...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.
Created by Molly White. Subscribe to her newsletter for weekly recaps.
The majority of assets were stolen from Hedgey on the Arbitrum layer-2 network, although around $2.1 million of them were stolen from the version deployed on the Ethereum mainnet.
Hedgey Finance confirmed the exploit, and sent an optimistic and congratulatory message on-chain: "Well done for finding it! We're assuming you executed this exploit as a white hat, so we'd like to get in touch with you to discuss next steps." No on-chain response thus far.
According to Hong Kong police, they have received more than 2,600 complaints about JPEX, involving HK$1.6 billion (~US$204 million) in assets.
Shortly after he was identified as the person behind the attack, Eisenberg tweeted that he "was involved with a team that operated a highly profitable trading strategy last week. I believe all of our actions were legal open market actions". Sadly for him, jurors didn't share this belief.
Eisenberg faces up to 20 years in prison.
What he failed to mention is that the tokens in Trump's wallet were airdropped to him, likely without Trump even realizing it. Several of Trump's crypto wallets are publicly known, and people send coins and NFTs to them all the time. Trump has no more endorsed Stone's "MAGA Memecoin" than he has the "HarryPotterTrumpHomerSimpson777Inu" tokens that also sit in his crypto wallet.
Elsewhere, Stone disclosed, "My promotion of MAGAMemecoin is, of course, sponsored." I haven't been able to find where he has disclosed the amount he was paid for these promotions, as he is required to do.
The team behind the project claimed that the deployer wallet had been compromised, allowing an attacker to drain the project's liquidity pool. Altogether, 615 ETH (~$2 million) was taken from the project.
Grand Base is a platform where users can trade "gAssets", which are crypto tokens that represent stocks in tech companies including Amazon, Apple, Google, Meta, and Microsoft.
Max Howell, the creator of tea.xyz (and creator of homebrew, though he's no longer involved), seemed apologetic, and promised to make changes to the protocol to stop this spammy behavior.
Now, deprived of that avenue, people are just creating massive waves of empty software packages, with nothing other than a "teafile" with their crypto wallet address for rewards, and submitting them to package managers like NPM and RubyGems.
This spam prompted a blog post from RubyGems, who wrote that they had to devote time to strengthening limits on package publishing and "ensuring [accounts] didn't disrupt the community further."
Security researchers at Phylum also wrote up the protocol's impact on the JavaScript world, which has seen as many as 7x as many packages published on NPM as previous daily averages. "Automated sustained spamming of this volume for months on end is rare and does nothing but cause heavy strain on the ecosystem itself, degrading the performance of the ecosystem for genuine users and straining open source security researchers," they wrote.
Pac Finance has said they are "actively developing a plan with [impacted users] to mitigate the issue."
NGS and its associated business is believed to have pulled in around AU$62 million (US$42 million) from around 450 Australians.
So far, losses are estimated to affect around 100 investors, who have up to AU$100 million (US$65 million) in claims.
Balanian had boasted of his career experience as a former NASA mission planner, and targeted his fund to wealthy investors with a minimum initial deposit of AU$50,000 (~US$33,000).
US Attorney Damian Williams described this as the first ever conviction for a smart contract hack.
Ahmed forfeited around $12.3 million in stolen funds, and will pay more than $5 million in restitution.
No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.
