedly misled investors about MCC's program, which he said would use investors' money to mine new cryptocurrency and would generate guaranteed returns. Instead, Capuci put the funds into his own crypto wallets, and used them to fund his own lifestyle of Lamborghinis, real estate, and a yacht. Capuci also allegedly ran a pyramid scheme of promoters, to whom he promised luxury gifts including iPads and luxury cars.
Capuci was charged with conspiracy to commit wire fraud, conspiracy to commit securities fraud, and conspiracy to commit international money laundering. If convicted on all counts, he could be sentenced to up to 45 years in prison.
- "CEO of Mining Capital Coin Indicted in $62 Million Cryptocurrency Fraud Scheme", U.S. Department of Justice
Pragma defi protocol developers rug pull for $1.5 million
The Pragma defi project on the Fantom blockchain announced that their treasury and project wallets had been drained for around $1.5 million in $FTM.
The rug pull appeared to have been perpetrated by one team member, although several other team members had to sign off on the transaction in order for it to go through.
The team had had their real-life identities verified by Obsidian, and remaining team members said they were working with Obsidian to try to investigate those behind the theft. Third-party KYC verification like the service Obsidian provides is often used by crypto projects to increase trust, though Pragma is hardly the first project with this kind of verification that stole funds anyway.
Juno accidentally transfers $36 million in seized funds to inaccessible wallet address
A protracted discussion and two different votes ended with the Juno project deciding to confiscate all but 50,000 of the 3 million $JUNO accumulated by one individual. When the discussions began, the 2.95 million $JUNO to be confiscated were worth a combined $121 million. However, the $JUNO price has dropped from the then all-time-high of around $40 to under $13, putting the value of the tokens to be confiscated closer to $38 million.
Juno intended to transfer the seized tokens from the individual whale's wallet to a community-controlled wallet. However, the person making the transfer accidentally copied and pasted the wrong value, resulting in the funds being sent to a wallet address that no one can access — effectively burning the tokens.
Daniel Hwang, who helps run one of the Juno validators, said to CoinDesk, "We fucked up big time". He also offered an unusual opinion: "Validators should have due diligenced for ourselves to actually check the code we're executing and running".
Shortly after the botched transaction, the Juno community began voting on a proposal to hard fork a second time to fix their mistake.
Attacker compromises MM.Finance to redirect $2 million in crypto assets to their own wallet
MM.Finance, a group of crypto projects based on the Cronos blockchain, suffered an attack that allowed a hacker to redirect more than $2 million worth of crypto assets that were being exchanged through the project's website to their own wallet. Although MM.Finance described the attack as "DNS hijacking", it seems unlikely this is an accurate description of the attack, which seems more likely to involve phished credentials to their domain service providers.
"Please do not perform any transactions or your funds will be sent to the exploiter wallet," MM.Finance tweeted shortly before taking the website offline. Three days earlier, MM.Finance had published a blog post to address "FUD" in their ecosystem stemming from a popular Reddit post that described MMF as an "inverse pyramid of derivatives" that the author believed would "topple", and outlined the project's "rosy future".
The project promised to try to compensate users, with its developers foregoing 45 days of trading fees to reimburse users. They also appealed to the OKC crypto exchange to intervene to help recover funds from someone they believed to be the attacker, and threatened the attacker with the FBI. "With all these information, we have more than what we need to bring this information to the FBI," they wrote on Twitter. "So here's the deal, return 90% of the funds you stole and we will let this go, no questions asked. You have 48 hours to return these funds."
- Tweet by MM.Finance
- "Mm Finance — The road ahead", MM.Finance blog
- "Personal Take on Events and Existing Tokenomics", post from r/MMFinance
- "DNS Hi-Jacking Post Mortem & Compensation", MM.Finance blog
ape holders can use multiple slurp juices on a single ape
a lotta yall still dont get it
ape holders can use multiple slurp juices on a single ape
so if you have 1 astro ape and 3 slurp juices you can create 3 new apes
Tonight's slurp juice mint event is essentially a minting event for both Lab Monkes and Special Forces