ZKasino scam suspect arrested by Dutch police
- "More than 11 million euros seized and man arrested in investigation into gambling platform scam", Dutch Fiscal Information and Investigation Service [archive]
Instagram influencer Jay Mazini sentenced to seven years in prison for crypto fraud
Mazini also ran a scam targeting the Muslim community in New York, via a company called Halal Capital. In reality, this was a Ponzi scheme, and payouts to his investors were funded in part by the crypto scam he was also running.
Mazini was arrested in March 2021 on kidnapping charges, after he kidnapped and beat someone who might have witnessed his frauds. He was sentenced to five years in prison for that charge, to which he pled guilty. His new fraud sentence will be served concurrently with the kidnapping sentence.
In addition to seven years in prison, Mazini has been ordered to forfeit $10 million. Restitution has not yet been determined.
- "Instagram Influencer Known as 'Jay Mazini' Sentenced to 84 Months in Prison for Overlapping Fraud Schemes", U.S. Attorney's Office, Eastern District of New York [archive]
- "Serial Scammer and Instagram Influencer Jay Mazini Pleads Guilty", The Daily Beast [archive]
Samourai Wallet operators charged over crypto mixer operations
Rodriguez was arrested in the United States; the United States will seek extradition for Hill, who was arrested in Portugal.
Samourai Wallet advertised itself as "a bitcoin wallet made for the streets", which would "keep your transactions private, your identity masked, and your funds secure". It touted features including "remote self-destruct", and would hide itself from a phone's applications list. As charges were filed in the United States, the wallet's website began displaying a seizure notice that informed visitors of a coordinated law enforcement action by the US Attorney's Office in the Southern District of New York, FBI, IRS, Europol, and Portuguese and Icelandic police. The app was also removed from the Google Play Store.
- "Founders And CEO Of Cryptocurrency Mixing Service Arrested And Charged With Money Laundering And Unlicensed Money Transmitting Offenses", U.S. Attorney's Office, Southern District of New York [archive]
ZKasino rug pulls after raising $33 million
Instead, the project's creators transferred those more than 10,500 ETH ($33 million) to Lido, an Ethereum staking service. As for the "return" of funds, the project team indeed followed through with their promises to return the crypto... except instead of ETH, depositors received the project's native token, ZKAS, which would vest over a period of 15 months. The project announced that they had calculated the ZKAS distribution based on a discounted rate, "as a favour to our users who have bridged to participate in the ecosystem". Gee, thanks!
One investor in the project wrote, "We made a mistake investing in Zkasino early. ... [I]t sounds like a scam, but 95% of crypto consists of such crap. With memecoins pumping every day, people believe this could be the next one."
It seems that ZKasino's creators have links to other crypto scams, including a failed "ZigZagExchange", which raised around $15 million that was allegedly misallocated to work on the ZKasino project. Crypto sleuth zachxbt had also described the team as "proven bad actors" in December, listing multiple instances in which they had avoided making promised payments.
After the rug pull, the project's planned IDO on Ape Terminal and AIT Launchpad were canceled, and MEXC (which had invested in the project's seed round) canceled the token listing.
Hedgey Finance hacked for almost $45 million
The majority of assets were stolen from Hedgey on the Arbitrum layer-2 network, although around $2.1 million of them were stolen from the version deployed on the Ethereum mainnet.
Hedgey Finance confirmed the exploit, and sent an optimistic and congratulatory message on-chain: "Well done for finding it! We're assuming you executed this exploit as a white hat, so we'd like to get in touch with you to discuss next steps." No on-chain response thus far.
- Tweet by Hedgey Finance [archive]
- Hedgey Finance, Rekt [archive]
- On-chain message from Hedgey Finance to the thief
Hong Kong police arrest 72 people, freeze $29 million in connection to JPEX
According to Hong Kong police, they have received more than 2,600 complaints about JPEX, involving HK$1.6 billion (~US$204 million) in assets.
- "Hong Kong JPEX cryptocurrency scandal: 72 arrested, HK$228 million in assets frozen so far", South China Morning Post [archive]
Avi Eisenberg convicted of $110 million Mango Markets heist
Shortly after he was identified as the person behind the attack, Eisenberg tweeted that he "was involved with a team that operated a highly profitable trading strategy last week. I believe all of our actions were legal open market actions". Sadly for him, jurors didn't share this belief.
Eisenberg faces up to 20 years in prison.
Roger Stone endorses $TRUMP memecoin with misleading posts
What he failed to mention is that the tokens in Trump's wallet were airdropped to him, likely without Trump even realizing it. Several of Trump's crypto wallets are publicly known, and people send coins and NFTs to them all the time. Trump has no more endorsed Stone's "MAGA Memecoin" than he has the "HarryPotterTrumpHomerSimpson777Inu" tokens that also sit in his crypto wallet.
Elsewhere, Stone disclosed, "My promotion of MAGAMemecoin is, of course, sponsored." I haven't been able to find where he has disclosed the amount he was paid for these promotions, as he is required to do.
$2 million emptied from Grand Base real world asset platform
The team behind the project claimed that the deployer wallet had been compromised, allowing an attacker to drain the project's liquidity pool. Altogether, 615 ETH (~$2 million) was taken from the project.
Grand Base is a platform where users can trade "gAssets", which are crypto tokens that represent stocks in tech companies including Amazon, Apple, Google, Meta, and Microsoft.
tea.xyz causes open source software spam problems, again
Max Howell, the creator of tea.xyz (and creator of homebrew, though he's no longer involved), seemed apologetic, and promised to make changes to the protocol to stop this spammy behavior.
Now, deprived of that avenue, people are just creating massive waves of empty software packages, with nothing other than a "teafile" with their crypto wallet address for rewards, and submitting them to package managers like NPM and RubyGems.
This spam prompted a blog post from RubyGems, who wrote that they had to devote time to strengthening limits on package publishing and "ensuring [accounts] didn't disrupt the community further."
Security researchers at Phylum also wrote up the protocol's impact on the JavaScript world, which has seen as many as 7x as many packages published on NPM as previous daily averages. "Automated sustained spamming of this volume for months on end is rare and does nothing but cause heavy strain on the ecosystem itself, degrading the performance of the ecosystem for genuine users and straining open source security researchers," they wrote.