VeVe marketplace goes offline for over a day after an exploit results in a "large amount of gems being acquired illegitimately"

The VeVe marketplace has developed a bit of a reputation as the partner of choice for some big names who have dipped their toes into "licensed digital collectible" NFTs, including Marvel, Pixar, and Coca-Cola. It is also notable for using in-app tokens called Gems, which can be purchased with credit cards, but have been impossible to cash out since the mid-2021 launch (though VeVe has very recently said they are beta testing a cashout system).

On March 22, VeVe tweeted that "We have become aware of an exploit of our systems which resulted in a large amount of gems being acquired illegitimately", and that they had closed the market, as well as purchases and transfers of Gems. The market remained closed for over a day as VeVe apparently triaged the problem. It's not clear yet what the impact has been to the platform or its users, though many reported that their NFTs appeared to have plunged in value.

G2 Esports sues NFT provider Bondly, accuses them of using them for publicity

G2 Esports announced a partnership with NFT provider Bondly in June 2021, through which they planned to release profile picture NFTs that would also provide access to membership perks. Nothing has materialized since then, despite their plans to launch in February. On March 22, G2 filed suit against Bondly, accusing them of agreeing to a deal they knew they could not fulfill, but that would lend Bondly credibility and publicity via the association with the G2 brand. According to the lawsuit, shortly after the first invoice was sent for the rights payments that Bondly was due to pay to G2, Bondly wrote that the company was "past the point of being able to successfully deliver an NFT program". G2 has said the failed deal resulted in $5,250,000 in damages.

Team behind the NeoNexus NFT project raises several million dollars, then abandons it

Tweet by Jack Shi, containing a photo of a man sitting in the driver's seat of a sports car with the gull-wing door opened. Text reads "#NewProfilePic This car is so comfortable and worth way more than my house."Tweet by NeoNexus founder Jack Shi (attribution)
NeoNexus was a metaverse NFT project that raised about 25,000 SOL (worth around $2.2 million today; previously worth $3.5 to $4.5 million). The project had sold various "property NFTs", and had plans to create other NFTs representing things like characters and vehicles.

On March 21, the project's founder Jack Shi wrote on Twitter, "It is with a heavy heart that we must inform you that we can no longer continue healthy development of the NEONEXUS project. We would like to hand over the project to our community, or a community-selected party for takeover if that's feasible / possible." Going into more detail on Discord, he said the project had run out of money, which he blamed on waning interest in Solana NFTs.

The reaction to the announcement was overwhelmingly negative, particularly given the project's founder's apparent habit of bragging about his luxury cars. Many users described the abrupt shutdown as a rug pull, and one user even mentioned looking into a class action suit against the project team.

Phishing scheme promising to animate one's apes nets attacker a collector's three pricey Bored Apes

A Bored Ape with leopard print fur, wearing a black bowler hat and American flag shirt with a deep V-neck, with half-closed red eyes, on an orange backgroundBAYC #71 (attribution)
An NFT collector fell for a scam website promising to "turn your BAYC animated". After connecting their wallet, the attacker transferred their three pricey Bored Ape NFTs to their own wallet, then quickly flipped them for resale for a combined total of around 264 ETH ($764,000). Zachxbt, a crypto fraud sleuth who first noticed the scam, estimated the NFTs' actual value at closer to $900,000.

It appeared from the victim's retweets that they had fallen for a scam shared by a verified Twitter account that claimed to be one of the Bored Apes founders. However, a closer look at the Twitter handle showed it was a hacked account with the username "volt_france", which previously had belonged to the French branch of the Volt Europa political movement.

Hacker steals more than $1.5 million after compromising wallets belonging to crypto whale Arthur_0x

CloneX #13992, one of the stolen NFTsCloneX #13992, one of the stolen NFTs (attribution)
Arthur_0x, a crypto investor and NFT whale, had two of their hot wallets compromised. The attacker stole ETH and transferred some big-ticket NFTs out of the wallets, including at least five CloneX NFTs and 17 Azuki NFTs. CloneX NFTs have been selling for an average of 16.76 ETH (about $50,000) over the past 30 days, and Azuki NFTs have been going for 12.5 ETH ($37,600). The attacker had not yet sold all the NFTs they had stolen, but within two hours of the attack they had 545 ETH (about $1.6 million) in their wallet.

Arthur_0x wrote on Twitter that they had previously only ever used a hardware wallet on their PC, but when they started more regularly trading NFTs they'd started using a hot wallet. "Hot wallet on mobile phone is indeed not safe enough", they wrote on Twitter, "Guess no more hot wallet usage then." They also wrote, "The only thing I can say to the hacker is: you mess with the wrong person" and tweeted the wallet address to which the NFTs were being transferred, asking for it to be blocklisted.

Hacker steals $1.45 million from OneRing Finance using code that self-destructs after the attack

A hacker was able to use a flash loan attack to exploit an issue with OneRing Finance. By manipulating the price of tokens in the project's liquidity pool, the hacker was able to draw out 1.45 million USDC, a stablecoin pegged to the US dollar. According to PeckShield, the loss to the protocol was larger than what the hacker actually was able to cash out.

The hacker complicated things somewhat for OneRing by covering their tracks. They used a "self-destruct" mechanism — typically used by developers to destroy smart contracts that are found to have a bug — to destroy the contract they used to carry out the attack, making it more difficult for OneRing to determine which parts of their codebase were vulnerable and led to the attack.

NFT scammers take over the Twitter account of a Florida gubernatorial candidate

Twitter profile of Nikki Fried, showing banner and profile pictures for "Skulltoons", and the name "nikki.eth"Nikki Fried's compromised Twitter profile (attribution)
The Twitter account belonging to Nikki Fried, the current Florida Agriculture Commissioner and a Democratic candidate for the 2022 Florida gubernatorial race, was compromised and repurposed as an NFT shill account. The account, which was verified and had more than 270,000 followers, suddenly underwent what I imagine was a bit of a startling rebrand for her followers: her name was changed to "nikki.eth", and the Twitter bio was replaced with "Mod for SkulltoonsNFT, ThugBirdz, AzukiZen. Web3 Enthusiast". The account also changed its banner and profile pictures to Skulltoons images, and started tweeting about giveaways. By March 20, Fried had apparently regained control of the account, though the account privacy had been changed to protected.

The Fried account compromise is only one instance of what has become a trend on Twitter: Twitter accounts belonging to high-profile individuals, or accounts that are verified or have a large number of followers, being compromised and sold to NFT scammers. On March 11, ESPN baseball reporter Jeff Passan also had his twitter account compromised and repurposed to shill Skulltoons NFTs. Skulltoons distanced themselves from that incident, writing that they believed the hackers were trying to scam their NFT community.

Kaiju Kongz NFT project artificially inflates its floor price by destroying your NFTs if you list them for sale at too low a price

A pixel art image of a large ape creature with green and yellow eyesKaiju Kongz (attribution)
An NFT project's value is often discussed in terms of its floor price — that is, the lowest price at which any given NFT in a collection is listed for sale. The new NFT project Kaiju Kongz decided to take advantage of the fact that you can pretty much do anything you want with a smart contract to ensure that the floor price of its project only increases shortly after the NFTs are launched. They released their project with a "burn schedule" — a list price that gradually increases as time goes on, where if someone lists their NFT below that price, it will automatically be burnt — the closest thing to "destroying" an NFT that's possible. This serves to ensure that the floor price stays above the minimum value the project creators want, which doubles daily from 0.065 ETH (~$190) on the day of launch to 0.64 (~$1900) on March 22.

Some NFT collectors criticized the choice. One described it as "illegal market manipulation tactics", and others said the project should grow the floor "organically". Given the rampant manipulation in the NFT space, one wonders if the real criticism collectors have with the project is that they were too transparent about their price manipulation, and should've just done it quietly like other projects have.

Founder of crypto investment scheme "IGObit" and the sham organization "World Sports Alliance" is convicted of wire fraud

Asa Saint Clair created an organization called the World Sports Alliance, which he falsely described to prospective investors as being closely affiliated with the United Nations (for some reason). Saint Clair convinced more than 60 people that they should invest in his IGObit digital coin offering, stating they would received guaranteed return on investment, but instead he just took the money and used it for his own purposes. Saint Clair was convicted on March 18, and faces a maximum sentence of 20 years in prison.

People briefly borrow Bored Ape NFTs to claim as much as $1.1 million in $APE tokens

The Bored Ape Yacht Club recently created a token called ApeCoin, some of which they announced would be distributed to people who owned various Bored Ape NFTs and NFTs from their related collections. However, because the token distribution didn't use a snapshot of ownership data, but rather distributed tokens per-NFT to the first owner who claimed them, people were able to game the system. Some owners of Bored Ape and related NFTs had put their NFTs into an NFTX vault, which is a setup where someone takes a subset of their NFTs and creates a token that is based on them. The token can then be staked to generate yield, or can be sold, and if someone owns enough of the tokens, they can redeem them for the NFTs. A clever operator found a vault containing five Bored Ape NFTs, which had unclaimed $APE associated with them since they were locked up in the vault. They used a flash loan to purchase a large amount of the vault's token, redeem the five BAYC NFTs, claim the airdropped tokens, return the BAYC NFTs, sell back the tokens, and repay the loan, all in one transaction that cost them nothing but netted them 60,564 $APE, which they then swapped for 399 ETH ($1.1 million).

People were somewhat split on whether this could be classed as a vulnerability in the $APE airdrop, since (as with many crypto hacks and scams) the person was operating completely within the rules set out in code.

Australian regulatory agency begins lawsuit against Facebook over failing to address scammy crypto ads

The Australian Competition & Consumer Commission (ACCC) announced that they had begun federal court proceedings against Facebook, alleging that the company "engaged in false, misleading or deceptive conduct by publishing scam advertisements featuring prominent Australian public figures". The ACCC claims that Facebook ads featured prominent Australian individuals without their approval, and implied that the crypto schemes were associated with or endorsed by those individuals. When a person clicked through the link, they were invited to provide contact information to a group of scammers who reportedly incessantly called the targets to pressure them into putting money into the schemes — in one case, a Facebook user lost more than $650,000. The ACC alleged that Facebook "aided and abetted or was knowingly concerned in false or misleading conduct and representations by the advertisers", but didn't take sufficient action to stop the misrepresentation, even after public figures raised the alarm about their likenesses being used without consent to scam people.

Binance says it will stop operating in Ontario, for real this time, and admits they lied to investors

In June 2021, Binance announced they would stop operating in Ontario after the province introduced new prospectus and registration requirements for crypto exchanges. However, in December, Binance said in an email to Ontarian investors they were allowed to continue operating in the province — prompting the Ontario Securities Commission to release a statement titled "Binance is not registered in Ontario", which said, "Binance represented to OSC Staff that no new transactions involving Ontario residents would occur after December 31, 2021. Binance has issued a notice to users, without any notification to the OSC, rescinding this commitment. This is unacceptable."

On March 16, Binance confirmed that they would actually stop servicing Ontario residents, for real this time. They also admitted to sending an email to investors on January 1 that said that they could no longer trade or onboard to the platform, despite not putting any such restriction in place.

Discord hack targeting Rare Bears NFT project nets attacker $800,000

An illustration of a bear wearing a crown, with laser beams firing from its eyes, with headphones around its neck, holding a molotov cocktailRare Bear (attribution)
After hackers successfully compromised the account of one of the Rare Bears Discord moderators, they posted an announcement that new NFTs were being minted. Those who tried to participate in the mint wound up having their accounts compromised and their NFTs stolen. The hackers sold most of the 179 NFTs they stole, for a combined total of 286 ETH (more than $800,000).

Not only did the attackers post a fake mint link, they took steps to prevent the project from thwarting their attack by banning other members and removing user rights that would have allowed other project members to delete the fake links. They also added a bot to the server that locked channels so people couldn't send warnings that the links were fake.

The Rare Bears team did eventually regain access and secured their Discord server. In an apology posted on their Twitter page, they addressed the multiple security breaches that Rare Bears have faced to date, and said they had "stepped up" and would be having a firm audit their project.

Bored Ape Yacht Club launches their new ApeCoin, which immediately tanks in price

Price of ApeCoin, compared to USD, showing a brief and large spike, followed by a drop and then fairly steady valueApeCoin price (attribution)
Bored Ape Yacht Club decided to release "ApeCoin", a new cryptocurrency token. The token distribution heavily favors current BAYC owners, truly underscoring the fantasy about a fairer distribution of wealth that some people thought crypto would somehow magically bring about. Holders of Bored Ape NFTs — already priced at several hundred thousand dollars apiece — received airdropped tokens in proportion to their holdings of Yuga Labs NFTs; one holder of 12 Bored Apes, 10 Mutant Apes, and 11 Kennel Club NFTs reported receiving 150,964 APE (valued at $1.3 million when $APE was at $8.56).

The $APE price briefly soared to around $40 shortly after launch, before crashing precipitously to around $8.50 not long after, presumably as people cashed out their free money. Even many cryptocurrency enthusiasts were nonplussed by the launch, with many describing it as a "money grab" or an attempt to enrich the founders, which apparently is a bad thing (despite many crypto projects openly doing the same). One angry Redditor wrote, "Owners of Bored Ape NFTs were given the coin first(very rich people), then it was sold to the normies who got FOMO and pumped the price, then it crashed. Yet again, leaving regular people holding bags of pure garbage while the coin pushers wave bye-bye from their lambos."

Winamp joins LimeWire in the emerging "legacy software comes back from the dead to do NFTs" trope

The first Winamp skin, a dark grey interface with buttons resembling those used in Windows 95 or 98Original Winamp skin, which they say will "be the base Artwork for all your derivative needs" (attribution)
A week after LimeWire emerged from cryostasis to announce it would become an NFT platform, Winamp decided to jump in as well. Winamp was a Windows media player that first launched in 1997, and was sold for a hefty sum to AOL in 1999, before fading into obscurity after facing tough competition from iTunes in the early 2000s. Although Winamp has been promising new versions of the software since its 2014 sale to Radionomy, only a single beta release in 2018 has ever materialized. However, on March 16, the Winamp Twitter account announced "the auctioning of Winamp Original Skin as 1/1 NFT AND the launch of Winamp Foundation". The Winamp Foundation, they wrote, would "collect money to help musicians across the world to make the music they love". The response on Twitter was overwhelmingly negative, with a top comment reading, "It is incredible how you took decades of good will nostalgia and removed it with a single tweet."

Official Formula 1 blockchain game suddenly shuts down

A rendering of a blue and white F1 racecar, hovering above a black triangular plastic base that says "Tiberon [sic] Car""Tiberon [sic] Car" NFT (attribution)
F1 Delta Time, a crypto car racing game that was officially licensed with F1 racing, shut down in mid-March. The game had previously generated a lot of hype — one of its car NFTs was the most expensive NFT sold in 2019 (more than $100,000). However, game owner Animoca was unable to renew their license to use the F1 brand, resulting in a sudden and unceremonious shut down. Players were given a single day of notice before the game went offline. Users, of course, keep their NFTs, but their ostensible use is now no more. The developers have tried to placate their players by offering various replacement options, primarily based around Animoca's Polygon-based "REVV Racing" game.

NFTBOOKS enters the race to see who can remake DRM the worst

A pie chart where none of the sections appear to be proportional to the numbered percentages, and are all slightly overlappingNFTBOOKS token distribution chart (attribution)
A project called NFTBOOKS has cropped up, promising to "transform the world of book-readings" by creating an NFT economy of authors, book-lenders, readers, translators, and, of course, investors. A writer named Tiffany Hutchinson contacted the project to politely inquire about how it intended to prevent the theft that is so rampant in the NFT space, and received some pretty disappointing answers. After trying several times to wave her off with vague answers about "there will be a review process" to check ownership of the work, they explained that they would implement "a filter on our system" that would check against identical copies. When she asked how that system would work if the original author was not the first person to create an NFT of the work, or how they would prevent someone from making small changes to the work to trick the filters, the project first gave staggeringly poor answers, then wrote that Hutchinson simply didn't understand, then became combative with her.

Fortunately there doesn't actually appear to be much to the project yet — actually creating a platform and an app to allow people to borrow books doesn't come until the fifth and sixth stages of their roadmap. The project is currently on the fourth step, and has been focusing their attentions on things like "marketing campaign" (stage 1), "aggressive marketing rollout" (stage 2), and "extreme marketing campaign" (stage 3). The stage 3 "extreme marketing campaign" also came with a "website relaunch", which we have to thank for one of the most outrageous pie charts I have ever seen (pictured) (which was later determined to have been a stock photo of a pie chart where they'd just changed the numbers). Perhaps they should focus some of their marketing efforts on coming up with answers to the simplest of questions that they should probably expect from authors — the type of people they're claiming to help.

Hundred Finance and Agave Finance are both exploited for a collective $12 million

An attacker using a flash loan attack targeted two projects on the Gnosis blockchain: Hundred Finance and Agave Finance. Each project paused their smart contracts, but not before the attacker made off with a considerable sum of money. That day, the attacker put the funds through a cryptocurrency tumbler, making it much more difficult to trace the collective 4,479 ETH that was stolen in roughly equal amounts from each protocol.

Hundred and Agave were the second and third defi protocols targeted by flash loan attacks that same day, with Deus Finance losing more than $3 million to hackers using the same class of exploit.

Binance pauses withdrawals and deposits via Polygon

After an extended Polygon outage on March 10, Binance temporarily paused deposits and withdrawals via Polygon on March 15. Although Binance reported it was "due to the network wide issues of the Polygon network", Polygon stated that "Polygon PoS network is stable, and working fine. All funds are safe. Binance is upgrading its nodes, and currently syncing the block data, hence they have paused the deposit and withdrawal." It was unclear why this would happen days after the original outage.

Hackers make off with over $3 million from Deus Finance

Hackers were able to use a flash loan attack to manipulate a price oracle, pulling 200,000 DAI and 1101.8 ETH (totaling almost $3.1 million) out of the Deus Finance defi platform. PeckShield, the analysis firm that identified the vulnerability, wrote that the $3 million number represented the amount the hackers were actually able to withdraw and put through a cryptocurrency tumbler, but that the loss to the project may have been larger. The CEO of Deus Finance subsequently wrote on Twitter that users whose positions were liquidated as a result of the exploit would be repaid.

Sneaky malware replaces Bitcoin addresses in clipboard to reroute transactions

Bitcoin wallet addresses look something like bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq, and so it's not always obvious at a glance if one string of random characters might have been replaced with another. Malware taking advantage of this fact has been spotted in the wild, replacing copied Bitcoin addresses with the address of a scammer, so that if a person pastes in an address to send Bitcoin to, it goes to the scammer instead. One trader learned this the hard way when the 0.255 BTC (about $10,000) they'd tried to send to an exchange never arrived. After looking into it, they saw that the funds had gone to a completely different address than they'd intended, and were able to sniff out that malware was to blame.

Invictus DAO whales quickly vote to shutter the project in its first ever community vote, leaving most others with huge losses

Invictus price history since November 12, 2021, showing a brief spike in late November and then a precipitous drop and slow decreaseInvictus token price in USD (attribution)
The Sol Invictus project was an Olympus DAO-like project on the Solana blockchain, much like the Wonderland project that went up in flames recently. Promising absolutely massive returns, with numbers like 60,000% APY being tossed around, people bought in hoping to see their money skyrocket. The project also partnered with major names in the Solana ecosystem, earning legitimacy.

However, although the project enjoyed a spike in price in November, the token has bled value since then. On March 9, the project leaders began a conversation about team salaries, where they also floated the idea of redeeming the treasury and closing the project. On March 11 they began a vote, which lasted only three days, and allowed members of the DAO to vote on whether the project should close and distribute treasury funds to participants. Much like the Wonderland vote in late January, a relatively small number of whales with a large share of the votes (who bought in early and still stood to make money on the project) were able to pass the vote to close the project, despite a majority of voters selecting to keep the project going. Furthermore, because the Invictus tokens used for voting also themselves hold the value, some people were unable to vote in the poll because their tokens were locked up in lending platforms where they had used them as collateral. Many participants in the project who haven't been actively watching the governance page likely don't even know the vote happened.

Some members of the project wrote on Discord that they felt rugged, with one even speculating that the project had been so eager to implement voting so they could pass a "community" vote to close the project and make off with a profit without damaging their reputations or potentially facing lawsuits. Various members of the project Discord shared how much they had lost: one person said they were down $20,000, another was down $75,000, and a third person reported losing $400,000. One person asked "who else is in the 6 figure loss club" and received three agreement emoji reactions; another person said they'd lost a year's salary. Some people already opted to try to sell their tokens early, worrying that the project leaders might make off with the treasury and not allow people to redeem their $IN; others waited in hopes of the redemption price being higher than the current token price; and some even suggested buying more $IN in hopes that they could make a profit if the redemption price is higher than the current price.

Discord compromise targets fans of the Wizard Pass project in a two-for-one scam that both accepted payments for fake NFTs and stole the NFTs that victims already owned

Wizard Pass is an NFT trading community and package of various software tools that can be joined for a price: a collection of 3,000 NFTs gates access to the community. The NFTs had a successful mint on March 7, and since then have been trading for around 0.3 ETH ($800) on the secondary market. Although the project stated that they would never mint more passes, members of the Discord were excited when the project's founder announced they would be doing a public sale for an additional 1,000 NFTs, at 0.1 ETH ($250) apiece. Unfortunately, there was no such mint, and it turned out the founder's Discord account had been hacked. As of midday on March 14, the hacker had received 66.4 ETH ($169,000) from 290 wallets.

A Twitter thread by SerpentAU suggested that the malicious minting website had not only accepted ETH from victims and provided nothing in return, but had also prompted users to grant full access to their NFT wallet, allowing valuable NFTs to be stolen. It's not yet clear how many NFTs were stolen as a result.

Collector sues artist after spending over $500,000 on an image of Pepe the Frog that others got for free

A trading card style image with an illustration of Pepe the Frog leaning on the edge of a pond, with his buttocks partially exposed. The text area of the card contains Matt Furie's signature.FEELSGOODMAN Series 20, Card 50 (attribution)
Matt Furie is the original creator of the Pepe the Frog cartoon that was later co-opted as an alt-right hate symbol, and which has also been popular among crypto enthusiasts and other online communities. Furie, his company Chain/Saw, and his DAO PegzDAO held an auction on October 8, 2021, and seemed to promise that the NFT would be one-of-a-kind: "500 cards issued, 400 burned, 99 will remain in the PegzDAO, and ONE is being auctioned here". Halston Thayer ended up winning the auction by bidding 150 ETH, then worth $537,084. However, on October 24, 46 of the 99 NFTs that were held by PegzDAO were distributed for free. According to a lawsuit filed by Thayer on March 12, 2022, releasing the 46 additional NFTs "significantly devalu[ed] Plaintiff's Pepe NFT to less than $30,000". The lawsuit seeks reimbursement of Thayer's original purchase, as well as punitive damages. Best of luck to the lawyers trying to describe "Rare Pepes" to a judge, or keep a straight face when saying that yes, the plaintiff did pay more than half a million for a drawing of a rather callipygian cartoon frog.

A trader reportedly makes half a million from a flash crash, then the LATOKEN exchange takes their coins

A trader set very low limit order on Ripple's XRP token, and was delighted to see it executed with XRP very briefly plummeted in value in what's known as a flash crash. The price recovered quickly, and the trader found themselves $458,000 wealthier. However, when they tried to withdraw some of their money from the exchange they were using, LAToken, the withdrawal was declined and their account was restricted for 24 hours for an unspecified terms of use violation. When the trader regained access to their account, the XRP they bought was nowhere to be found.

Report alleges Socios withheld payments owed to advisors and staff to maintain the value of its cryptocurrency

Off the Pitch reported on March 11 that Socios, the sports fan platform, had withheld payments owed to staff, advisors, and others who had signed agreements to endorse the platform's cryptocurrency, chiliZ. Internal messages showed that Socios founder Alexandre Dreyfus repeatedly referred to the payments owed to advisors as "the free money we give them". The reasoning for withholding the payments he'd agreed to? According to internal messages from Dreyfus, "When you give free tokens, people can sell at any price... It doesn't matter for them; so it makes the price going down... and the REAL investors who bought are losing money because of that." Staff members also were not paid the amounts they were owed. Some of them had moved to Malta, where Socios is headquartered, and were stuck there waiting to be paid.

$4 billion hedge fund Fir Tree Capital Management shorts Tether

The large hedge fund Fir Tree Capital Management has decided that the doubts around the stablecoin Tether are serious enough to take out a substantial short position against the project. Tether has faced questions from regulators, many of which center around whether or not the stablecoin is actually backed by the reserves it claims to have. Some of the assets Tether holds are high-yield commercial paper, which Fir Tree evidently believes is substantially tied to Chinese real estate firms. If that is the case, the real estate crisis in China (primarily revolving around Evergrande Group) could cause the value of Tether's reserves to plummet. According to Fir Tree, they've been shorting Tether since July, and expect their bet could pay off within a year. Other commenters and analysts have speculated that if Tether collapses, and that it very well might, there could be enormous ramifications for the rest of the cryptocurrency space.

UK Financial Conduct Authority requires all Bitcoin ATMs to be shut down

A person holds a phone while tapping a screen on an orange Bitcoin ATMBitcoin ATM (attribution)
All 81 functional Bitcoin ATMs in the United Kingdom are operating illegally, says the UK's Financial Conduct Authority (FCA). None of the companies operating them have a license to do so, and the FCA has said that they will take action against the companies if they don't shut down the kiosks.

One company now owns three of the most popular NFT collections: Bored Apes, CryptoPunks, and Meebits

A voxel-style rendering of a human with short black hair and a beanie cap, wearing a tie-die shirt, ripped jeans, and green sneakersMeebit #12742 (attribution)
Nothing really says "decentralized" like one company controlling the priciest and most popular NFT collections! Yuga Labs, the company behind the popular Bored Apes Yacht Club NFTs, announced they had purchased CryptoPunks and Meebits from LarvaLabs. CryptoPunks is one of the oldest NFT collections, and, along with Bored Apes and Meebits, ranks among the priciest collections on the market. Yuga Labs is also the owner of the popular Bored Ape Kennel Club and the Mutant Ape Yacht Club projects.

Facebook bans crypto scammer who pulled in up to $140,000 by impersonating economist David Rosenberg

Facebook comment from someone named Fany Roy Hayes: "I know this may sound unlikely but I just want to share it here for the good of everyone. I've been investing with Sir Ethan David Rosenberg for some week's now, the first investment, to my greatest surprise, I made a withdrawal in just 5days. since then I have been investing with him because of his accuracy. You too can earn big connect with him on the link."A Facebook comment from an account promoting the Rosenberg scam (attribution)
A Facebook profile impersonating an economist named David Rosenberg was discovered by Snopes to have drawn in around 3.4 Bitcoin in deposits, ostensibly from victims who were convinced they were investing with the actual Rosenberg. The fake Rosenberg profile, and others associated with it, posted about how he had reportedly helped them get out of debt or make a lot of money. The scammer's account was originally created in 2012, and when it began to be used in 2021 for the crypto scam, the operators edited old posts to make it appear that the "investment" operation had been going on for multiple years. Facebook banned the account shortly after Snopes published its report.

MeUndies cancels its NFT underwear plans and sells its Bored Ape after community backlash

A grimacing illustrated ape, wearing heart sunglasses and a black cap with a chain around it, to which the MeUndies logo has been addedMeUndies' modified Bored Ape illustration (attribution)
Believe me, I was as shocked as you were to discover that the MeUndies underwear brand has a "community". But that community apparently objected to the brand's purchase of a Bored Ape NFT, which they intended to use as a print on their line of undergarments. "We aren't going to make any excuses, we just didn't do the work we should have to make such an impactful decision", a MeUndies spokesperson wrote on Reddit. The spokesperson wrote that, after learning about the environmental impact of NFTs and cryptocurrency, they would be canceling the planned print, and selling off their Bored Ape. The NFT in question appeared to be BAYC #3986, which most recently sold in January for around 107 ETH ($260,000).

ESPN baseball reporter Jeff Passan has his Twitter account hacked and used to shill NFTs on "the biggest news day of [his] life"

Twitter profile of Jeff Passan, showing banner and profile pictures for "Skulltoons", and the name "Jeff.eth (Jeff Passan)"Jeff Passan's compromised Twitter profile (attribution)
ESPN MLB reporter Jeff Passan was having a great day, as he had been the one to break the news of an agreement between the MLB and the MLB Players Association, who had been deadlocked on labor negotiations. Unfortunately, this was soured a bit by his 800,000-follower, verified Twitter account being compromised and repurposed to shill "Skulltoons" NFTs.

Passan regained control of his Twitter account several hours later. Passan later wrote in a tweet, "hey remember that time i got hacked on the biggest news day of my life". The Skulltoons project distanced themselves from the incident, writing that they believed the hackers were trying to scam the Skulltoons community.

The Polygon network suffers an eleven-hour-long outage

After a network upgrade, Polygon went offline for eleven hours while developers scrambled to diagnose and patch an issue preventing its validators from achieving the 2/3 consensus required by the protocol. Projects and traders alike were affected by the outage, with various projects having to delay planned releases, and users reporting errors and funds stuck in transit. Although the network was able to release a patch to buy them some time, the project had to hard fork on March 18 in order to properly fix the issue.

After someone games the system to acquire a disproportionate amount of airdropped tokens valued at $123 million, Juno community begins a vote to take them away

A blockchain protocol called Juno launched in October 2021, airdropping their $JUNO tokens to members of the Cosmos ecosystem in proportion to how many $ATOM tokens they held. The protocol agreed via community vote that they would cap the amount given to a single individual at 50,000 $JUNO to "ensure fair distribution across the network". However, there is no restriction that one individual only have one crypto wallet, and so one single whale ended up receiving more than 3.1 million $JUNO across tens of wallets, which they later consolidated into one. Because of the enormous value centralized in one wallet — equivalent to around $123 million — if the whale sold off their $JUNO they could wipe out liquidity on decentralized exchanges and tank the price of the token. They could also perform a 51% attack on the network, as they already have half of quorum.

On March 10, a community proposal was submitted, proposing to take away the majority of the whale's tokens (worth around $121 million), and leave them with the 50,000 $JUNO (a little below $2 million) that was originally intended to be the maximum per person. The vote passed, in a major blow to an ecosystem where "your keys, your coins" is taken as gospel — that is, if you control the keys to a wallet, your assets supposedly can't be taken from you.

Bored Apes team asks people to verify their identities for their next project, shortly after making a stink about their own identities being revealed

Two tweets by Bored Ape Yacht Club. First tweet: "fuck it, again. http://somethingisbrewing.xyz". Second tweet: "This has been building over the last seven months. AnimocaBrands will launch the first phase, and there’s more to come. P.S. we don’t like KYCs either, but we think you’re going to want to be a part of this."Tweets by Bored Ape Yacht Club (attribution)
Yuga Labs, the company behind the Bored Ape Yacht Club (BAYC) project, announced a new project in partnership with blockchain gaming group Animoca Brands. The signup required KYC — that is, people were required to verify their real-life identities — something many BAYC fans seemed to bristle at, particularly given they had released absolutely no information about what the project would entail. BAYC themselves wrote, "P.S. we don't like KYCs either, but we think you're going to want to be a part of this."

There was some irony in BAYC requiring their buyers to reveal their identities only a month after some of the BAYC founders' identities were revealed by a journalist (who made the connection based on publicly-available information), which made the BAYC team and many of their supporters absolutely irate.

NFT collector accidentally sells their rock for close to $0 instead of over $1 million

Illustration of a gray rockEtherRock #44 (attribution)
The owner of EtherRock #44 tried to list their NFT for sale for 444 ETH (almost $1.2 million), but erroneously listed it for 444 wei — the fractional unit of ETH typically used for representing transaction fees. A bot programmed to look for listings like this one, where a pricey NFT is listed for far below its average or floor price, quickly snapped up the NFT before the buyer could remove the listing. The buyer of the NFT eventually tried to flip the NFT for 234 ETH, (around $625,000). The trader wrote on Twitter, "In one click my entire net worth of ~$1 million dollars, gone".

Entrepreneurs resuscitate 20-year-old piracy powerhouse LimeWire to turn it into a totally legitimate NFT marketplace, they promise

LimeWire, the filesharing service that was enormously popular in the early 2000s for piracy, has been resuscitated — or at least the brand has. Needless to say they are probably not planning to reuse much of the 20-year-old codebase that existed before public blockchains were even in use, if they even still have it at all. The choice to create an NFT marketplace with the same branding as the service that was shut down by a federal court for rampant copyright infringement seems a bit on the nose to me, for a technology that proponents still try to claim empowers artists and actually mitigates art theft. The duo behind the project claim that they are just trying to capitalize on nostalgia for the brand, but plan to operate above-board (though they would say that, wouldn't they).

Pirate X Pirate blockchain gaming platform exploited, blames its team's "utter carelessness"

The Pirate X Pirate blockchain gaming platform was exploited, with an attacker selling of more than 9.6 million $PXP. They were able to dump the tokens into the market for a profit of around 212 BNB ($78,000). In a blog post following the incident, Pirate X Pirate wrote, "Such attack could happen due to the team's utter carelessness to launch the conversion feature despite of its vulnerability. We deeply regret bypassing the inspection that should have been done by a white hat hacker as we intended to roll out the feature long-suspended as fast as we could. We have decided to dismiss our current developer team and are currently in the process of recruiting a new team to assume the responsibilities." They also announced that they had bought back the total $PXP that were stolen, and would be undergoing an audit.

A trader ends up owing $3600 after an exchange mistakenly deposits 10 Bitcoin in their account

Something apparently went terribly wrong on the trading platform that Twitter user rifftrader was using (though they didn't say which) when 10 BTC (~$385,000) was erroneously deposited to their account. The trader, who was expecting a transfer of $24 USD for Litecoin (LTC) that they had initiated to go through, didn't initially notice that the amount was in BTC when they subsequently converted it to USD. However, when they suddenly saw hundreds of thousands of dollars in the account, they realized what had happened. Not wishing to spend money that wasn't theirs, the trader transferred it back into BTC and contacted their exchange's support email. The exchange subsequently withdrew the erroneously-deposited funds from the trader's account. However, because the trader incurred a cost converting the BTC to and from USD, only 9.8752 BTC went back to the exchange. The exchange then proceeded to demand the trader pay the difference — around $3,600 — and accused them of "trad[ing] on those funds which did not belong to you". The email demanded payment by the following day, and the exchange threatened to send the case to a debt collector the trader didn't send the money.

NFT project created and endorsed by various English footballers plunges in value, players try to quietly delete endorsements

A brown ape with rainbow eyes, a drip of snot coming from his nose, and a lollipop stick sticking out of his mouth, wears a black and red jersey and shorts and pink sneakersAKFC #5849 (attribution)
John Terry, an English football coach and former player, launched an NFT project called "Ape Kids Football Club" on February 2. Several players, including Tammy Abraham, Ashley Cole, and Jack Wilshere, all endorsed the project. The NFTs traded for around $650 shortly after the project launch, but as of March 9 were averaging a little under $75 apiece. At some point, Abraham, Cole, and Wilshere quietly deleted their endorsements of the project.

The plummeting price is not the only problem the project has faced; shortly after Terry announced the project in January, he was threatened with legal action by the Premier League, and had to remove depictions of Premier League, UEFA and FA trophies, as well as the Chelsea logo, from the NFT illustrations.

Bug in Fantasm Finance allows multiple exploiters to take more than $2.6 million

An exploiter was able to use a bug in the Fantasm Mint contract to drain more than 1,000 ETH ($2,640,000) from Fantasm Finance. Fantasm urged their users to redeem their tokens they were staking and exit from liquidity pools, but attackers were still able to drain an enormous amount of funds from the protocol. It appeared that several other attackers joined in after the first attacker used the exploit, though it's not yet clear how much money was lost in total. The primary attacker transferred 1,007 ETH to the Tornado Cash tumbling service shortly after the attack. Fantasm Finance wrote on Twitter that they planned to publish a postmortem the following day, which would include compensation options for affected users.

Crypto.com gives borrowers in some jurisdictions a week to pay back their loans

A screenshot of an email from Crypto.com. Text reads, "Dear Valued Customer, Please be informed that Lending is no longer supported in your jurisdiction. For this reason we are required to cancel your current loans. You can find more information here. Kindly take steps to repay your loans by 02:00 UTC, 15 March 2022. Outstanding loans and the associated interest will be automatically repaid from the funds in your Spot Wallet after this date. We sincerely apologise for any inconvenience caused. If you have questions or concerns, please email us at contact@crypto.com. We're here to help. Best regards, The Crypto.com Team"Email from Crypto.com (attribution)
Crypto.com sent out an unexpected email to some users, apparently primarily in the EU, announcing that "Lending is no longer supported in your jurisdiction... [and] we are required to cancel your current loans". The email stated that if a borrower was unable to repay their loans by March 15, seven days from the date the email was sent, "outstanding loans and the associated interest will be automatically repaid". This seems like a tough timeline for borrowers, whose loans are twelve months long, and given people tend to spend the cash they've borrowed on something, rather than, say, hold on to it in case they need to suddenly repay a loan with a week's notice.

Reddit users from the UK, Germany, France, and Switzerland reported receiving the email, and those countries now all appear on the 40-entry-long list of countries not permitted to use Crypto.com's lending services. One Reddit user wrote, "I have 7 days to pay a big loan, like big. If it gave us a month I could unstake and pay, but no, they give us 7 [days], I will get liquified and can't do anything for it." Other users were confused to receive the email when they didn't have any loans on the platform, as it was worded in a way that they interpreted to mean they did.

Ormeus Coin founder charged with securities fraud for misrepresenting cryptomining operations and other assets

John Barksdale, part of the sibling duo behind Ormeus Coin, was charged with conspiracy, securities fraud, and wire fraud for his role in selling the Ormeus Coin token. He allegedly falsely represented the mining assets controlled by the company, claiming a mining operation that would have been one of the largest in the world, if his representations were true. The company also claimed to have reserves of Bitcoin backing their currency, when in reality these "reserves" belonged to a completely different entity. Through these misrepresentations, which were widely published including in a Times Square billboard, Barksdale drew $70 million in investment from around 12,000 individuals. The various charges Barksdale is facing involve maximum sentences between 5 and 20 years in prison. The SEC also filed a parallel civil action against the Barksdales.

Founders of several 2017 cryptocurrency companies indicted for alleged theft of more than $40 million

Four individuals who owned and operated EmpowerCoin, ECoinPlus, and Jet-Coin were indicted on wire fraud, money laundering, and obstruction of justice charges. They allegedly "engaged in a sophisticated scheme that preyed on unsuspecting investors nationwide with false promises of guaranteed returns and virtual currency trading opportunities", then tried to destroy evidence and obfuscate what they'd done after everything fell apart even before any actual trading happened. The group allegedly defrauded investors of more than $40 million over the four months in 2017 that the three companies were active, and they now face up to 20 years in prison if convicted.

Over 10,000 NFTs of photographs by August Sander are delisted from OpenSea after being created without permission

A black and white photo of a man, woman, and young child. The man sits on a stool with a child on his knee, and the woman stands next to them.AS10k+ #5489 (attribution)
An NFT project called the August Sander 10K Collection launched on February 11, offering NFTs of all 10,700 photographs by German portrait and documentary photographer August Sander (1876–1964). The project website described a "groundbreaking partnership between Fellowship and the August Sander family estate", apparently referring to their partnership with August Sander's great-grandson Julian. The NFTs were all distributed for free to the Fellowship community, which the project website boasted "speaks volumes about the commitment of both Fellowship and the August Sander family estate to creating a new standard of visibility and public access to large photography collections, an issue that has historically burdened museums". The website does not appear to mention that they take a 10% cut of all secondary sales, which so far appears to have netted them around 7 ETH ($20,000).

The problem with this whole scheme is that Julian Sanders does not actually control the Sander estate — it was sold in 1992 by Gerd Sander (August's grandson, and Julian's father) to the Cultural Foundation of the Stadtsparkasse Cologne. That group was surprised to see all of Sander's work suddenly being sold as NFTs without their permission, and submitted a legal notice to have it taken down from OpenSea. OpenSea complied with the request on March 7. After almost two weeks of stalling and deflecting questions about the delisting without even acknowledging the cause, Fellowship and Julian Sander finally released a statement on the issue on March 18. Sander wrote that "a third party... claims to have certain rights in August Sanders' photographs" but that he "believe[s] the complaint is not valid" and would be working with his lawyers to have the collection reinstated. As best as I can tell, it seems that Sander is trying to argue he is entitled to sell his great-grandfather's work as NFTs because he physically possesses the negatives, despite the fact that the Cultural Foundation owns the usage rights to all of Sander's work.

Influencer Jake Paul alleged to be repeatedly promoting projects without disclosing his financial involvement

A purple-skinned devil wearing a top hat, making a worried face, wearing a yellow t-shirt with a red female devil on it, and holding a sci-fi blaster gunLeague of Sacred Devil #4474 (attribution)
Jake Paul, who is already in hot water after being named in the class-action lawsuit against SafeMoon, has now been implicated by YouTube detective CoffeeZilla in $2.2 million worth of undisclosed promotions for multiple different projects. Influencers are required by the FTC to disclose when they financially benefit from promoting a project, though the crypto space seems rife with celebrities deciding that rule just doesn't apply.

Paul allegedly tried to cover his steps by creating a new crypto wallet to receive payments for each promotion, but then transferred the money a wallet he controlled to cash out. Oops. Some of the projects that Paul hyped in his undisclosed promotions included League of Sacred Devils, $MILF, and $YUMMY.

Andre Cronje and Anton Nell suddenly ditch their 20+ defi projects

Anton Nell
@AntonNellCrypto
Andre and I have decided that we are closing the chapter of contibuting to the defi/crypto space.
There are around ~25 apps and services that we are terminating on 03 April 2022. 
1/3
Most notibly
http://yearn.fi (use http://yearn.finance)
http://keep3r.network (use http://thekeep3r.network)
http://multichain.xyz (use http://multichain.org)
http://chainlist.org (lots of people replacing it)
http://solidly.exchange
http://bribe.crv.finance
2/3
Unlike previous "building in defi sucks" rage quits, this is not a knee jerk reaction to the hate received from releasing a project, but a decision that has been coming for a while now.
Thanks you to everyone that supported us over the past few years.
3/3Tweet thread by Anton Nell (attribution)
Andre Cronje and Anton Nell, the prolific developers of around 25 defi projects including yearn.fi and the new Solidly exchange, suddenly announced on Twitter that they would be quitting defi and shutting down their projects. "Unlike previous 'building in defi sucks' rage quits, this is not a knee jerk reaction to the hate received from releasing a project, but a decision that has been coming for a while now", wrote Nell. The sudden announcement caused several tokens associated with the projects to plunge in value. Some people were quite upset with the two developers, with one Twitter user writing, "People lock up billions of dollars for 4 years and dev announces it's being terminated in a month. Defi truly is the future of finance." Others were confused by the statement that the decision was a long time coming, when one of their projects, Solidly, had launched only a month before.

"NFT mortgage lender" Bacon Protocol is hacked for $1 million

Bacon Protocol, a defi project seeking to provide NFT mortgage liens (yes, really) was hacked. A reentrancy bug in their smart contract enabled attackers to get more lending credits than they should have been allowed, and was exploited for a total loss to Bacon Protocol of around $1 million.

BattleCatsArena apparently rug pulls several weeks after launch

An illustration of a rainbow-colored cat with a brown afro and small glassesBattle Cat #286 (attribution)
The NFT project BattleCatsArena appears to have rug pulled on March 5, about three weeks after its launch. The project had been announced late last year, with a post from its creator danvee.eth explaining, "After seeing lots of projects with zero utility and surviving 2 rug pulls I decided that it's time to build a real product that will deliver value to its holders from day one." The project had an ambitious roadmap, featuring NFTs, cat shelter donations, and of course a game with several play modes. Minting began on February 16, though the launch was somewhat disappointing — only around 400 of the 500 available BattleCats were minted in the three weeks following launch, and trading volume was low. On March 6, the project apparently deleted its Twitter account, and danvee.eth claimed the Discord had been hacked. All told, the project earned almost 21 ETH ($55,000). danvee.eth wrote on Twitter that he would try to refund people who wished to be refunded (so long as they were nice to him); as of that day no refunds had been sent from addresses associated with the project.

NeosVR virtual reality project jettisons its crypto component after a team blow-up

NeosVR, a virtual reality project originally released in 2018, introduced "Neos Credits" (NCR) in 2018 with the idea that it could enable in-game transactions. The crypto component was primarily managed by Karel Hulec, one of the project's team members. After cryptocurrencies and metaverse projects experienced a boom in 2021, crypto enthusiasts flooded into the project and drove up the value of the token. Some project members described the influx of people from the crypto community as having a strongly negative effect on the community, with one person writing they brought "all of its true slur-lovin' pepe-wearing glory to Neos". After some discontent within the team about the crypto side of operations, members of the team traded public statements with allegations about other members. On March 4, after Hulec released an updated whitepaper fraudulently (but perhaps mistakenly) "signed" by the rest of the team, the project creator and developer announced a proposal to allow Hulec to operate the cryptocurrency "on top of our work, but as a 3rd party solution, under a company solely under his ownership and direction", and for the primary team to cease involvement with the crypto component of the project.