Hundred and Agave were the second and third defi protocols targeted by flash loan attacks that same day, with Deus Finance losing more than $3 million to hackers using the same class of exploit.
Invictus DAO whales quickly vote to shutter the project in its first ever community vote, leaving most others with huge losses
However, although the project enjoyed a spike in price in November, the token has bled value since then. On March 9, the project leaders began a conversation about team salaries, where they also floated the idea of redeeming the treasury and closing the project. On March 11 they began a vote, which lasted only three days, and allowed members of the DAO to vote on whether the project should close and distribute treasury funds to participants. Much like the Wonderland vote in late January, a relatively small number of whales with a large share of the votes (who bought in early and still stood to make money on the project) were able to pass the vote to close the project, despite a majority of voters selecting to keep the project going. Furthermore, because the Invictus tokens used for voting also themselves hold the value, some people were unable to vote in the poll because their tokens were locked up in lending platforms where they had used them as collateral. Many participants in the project who haven't been actively watching the governance page likely don't even know the vote happened.
Some members of the project wrote on Discord that they felt rugged, with one even speculating that the project had been so eager to implement voting so they could pass a "community" vote to close the project and make off with a profit without damaging their reputations or potentially facing lawsuits. Various members of the project Discord shared how much they had lost: one person said they were down $20,000, another was down $75,000, and a third person reported losing $400,000. One person asked "who else is in the 6 figure loss club" and received three agreement emoji reactions; another person said they'd lost a year's salary. Some people already opted to try to sell their tokens early, worrying that the project leaders might make off with the treasury and not allow people to redeem their $IN; others waited in hopes of the redemption price being higher than the current token price; and some even suggested buying more $IN in hopes that they could make a profit if the redemption price is higher than the current price.
- [RFC] Allocate Funds for Team / Operational Expenses + Third Option on Invictus DAO forums
- [INIP] Allocate Funds for Team / Operational Expenses + Redemption on Invictus DAO forums
Discord compromise targets fans of the Wizard Pass project in a two-for-one scam that both accepted payments for fake NFTs and stole the NFTs that victims already owned
A Twitter thread by SerpentAU suggested that the malicious minting website had not only accepted ETH from victims and provided nothing in return, but had also prompted users to grant full access to their NFT wallet, allowing valuable NFTs to be stolen. It's not yet clear how many NFTs were stolen as a result.
Collector sues artist after spending over $500,000 on an image of Pepe the Frog that others got for free
A trader reportedly makes half a million from a flash crash, then the LATOKEN exchange takes their coins
Report alleges Socios withheld payments owed to advisors and staff to maintain the value of its cryptocurrency
One company now owns three of the most popular NFT collections: Bored Apes, CryptoPunks, and Meebits
Facebook bans crypto scammer who pulled in up to $140,000 by impersonating economist David Rosenberg
ESPN baseball reporter Jeff Passan has his Twitter account hacked and used to shill NFTs on "the biggest news day of [his] life"
Passan regained control of his Twitter account several hours later. Passan later wrote in a tweet, "hey remember that time i got hacked on the biggest news day of my life". The Skulltoons project distanced themselves from the incident, writing that they believed the hackers were trying to scam the Skulltoons community.
After someone games the system to acquire a disproportionate amount of airdropped tokens valued at $123 million, Juno community begins a vote to take them away
On March 10, a community proposal was submitted, proposing to take away the majority of the whale's tokens (worth around $121 million), and leave them with the 50,000 $JUNO (a little below $2 million) that was originally intended to be the maximum per person. The vote passed, in a major blow to an ecosystem where "your keys, your coins" is taken as gospel—that is, if you control the keys to a wallet, your assets supposedly can't be taken from you.
Bored Apes team asks people to verify their identities for their next project, shortly after making a stink about their own identities being revealed
There was some irony in BAYC requiring their buyers to reveal their identities only a month after some of the BAYC founders' identities were revealed by a journalist (who made the connection based on publicly-available information), which made the BAYC team and many of their supporters absolutely irate.
Entrepreneurs resuscitate 20-year-old piracy powerhouse LimeWire to turn it into a totally legitimate NFT marketplace, they promise
NFT project created and endorsed by various English footballers plunges in value, players try to quietly delete endorsements
The plummeting price is not the only problem the project has faced; shortly after Terry announced the project in January, he was threatened with legal action by the Premier League, and had to remove depictions of Premier League, UEFA and FA trophies, as well as the Chelsea logo, from the NFT illustrations.
Reddit users from the UK, Germany, France, and Switzerland reported receiving the email, and those countries now all appear on the 40-entry-long list of countries not permitted to use Crypto.com's lending services. One Reddit user wrote, "I have 7 days to pay a big loan, like big. If it gave us a month I could unstake and pay, but no, they give us 7 [days], I will get liquified and can’t do anything for it." Other users were confused to receive the email when they didn't have any loans on the platform, as it was worded in a way that they interpreted to mean they did.
- "Crypto.com Tells Loan Customers in 'Excluded' Countries to Repay by March 15", CoinDesk
- Tweet thread by Bitfinexed
- "Just a week after the ‘Earn’ debacle, Crypto.com fucks up again by announcing that anyone with a Crypto Loan needs to repay it within 7 days – or be forcibly liquidated via funds in their Spot Wallet. What planet are these idiots living on?" from r/Crypto_com
Ormeus Coin founder charged with securities fraud for misrepresenting cryptomining operations and other assets
- "John Barksdale Charged With Cryptocurrency Securities Fraud In Connection With Sale Of Ormeus Coin", U.S. Attorney’s Office, Southern District of New York
- SEC v. Barksdale
Founders of several 2017 cryptocurrency companies indicted for alleged theft of more than $40 million
- "Owners and Operators of Online Cryptocurrency Companies Indicted for Defrauding Investors", U.S. Attorney’s Office, Eastern District of New York
Over 10,000 NFTs of photographs by August Sander are delisted from OpenSea after being created without permission
The problem with this whole scheme is that Julian Sanders does not actually control the Sander estate—it was sold in 1992 by Gerd Sander (August's grandson, and Julian's father) to the Cultural Foundation of the Stadtsparkasse Cologne. That group was surprised to see all of Sander's work suddenly being sold as NFTs without their permission, and submitted a legal notice to have it taken down from OpenSea. OpenSea complied with the request on March 7. After almost two weeks of stalling and deflecting questions about the delisting without even acknowledging the cause, Fellowship and Julian Sander finally released a statement on the issue on March 18. Sander wrote that "a third party... claims to have certain rights in August Sanders' photographs" but that he "believe[s] the complaint is not valid" and would be working with his lawyers to have the collection reinstated. As best as I can tell, it seems that Sander is trying to argue he is entitled to sell his great-grandfather's work as NFTs because he physically possesses the negatives, despite the fact that the Cultural Foundation owns the usage rights to all of Sander's work.
Influencer Jake Paul alleged to be repeatedly promoting projects without disclosing his financial involvement
Paul allegedly tried to cover his steps by creating a new crypto wallet to receive payments for each promotion, but then transferred the money a wallet he controlled to cash out. Oops. Some of the projects that Paul hyped in his undisclosed promotions included League of Sacred Devils, $MILF, and $YUMMY.
- "Exposing Jake Paul's Scams", YouTube video by CoffeeZilla
Some people in the crypto community responded with disdain at the project, describing it as a "cash grab". One NFT influencer tweeted "Hey @tailopez legit question: Why Would I pay 30-40k to watch a movie with you? or 80-90k for your WhatsApp? Who u think u are? U def have a shady reputation and doing this only adds more fuel to the fire. I respect anyone wanting to add value to NFTs but this is not the way." Others were surprised at the project's smart contract, which not only automatically transfers any money out of the project and into the team members' wallets, but requires the NFT buyer to pay the gas fee for that transaction in addition to normal gas fees for minting.
Nemus Earth plans to buy and protect land in the rainforest... with Ethereum NFTs and a Brazil nut plantation
The whitepaper also addresses that the project will be built on the Ethereum blockchain. There is a section about "pros & cons of Ethereum", which has one section: gas fees. Apparently the project based on environmental conservation has decided to simply gloss over the enormous energy consumption, emissions, and electronic waste stemming from the Ethereum blockchain.
The project opened its second round of minting on March 3, and is offering its NFTs for mint prices between 0.06 ETH and 19.44 ETH ($150 to $50,000).
OpenSea said in a statement that "OpenSea blocks users and territories on the U.S. sanctions list from using our services", though it's unclear why this change seems to only have come into effect recently.
Some Venezuelan users were furious with MetaMask, feeling that their choice to prevent them from using the platform was incompatible with the decentralized and deregulated nature of much of crypto. One Twitter user wrote, "MetaMask Do not tell me that you became Centralized, I have this problem and many people in Venezuela have the same".
ConsenSys later appeared to say that the block of Venezuelan users was in error, writing that "In changing some configurations as a result of the new sanctions directives from the United States and other jurisdictions mistakenly configured the settings more broadly than they needed to be".
Some publications have speculated that the airdrop was canceled because someone tried to spoof the tokens, but it doesn't appear that Ukraine has given a reason for the change in plans. After the cancellation, many commenters on Twitter, all of whom were hopefully joking, wrote that they had been "rugged" by Ukraine—using the common slang for crypto scams in which people are convinced to buy in on a project that then takes the money and doesn't follow through on its promised plans. In the tweet announcing the cancellation, Ukrainian Vice President Mykhailo Fedorov wrote, "After careful consideration we decided to cancel airdrop. Every day there are more and more people willing to help Ukraine to fight back the agression. Instead, we will announce NFTs to support Ukrainian Armed Forces soon. We DO NOT HAVE any plans to issue any fungible tokens". What a world we live in.
Rose, for his part, runs a show called Brian Rose's DeFi Real, where he has published episodes like "Create your Career in Crypto: How to Become a DeFi Influencer, Educator & Fund Manager", and "The Next 100x Coins: How to Pick the Big Crypto Winners". As for the Rose and Icke duo, not only have they teamed up to broadcast COVID-19 conspiracy theories, they've also turned that project into NFTs, with a 100-item collection consisting of several-minute-long portions of their COVID-19 conspiracy TV series. Although all of the NFTs were given away, only a single NFT has experienced any trading so far.
Personally, I'm shocked to see the conspiracy theorists and crypto communities overlapping in this way.
At least 17 Smol Brains NFTs were stolen, which were listed for a combined total of around $1.4 million. PeckShield reported that more than 100 NFTs from multiple collections had been stolen. They reported that the exploit was due to a bug in their contract that allowed an attacker to set a quantity of 0 in a transaction, which when multiplied by the item price resulted in a total price of 0.
TreasureDAO co-founder John Patten wrote in a tweet while the hack was ongoing that "We will cover the costs of the exploit — I will personally give up all of my Smols to repair this."
About 2/3 of the other affected projects had yet to launch or had no social media presence. Crypto sleuth zachxbt tried to contact the other 1/3, and some of the projects were able to migrate contracts before any malicious actions. zachxbt wrote, "Funny enough when I reached out to all the different projects the ones that responded said they either didn’t read over the smart contract beforehand or weren’t the most technically inclined teams." On April 7, OpenSea contacted zachxbt to say they had frozen trading for all contracts created by the developer.
Lapsus$ initially promised that if Nvidia removed LHR from their 30-series line of chips, they would "forget about [the hardware] folder (it's a big folder)". However, they updated their demand on March 1, demanding that Nvidia either make all current and future drivers for all of their cards open source ("while keeping the Verilog and chipset trade secrets... well, secret"), or else they would publish all files for Nvidia chips. They wrote that Nvidia had until March 4 to make a decision. As of March 3, Nvidia had not made a statement around whether they would acquiesce to the hackers' demands.
Although Parler's press release contains a lot of their usual chest-thumping about "freedom from Big Tech", the DeepRedSky NFTs can only be minted with credit cards, with payments being processed through Stripe. The good news: if you aren't getting enough of a rush out of the risks involved with crypto in general, you can get a new thrill from giving your personal information to a platform that's been hacked multiple times.
GenomesDAO wants you to give them your genetic data, which they acknowledge is "data that can be exploited in ways we cannot even imagine yet"
Randi Zuckerberg tests your secondhand embarrassment tolerance with her second crypto-themed parody song
Partway through the song, Zuckerberg sings "carpe the crypto diem". This raises the question of whether she intentionally included a dig at her brother Mark's failed Diem cryptocurrency project (formerly Libra), or if the project was such a flop even his own sister didn't know about it. I truly can't decide which scenario would be funnier.
NFT collector files $6 million lawsuit against OpenSea, LooksRare, and the company behind Bored Apes for not doing more to discourage thefts
On February 1, he was the victim of a phishing attack in which he lost the three pricey NFTs. He had agreed to trade one of his Mutant Apes for another NFT he was interested in, but he and the prospective buyer had to perform the transaction through a platform other than OpenSea or LooksRare because it was a swap rather than a purchase for ETH. Armijo turned down several suggestions of platforms by the other party, saying he was unfamiliar with them, and instead suggested one of his own choosing. However, the other party was still able to send him a trading link that appeared to be from the site he had suggested, and Armijo approved what turned out to be an illegitimate transaction that allowed the other party to take all three of his NFTs for nothing in return. Armijo alleges that although he quickly realized he'd been phished, he was not able to get OpenSea or LooksRare to freeze sales of the stolen NFTs, and they were flipped for resale within days.
Armijo alleges that OpenSea and LooksRare have "utterly failed to protect consumers or do anything to disincentivize or stop the thefts" because they profit from each trade on their platform. He has also named the company behind the Apes NFTs, Yuga Labs, in his lawsuit, stating that they have not done enough to disincentivize theft by failing to "monitor its proprietary and exclusive ape community by denying entry to individuals whose access is predicated on a stolen BAYC NFT". Once again, my heart goes out to the judge hearing this case.
In terms of damages, Armijo states he has been "deprived not only of the significant monetary value of the NFTs he owned, but also [has been] strip[ped] of his membership in the BAYC community and the commercialization rights he possessed in his underlying Bored Ape and Mutant Ape images", and as such is seeking damages "in no event less than $6 million". Interestingly, the name Robert Armijo also appears as a defendant in SEC charges from June 2021, where the individual is alleged to have unlawfully sold securities managed by an organization also alleged by the SEC to be a Ponzi scheme. It's not immediately clear if this is the same person, or someone who shares a name.
- Armijo v. Ozone Networks, Inc. d/b/a Opensea, CourtListener
- "SEC Charges Additional Unregistered Brokers Who Sold EquiAlt Securities to Retail Investors", U.S. Securities and Exchange Commission
- "SEC sues La Mesa financial adviser over selling investments linked to a Ponzi scheme", The San Diego Union-Tribune
Elexir draws in more than $1.3 million, then announces an end to the project a week later and "reimburses" investors with $300,000
After their announcement went over about as poorly as you might expect, Elexir offered their community a choice: take the $300,000 they planned to airdrop, and either continue with that plan or re-add it to the liquidity pool. Community members by and large seemed to support an unlisted third mention, which was to refund the entire treasury to people who bought in, but the project developers seem intent on keeping that amount.
The project development team had had their identities verified by the organization StaySAFU, who subsequently tweeted that "We are currently communicating with both the team behind Elexir and the legal authorities", and that they had identity documents for the team members as well as video confirming they were responsible for rug pulls.
Cryptocurrency exchanges refuse requests by Ukrainian Vice President to freeze Russian and Belarusian addresses
Although perhaps unsurprising that these exchanges refused a request like Fedorov's, it will be interesting to see if and how sanctions may affect various cryptocurrency exchanges' actions. Binance, the largest crypto exchange, has already indicated it will comply with sanctions. Kraken, whose executives have tended towards more ideological stances, has also indicated that it will comply with legal requirements to freeze accounts.