Suddenly, on February 23, the project deleted its social media accounts and most of its Discord. Fox wrote in the remaining Discord announcements channel that "The time and attention that y’all deserve and that I wanted to give you all/what this project requires, was not known to me and I overstepped and stretched myself too thin, trying to do this project in the middle of an NBA season." He promised to send anyone who bought more than five NFTs (which would have cost ~0.4 ETH, around $1,300, if bought at mint price) a signed jersey (available for purchase online for around $100).
The following day, after some attention was drawn to the rug pull, Fox released a Twitter statement that said basically nothing at all, and made no mention of reimbursing holders. Meanwhile, the floor price of the NFTs dropped to around 0.003 ETH ($8).
Seller withdraws Sotheby's CryptoPunks auction minutes before it's due to go live, likely due to "tepid" reception
However, 0x650d withdrew the sale only minutes before the auction was due to start, tweeting only "nvm, decided to hodl". CoinDesk reported that, "Perhaps contributing to 0x650d’s reversal were rumors of a tepid reception for the CryptoPunks mega-lot. Three sources, including one bidder on-site at Sotheby’s, told CoinDesk that the highest pre-bid offer was $14 million, which was also the reserve price."
Journalist says she's been able to use chain analysis tools to discover the person behind the 2016 hack of The DAO
Journalist and researcher Laura Shin reported on February 22 that she had successfully used a forensics tool from Chainalysis to discover the identity of the hacker: Toby Hoenisch, a co-founder of the TenX "crypto debit card" project. Hoenisch refused to speak with Shin, and has denied the allegation.
For a technology that makes lofty promises of anonymity and privacy, increasingly-powerful technology is being released that at least claims to be able to unwind crypto mixing and make other connections between wallets and transactions that were previously extremely difficult, if not next to impossible. I imagine there may be a few people behind various crypto crimes sweating a bit as these technologies progress and threaten to unmask those behind other hacks and scams.
After Bleckmann-Dreher's attempts to contact the project were published on Web3 Is Going Great on February 26, Ocean Protocol's founder Bruce Pon commented to say they were "on it", and that he had alerted Data Whale about what appeared to be an issue in the ALGA project. Several hours later, Data Whale announced they would be taking the app offline due to concerns that there was a vulnerability, and that they had contacted the researchers. ALGA was later brought back online after they confirmed the vulnerability was not an issue with their project, but rather with Ocean Protocol itself. Pon acknowledged on February 27 that "there was a configuration issue on Ocean compute-to-data which is being fixed now", and later that day Ocean Protocol cut a new release of their operator engine which appeared to be a patch.
Coinbase CEO tries to weave a compelling story about how their own team came up with a Super Bowl ad that "broke the rules on marketing", is quickly revealed to just be taking credit for the work of an outside ad agency
Unfortunately for him, CEO of The Martin Agency Kristen Cavallo showed up with receipts: "It was actually inspired by presentations our agency showed your team on 8/18 (pages 19-24) and 10/7 (pages 11-18) with ad concepts for the Super Bowl with floating QR codes on a blank screen."
I guess if there is a lesson here it is that if you're going to take credit for someone else's idea to try to make your team sound good, maybe you shouldn't also use it as an opportunity to dunk on the people who actually came up with the idea.
On February 20, 0xbrainjar confirmed that he was indeed Zaki. He wrote, "I did this so that my efforts to build up a suite of products would not be shadowed by a mistake that I made in my past.... 0xbrainjar was a place for me to not be defined by this serious misstep (which has been settled and was amplified by the media)". He also wrote on Twitter that "I do not want a mistake in my youth to cloud all of the team's efforts", though the SEC charge was filed less than three years ago, when Zaki was 21.
Some users directed their anger at Assure DeFi, a project that claims to "privately verify the identity" of various projects. The group had reportedly verified the identities of those behind Atom Protocol, lending the project credibility to some who bought in. Assure later tweeted that "many people are still misunderstanding the role of KYC/verification. KYC is a deterrent and not a scam prevention and if anyone says otherwise they are misleading you."
Seventeen OpenSea users have their NFTs stolen and flipped for a total of $2.9 million by a phishing scammer
An hour and a half after users began to report missing NFTs, OpenSea finally acknowledged the issue. They tweeted that they were "actively investigating rumors of an exploit associated with OpenSea related smart contracts", and wrote that they believed it was a phishing attack coming from outside of OpenSea, rather than an issue with their contract. It was later determined that an attacker had successfully phished 17 OpenSea users into signing a malicious contract, which allowed the attacker to take the NFTs and then flip them. Bizarrely, the hacker returned some of the NFTs to their original owners, and one victim inexplicably received 50 ETH ($130,000) from the attacker as well as some of his stolen NFTs back. The attacker later transferred 1,115 ETH obtained from the attack to a cryptocurrency tumbler, worth around $2.9 million.