Meanwhile, the founder of the Nostr social media platform has accused Nostr Assets of being an "affinity scam" by falsely suggesting in their platform name and $NOSTR token naming they are affiliated with the Nostr project. Nostr Assets has described the allegations as "unfounded", saying that their use of the Nostr network means the name is "pertinent", and suggesting that Nostr's founder has no basis to dictate who can use the Nostr name as it is a decentralized and open source project.
According to research group ScamSniffer, the attacker has stolen at least $5 million from at least 21 victims in the past four months.
As of December 4, Florence Finance had not publicly acknowledged the theft.
However, it turns out that Polygon allocated tens of millions of tokens to the DraftKings validator — far more than they allocated to other validators — on which DraftKings earned a highly unusual 100% of staking rewards. Polygon also sent the company 2.5 million of their MATIC tokens (priced at just over $1.5 million at the time), and it's unclear if this was a purchase by DraftKings or a transfer as a part of the deal.
In October 2023, Polygon kicked DraftKings off the network as the validator had failed to maintain performance standards. Throughout the period that the DraftKings maintained the validator, they earned millions of dollars through the undisclosed partnership.
After raising $1.7 million in seed funding in 2021, the site seems to have run out of runway. It merged with the CryptoSlam data aggregator in January 2023, but that apparently didn't help it sustain operations. The company appears to be trying to rebrand as "Forkast Labs", and is offering crypto data feeds.
Some applauded the decision, seeing the token hoarding as an unfair tactic that deprived others who wanted the tokens of their opportunity to buy any. However, some — particularly those who succeeded in buying tokens in the initial sale — worried that they were being "rugged" as the team threatened to destroy their tokens. Others objected based on the "code is law" ethos: "Basically we used ur platform and ur rules - u said ur selling at 500k mcap valuation and now changed it to 3m mcap valuation after it sold out - straight rug material u can't do that lmao", wrote one person on Twitter.
The move is likely tied to its bank charter, which was conditionally approved with a two-year period in which it was required to receive approval for its crypto business. SoFi had previously described discussions with the Federal Reserve "to determine whether there is a path to conform our crypto-related activities to the requirements of the Bank Holding Company Act" — this move suggests they decided there was not.
- "SoFi Is Exiting Crypto With Banking Regulators Stepping Up Scrutiny", Bloomberg [archive]
- SoFi Technologies, Inc. Form 10-K, filed with the SEC
The Hong Kong Securities and Futures Commission added Hounax to its warning list on November 1, a move that victims have criticized as much too late to stop the damage.
A person then claimed on Twitter to be the owner of the wallet, verifying the claim by signing a message from the wallet that paid the fee. They claimed that they had been hacked, and that an error on the attacker's part led to the huge fee payment. AntPool, the mining pool that mined that block and earned the huge fee, later agreed to return the fee, though it's not clear if or how they verified that the person to whom they're returning the fee wasn't in fact the attacker who had obtained control of the wallet.
A similar fee overpayment incident occurred in September, when the Paxos crypto firm erroneously paid a $500,000 fee to send $1,865. They attributed the huge fee to a bug in their software, and the F2Pool mining pool (who had mined the block and received the fee) opted to return the overpayment.
Shortly after the attack, the thief sent a message: "Negotiations will start in a few hours when I am fully rested." The KyberSwap team later responded to offer a 10% bounty, also seeming to praise the attacker: "You have done one of the most sophisticated hacks ser. That was high EV and everyone missed it."
The thief had other plans, though, ultimately issuing a list of "demands" which included "complete executive control" over the company and "surrender of all ... assets" to the hacker. They wrote that they had big plans for the network, and although they planned to dismiss all executives, they wrote that employees would be offered double salaries to continue their work. The hacker signed the message "Kyber Director".
Meanwhile, KyberSwap regained around $4.7 million after negotiations with the operators of front-running bots, who agreed to return 90% of the funds they obtained through frontrunning the hacker's transactions.
- "KyberSwap offers 10% bounty to hacker following $47 million exploit", The Block
- "KyberSwap DEX Hacked for $48 Million, Attacker Teases Negotiations", CoinDesk
- On-chain messages between the attacker and KyberSwap
- On-chain message from the attacker