Skip to timeline

Web3 is Going Just Great

...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.

Created by Molly White. Subscribe to her newsletter for weekly recaps.

SEC sends Wells notice to Robinhood Crypto

Robinhood has disclosed that they received a Wells notice from the US Securities and Exchange Commission in relation to their "Robinhood Crypto" product. This indicates that the SEC believes that some of the assets that can be traded via Robinhood Crypto are securities.

In the past, Robinhood has removed cryptocurrencies from trading after they were alleged to be securities by the SEC, such as Solana (SOL), Cardano (ADA), and Polygon (MATIC) in the wake of the lawsuits against Binance and Coinbase. However, given the SEC's stance that most cryptocurrencies are securities, it seems likely that the SEC believes one or more of the 14 non-bitcoin cryptocurrencies Robinhood offers may also be a security.

Robinhood's Chief Legal Officer issued a statement that "We firmly believe that the assets listed on our platform are not securities and we look forward to engaging with the SEC to make clear just how weak any case against Robinhood Crypto would be."

Theme tags: Law

GNUS.ai exploited for $1.27 million

An exploiter was able to create a fake version of the $GNUS token on the Fantom blockchain, then bridge the tokens to Ethereum and Polygon where they were then sold as though they were authentic. They were able to drain $1.27 million from the project's liquidity pools.

GNUS.ai (short for "Genius", not a reference to the animal) is one of many AI-related blockchain projects that has sprung out of the recent AI hype. This particular one promises to allow people to "utiliz[e] unused cycles" on various computing devices for computation-intensive AI systems, using cryptocurrency for payments.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Ethereum, Fantom, Polygon

Wallet loses over $72 million to address poisoning

An Ethereum wallet was apparently drained of 1,155 wrapped bitcoin (~$72.7 million) when they transferred it to a malicious address that had been operating an address poisoning scheme.

Address poisoning is a scam tactic that takes advantage of crypto traders' tendencies to copy and paste wallet addresses from their transaction histories, since the addresses are long strings of characters that are not practical to type from memory. By creating a new wallet address with identical start and/or ending character strings to addresses used by the victim, and spamming the victim with transactions from that similar address, scammers are sometimes able to get victims to erroneously copy the spoofed address for future transfers.

That's what appears to have happened in this case, when a victim transferred 1,155 wrapped bitcoin — tokens pegged to the bitcoin price meant for use on the Ethereum blockchain — to the malicious address.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Bitcoin, Ethereum

Pike Finance exploited for $2 million in two separate attacks

Pike Finance, a cross-chain lending protocol, was exploited twice in four days as attackers discovered vulnerabilities in the project's smart contracts.

The first attack, on April 26, was enabled by a flaw in the security measures related to transfers of the USDC stablecoin. An attacker was able to change the recipient address and amount, ultimately making off with almost $300,000 in the stablecoin. Pike released a postmortem two days later, acknowledging that the bug had been identified by a third-party auditor but had not been rectified by their team.

When the Pike team went to patch the smart contracts to thwart this attack, they introduced new, even worse vulnerabilities. As a result, on April 30, an attacker was able to upgrade the project's smart contracts to malicious ones, then withdraw $1.68 million in ETH, ARB, and OP tokens.

Pike Finance has offered a 20% reward for the return of the funds or information pertaining to the attacker, and has promised "a plan to make users whole". Pike, which launched in early 2024, is backed by Circle and Wormhole.

Theme tags: Bug, Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: lending

Roger Ver arrested for $50 million tax fraud

Portrait of Roger VerRoger Ver (attribution)
Roger Ver, an early bitcoin investor who later became an outspoken evangelist for the fork Bitcoin Cash, has been arrested on tax fraud charges. According to the Department of Justice, Ver evaded almost $50 million in owed taxes by concealing income and lying to tax preparers about his bitcoin assets as he attempted to renounce his US citizenship and become a citizen of the tax haven St. Kitts and Nevis.

Ver was arrested in Spain, and the United States will seek his extradition.

Besides his tax woes, Ver has also been caught up in accusations by CoinFLEX that he owed the platform around $84 million after failing to meet a margin call. Ver has in turn claimed that CoinFLEX owed him money. CoinFLEX filed for restructuring in August 2022.

Theme tags: Law
Blockchain tags: Blockchain: Bitcoin

Changpeng Zhao sentenced to four months imprisonment

Changpeng ZhaoChangpeng Zhao (attribution)
Former Binance CEO Changpeng "CZ" Zhao has been sentenced to four months in prison after pleading guilty to money laundering-related charges. The charges were filed in November, and Zhao entered a guilty plea, resigned from the company, and agreed to pay a $50 million fine.

Prosecutors sought a three year sentence for Zhao, while Zhao requested to serve no time. The judge ultimately decided on a sentence closer to the five-month sentence that was being recommended by the Probation Office.

Theme tags: Law

ZKasino scam suspect arrested by Dutch police

In the wake of the $33 million ZKasino rug pull, Dutch police have arrested an as yet unnamed 26-year-old who is likely "Derivatives_Ape", the creator of the project. The police also seized assets estimated at more than €11.4 million (~US$12.3 million) including real estate, a luxury car, and crypto. According to police, they began investigating the project only days earlier, after hearing reports of the rug pull on Twitter.
Theme tags: Law

Instagram influencer Jay Mazini sentenced to seven years in prison for crypto fraud

Jay MaziniJay Mazini (attribution)
Jay Mazini, an influencer who often boasted of his wealth on Instagram by doing cash giveaways to random strangers, has been sentenced to seven years in prison after running "overlapping fraud schemes" that scammed victims out of at least $8 million. One of them involved a multi-million dollar cryptocurrency scam in which he would promise to pay higher prices for crypto, and would convince those who were interested to transfer their funds to him by providing doctored images of wire transfer confirmations to suggest that he'd fulfilled his end of the deal.

Mazini also ran a scam targeting the Muslim community in New York, via a company called Halal Capital. In reality, this was a Ponzi scheme, and payouts to his investors were funded in part by the crypto scam he was also running.

Mazini was arrested in March 2021 on kidnapping charges, after he kidnapped and beat someone who might have witnessed his frauds. He was sentenced to five years in prison for that charge, to which he pled guilty. His new fraud sentence will be served concurrently with the kidnapping sentence.

In addition to seven years in prison, Mazini has been ordered to forfeit $10 million. Restitution has not yet been determined.

Theme tags: Hack or scam, Law

Samourai Wallet operators charged over crypto mixer operations

Keonne Rodriguez and William Lonergan Hill, founders of the Samourai Wallet, were arrested and charged with conspiracy to commit money laundering and conspiracy to operate an unlicensed money transmitting business. The charges relate to their operation of a cryptocurrency mixer that the DOJ says helped to launder over $2 billion in unlawful transactions. $100 million of that, they say, was connected to dark web markets including Silk Road and Hydra Market. Indeed, Samourai had actively marketed its products to "Dark/Grey Market participants".

Rodriguez was arrested in the United States; the United States will seek extradition for Hill, who was arrested in Portugal.

Samourai Wallet advertised itself as "a bitcoin wallet made for the streets", which would "keep your transactions private, your identity masked, and your funds secure". It touted features including "remote self-destruct", and would hide itself from a phone's applications list. As charges were filed in the United States, the wallet's website began displaying a seizure notice that informed visitors of a coordinated law enforcement action by the US Attorney's Office in the Southern District of New York, FBI, IRS, Europol, and Portuguese and Icelandic police. The app was also removed from the Google Play Store.

Theme tags: Law
Blockchain tags: Blockchain: Bitcoin

ZKasino rug pulls after raising $33 million

A project promising to build a decentralized casino managed to raise $33 million, despite an anonymous team that had exhibited several instances of shady behavior throughout ZKasino's development. The project promised that everyone who bridged ETH to their layer-2 chain would be able to receive their ETH back 1:1 in thirty days.

Instead, the project's creators transferred those more than 10,500 ETH ($33 million) to Lido, an Ethereum staking service. As for the "return" of funds, the project team indeed followed through with their promises to return the crypto... except instead of ETH, depositors received the project's native token, ZKAS, which would vest over a period of 15 months. The project announced that they had calculated the ZKAS distribution based on a discounted rate, "as a favour to our users who have bridged to participate in the ecosystem". Gee, thanks!

One investor in the project wrote, "We made a mistake investing in Zkasino early. ... [I]t sounds like a scam, but 95% of crypto consists of such crap. With memecoins pumping every day, people believe this could be the next one."

It seems that ZKasino's creators have links to other crypto scams, including a failed "ZigZagExchange", which raised around $15 million that was allegedly misallocated to work on the ZKasino project. Crypto sleuth zachxbt had also described the team as "proven bad actors" in December, listing multiple instances in which they had avoided making promised payments.

After the rug pull, the project's planned IDO on Ape Terminal and AIT Launchpad were canceled, and MEXC (which had invested in the project's seed round) canceled the token listing.

Theme tags: Rug pull, Shady business
Blockchain tags: Blockchain: Ethereum
Tech tags: DeFi

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.