Phishing attack targets users of sites including Etherscan and CoinGecko

Popular cryptocurrency websites including Etherscan, CoinGecko, and DeFi Pulse were showing users a pop-up prompting them to connect their MetaMask wallets. CoinGecko founder Bobby Ong stated that he believed the culprit was a malicious advertising script from a crypto ad network called Coinzilla. The advertisement appeared to be from a site mimicking the popular Bored Apes Yacht Club NFT project, which was taken down after the scam was discovered. It's as yet unclear how many users accepted the prompt, or what malicious actions (if any) were taken.

Crypto.com reverses some Luna trades, offers $10 consolation prize

One of the features of crypto that its proponents sometimes highlight is that transactions can't be reversed. This, of course, is not true when making trades on exchanges like Crypto.com, who can largely do whatever they want with the wallets they maintain and the coins they keep track of on users' behalf.

On May 13, the company announced it would be reversing transactions made during an hour-long period on May 12 when "users who traded LUNA were quoted an incorrect price". Some users were able to profit off the discrepancy, but later were told that their transactions were being reversed. Crypto.com offered $10 in CRO, their cryptocurrency token, "for the inconvenience caused". Crypto.com halted Luna trading after discovering the issue, and it remains halted as of May 13.

The issue sounds quite similar to issues that affected various defi projects around the same time. Several projects who failed to account for unexpected Luna price data coming from blockchain oracles including Chainlink suffered major attacks.

Unexpected oracle data in the wake of Terra blockchain halt enables multiple attacks on other platforms

Earlier today, Terra halted their blockchain after a devastating few days. Subsequently, Chainlink's oracle paused the price feed, causing it to fall out of sync with the apparent market price of the token. This enabled multiple attacks on various platforms.

$13.5 million was fraudulently borrowed from the Venus protocol on BSC. Blizz Finance on Avalanche reported their protocol had been entirely drained, amounting to around $8.3 million. Blizz subsequently announced in a post-mortem that "Blizz has no treasury or development fund and a significant portion of the stolen assets belonged to our team. As such we regret to announce the protocol has been paused and we do not intend to resume operations."

FBI charges EminiFX CEO with fraud

Eddy Alexandre, CEO of the cryptocurrency and forex trading platform EminiFX, was charged by the FBI with fraud for his role in what he described to investors as a crypto investment scheme. Promising to double investors' money in five months with his secret robo-investing software and team of "experienced traders", in reality Alexandre pocketed most of the money. He spent $15 million of the money on his own expenses, including luxury vehicles. The small portion of funds he did invest ended up losing money.

Alexandre was sentenced to nine years in prison on July 18, 2023 and ordered to pay $249 million in forfeiture and $214 million in restitution.

Terra blockchain is halted after token crash increases threat of governance attacks

After $LUNA dropped below $0.01, Terra announced that they halted the Terra blockchain. "Terra validators have decided to halt the Terra chain to prevent governance attacks following severe $LUNA inflation and a significantly reduced cost of attack", they wrote on Twitter. This means that no transactions can continue on the Terra chain, and that holders of any tokens based on that chain (including the TerraUSD stablecoin or LUNA) can't do anything with those tokens.

Terra only announced this after halting the network, giving their users no opportunity to try to withdraw funds. They have made no announcement about whether or when they intend to bring the network back online, although it seems safe to assume that the enormous loss of confidence in Terra would make any restart short-lived.

Tether loses peg, drops below $0.95

Price chart of Tether to USD, showing a gradual decline below $0.99, then a dramatic dip to $0.95, before recovering to around $0.98 and then a more gradual recoveryTether/USD on May 11–12 (attribution)
Tether, the largest stablecoin, had a major wobble. Pegged to the U.S. dollar and widely used throughout the cryptocurrency ecosystem, even a fractional cent deviation from its peg can have enormous ramifications. Tether spent six hours below $0.99 — at one point slipping down to $0.95 — in the most significant deviation from its peg in recent history. The dip was widely connected to the recent and even more dramatic de-peg of the previously third-largest stablecoin, TerraUSD, as well as the general crypto market crash.

Tether began to recover somewhat as the day progressed, gradually returning to above $0.99. However, the de-peg has clearly shaken the cryptocurrency ecosystem. The heavy reliance on Tether means that a substantial or protracted loss of its peg would be devastating, and the open secret that Tether does not have the backing assets it once claimed has intensified fears about a possible run on Tether.

BitPrime exchange forced to pause trading due to lack of liquidity

The New Zealand cryptocurrency exchange BitPrime paused trading operations, issuing a notice to their customers: "A perfect storm has occurred, where liquidity has reduced, the market has crashed, and our overheads have increased. These have eroded trading capital and liquidity to a point where we felt we couldn't guarantee fast trading execution and liquidity of customer funds." Unlike many exchanges, BitPrime doesn't also play the role of a wallet, so customers aren't prevented from moving their crypto as they would be if this happened with an exchange that holds customer funds.

CoinDesk reports that Terra's Do Kwon was behind another failed algorithmic stablecoin project

In a scoop published shortly after the catastrophes began with TerraUSD and Luna, CoinDesk reported that Terraform Labs CEO Do Kwan had also previously led a different failed stablecoin project. Using the pseudonym "Rick Sanchez", Kwon created "Basis Cash" (BAC), another algorithmic stablecoin. Basis Cash also aimed to peg to the US dollar, but never actually achieved this value. The coin has traded far below $1 for most of its existence, dropping and remaining below $0.01 in early 2021.

Do Kwon has never disclosed his involvement with this failed project. CoinDesk wrote that although their "default position is to respect the privacy of pseudonymous actors with established reputations under their well-known handles unless there is an overwhelming public interest in revealing their real-world identities", there was now "such public interest as Kwon's UST stablecoin death spirals, wreaking havoc across the broader cryptocurrency market. Amid this precarious situation, investors deserve to know that UST was not Kwon's sole attempt at making an algorithmic stablecoin work." It was not made clear in the article when CoinDesk first learned of Kwon's connection to Basis Cash, though the authors later stated they'd learned of it the night before they published.

Terra $LUNA token drops in price by 98% amidst ongoing TerraUSD stablecoin collapse

A chart showing the ostensible value of $LUNA in USD from April 11 to May 11, showing a precipitous drop between approximately May 5 and May 11Terra ($LUNA) to USD from April 11–May 11 (attribution)
Terraform Labs develops two cryptocurrencies: TerraUSD ($UST), an algorithmic stablecoin meant to be pegged to the U.S. dollar, and $LUNA, a crypto asset used both for speculation and to help maintain the UST peg. As UST dramatically lost its peg throughout early May, Luna plummeted in value alongside it. Luna was trading between $80 and $90 in the first days of May, but as of May 11 had lost 98% of its value and was hovering between $2 and $3. By midday on May 12, the token was trading at or below $0.01.

Such a dramatic crash in a cryptocurrency that was in the top ten by market cap has been devastating to some. Some members of the Terra/Luna community on Reddit have spoken of being massively over-invested in Luna, with some describing losing their life savings and appearing to be in crisis.

"Cryptoqueen" Ruja Ignatova added to Europol's most wanted list in connection to OneCoin ponzi scheme

Portrait of Ruja IgnatovaRuja Ignatova (attribution)
Ruja Ignatova, also known as the "Cryptoqueen", is a serial fraudster who has been on the run since 2017. In 2019, she was charged in absentia by U.S. authorities due to her connection with the OneCoin ponzi scheme.

OneCoin was a Bulgarian ponzi scheme in which investors bought packages of "tokens" with which they would supposedly "mine" cryptocurrency. Despite advertising as a decentralized cryptocurrency, OneCoin in reality was centralized on the company's servers. The scheme attracted around $4 billion in investments since its creation in 2014, and several people associated with the project have pled guilty to money laundering and fraud charges.

Coinbase adds new language regarding bankruptcy to its latest quarterly report

Coinbase added new language to its latest 10-Q, a quarterly report submitted by public companies to the SEC. In the section outlining risks to the business, Coinbase wrote: "Because custodially held crypto assets may be considered to be the property of a bankruptcy estate, in the event of a bankruptcy, the crypto assets we hold in custody on behalf of our customers could be subject to bankruptcy proceedings and such customers could be treated as our general unsecured creditors."

This serves as a stark reminder to users who keep their cryptocurrency on exchanges, that although it is often a more user-friendly way to keep crypto (compared to self-custodying), it exposes users to risk like this.

Some members of the crypto community expressed shock, with Swan Bitcoin CEO Cory Klippsten tweeting, "Is this real?!?"

Former footballer Michael Owen claims his NFTs "will be the first ever that can't lose their initial value"

Portrait of Michael OwenMichael Owen (attribution)
In what almost guarantees some fun lawsuits down the line, former footballer Michael Owen tried to hit back at "the critics" by announcing that "[his] NFTs will be the first ever that can't lose their initial value". Owen's business partner quickly turned up to do damage control, writing "we cannot guarantee or say that you cannot lose. There is always a chance".

It appeared that Owen might have meant that there would be a lower bound on resale price of the NFTs, which is neither a new concept in NFTs (see Kaiju Kongz or Rich Bulls Club), nor does it mean the NFTs "can't lose their initial value". It just means that when the NFTs do lose their initial value, collectors can't recoup even a portion of their investment.

G.O.A.T. token developer rug pulls for $260,000

The G.O.A.T. ("Greatest of all Tokens") project claimed to be "the new standard in cryptocurrency", with vague claims that it would "add value by addressing scalability and risk management utilizing a broad range of strategies". Unfortunately for buyers, one risk they didn't manage was that one of the project developers would suddenly sell off their holdings, making off with $260,000 while crashing the token price to nearly $0.

The remaining project developers have tried to remain positive and restore faith in the community, accusing the developer who sold of "gluttony" and "greed". The project also implemented a steep 50% tax on remaining holders to discourage them from trying to sell.

Founder of popular Azuki project admits to past rug pulls

A human figure with brown-purple skin and blond hair tied back in a bun, holding a sword over her shoulder. She has a tattoo on her neck and the side of her face, and is wearing a parka with a furred collar.Azuki #2821 (attribution)
In a blog post titled "A Builder's Journey", the founder of the popular Azuki NFT project admitted that he had also been behind the NFT projects CryptoPhunks (note the "h"), Tendies, and CryptoZunks. CryptoPhunks were simply mirrored versions of the early CryptoPunks project. In his telling, he decided to "decentralize the [CryptoPhunks] project by handing over the reins to our community". Many, if not most, others consider CryptoPhunks to be a rug pull — abandoned by its founder in a betrayal of the community. The same is true for the other two projects that Zagabond admitted he ran.

This news came as a shock to many lovers of Azuki NFTs, pricey NFTs which regularly trade for 20–30 ETH (~$45,000–$70,000). Azuki is not without its own controversies, recently facing accusations of insider trading.

TerraUSD (UST) stablecoin dramatically loses its peg

A chart showing the price of TerraUSD in USD from May 4 to May 11. The value hovered very close to $1 until May 9, when it plunged to $0.70 before returning to around $0.90, then plunging as low as $0.30 on May 11TerraUSD ($UST) to USD from May 4–May 11 (attribution)
It's been a rough few days for TerraUSD, one of several popular stablecoins pegged to the US dollar. Unlike many stablecoins like Tether or USDC, Terra is an algorithmic stablecoin, meaning that instead of (ostensibly) being backed 1-1 by various assets, they are based around an algorithm that uses various market incentives to maintain a set price. UST is the largest algorithmic stablecoin on the market at the moment, followed by projects like Fei and FRAX.

The incentives that should keep TerraUSD trading at $1 have been put to the test lately, with a combination of spiraling cryptocurrency prices across the board and some apparent large sell-offs by those holding UST. The coin dipped down to $0.992 on May 7 before some large buys returned it close to its peg. It dipped again by a smaller amount the following day, reaching a low of around $0.994. These values may seem like small changes on the micro scale, but when major stablecoins diverge from their peg by even fractions of a cent they have major effects throughout the cryptocurrency ecosystem.

On May 9, UST saw its most extreme de-peg, plunging to $0.95, then again to $0.84 later that day, despite Luna Foundation Guard liquidating $1.3 billion in Bitcoin reserves to try to restore the peg.

Do Kwon, cofounder of Terraform Labs, initially seemed to be doing his best to portray confidence on Twitter by tweeting things that give the exact opposite impression. "If yall girls are gonna fud, try to do it during my waking hours pls," he wrote on May 7. "You could listen to [crypto Twitter] influensooors about UST depegging for the 69th time. Or you could remember they're all now poor, and go for a run instead", he tweeted, somewhat blithely acknowledging UST's repeated history of losing its peg. His tweets seemed to take a more serious turn beginning the evening of May 8, as the situation grew more dire.

Attacker steals $3 million from Fortress Protocol

An attacker was able to steal 1,048 ETH (~$2.65 million) and 400,000 DAI from the Fortress Protocol borrowing and lending platform in what appears to have been an oracle manipulation attack. The attacker quickly moved their ~$3 million in stolen funds to the Tornado Cash cryptocurrency tumbler to obscure their tracks.

The exploit caused the $FTS token to drop 42%. The creators of Fortress urged people not to supply any assets to the pool as the attack was ongoing, and tweeted "we need the support of all of our partners and key organizations in the community to assist and try to freeze and bring back the funds!"

Cashera makes off with $90,000

Cashera was a project claiming to provide a "banking revolution" with its CSR crypto token. The project did many things to try to appear legitimate, including linking to government records showing a company with their name is registered in the UK and undergoing a smart contract audit by AuditRateTech. Their website boasted "partners" including VISA, PayPal, Netflix, and Spotify.

Despite all this, the project deployer suddenly minted 23 million CSR tokens, which they swapped for almost $90,000 in other assets, crashing the token value in the process by about 70%. The development team also took the project website offline.

Hunter defi project rug pulls for $1.2 million

Under the pretense of a contract upgrade, the Hunter defi project team drained the liquidity from the project, swapping the tokens for assets worth around $1.2 million. The team also took down the project website and closed the Discord server.

The rug pull was first noticed by CertiK, a blockchain security firm that had also audited the project. "We pointed out these major centralization issues in their audit," CertiK wrote on Twitter.

Fury of the Fur rug pulls for $300,000

A 3D model somewhat resembling a bear. Its surface appears to be diamond-embossed black leather, and it has a blue mohawk and is holding a black metal scepter.FuryTed #2597 (attribution)
The Fury of the Fur NFT project was a collection of 3D models that sort of resembled bears. The project advertised that the models were "metaverse and game-ready", and the roadmap promised a merchandise store, animated series, "sandbox hideout", and card game.

However, the NFT launch went poorly — fewer than 2,800 NFTs were minted out of the total supply of 9,671 NFTs. The project tried to relaunch but failed to drum up much more interest, so the creators apparently decided to call it quits — while keeping the money, of course. The project founder left a long message to the community, in which they said that they would be shutting the project and spoke at length about how difficult it had been for them.

Coinbase's new NFT marketplace hasn't had more than 200 transactions in a day since its public launch

Coinbase is a big name in the crypto exchange world, enjoying the highest trading volume in the United States. The company decided to enter the NFT trading space, first releasing an NFT marketplace to a small group of beta users, then opening it to the public on April 20.

Although the company claimed to have 3 million users on its waitlist, the public marketplace release has gone shockingly poorly given Coinbase's existing reputation. The platform has yet to see more than 200 transactions in a given day (compared to OpenSea, which regularly sees more than 100,000 transactions a day, or its smaller competitor LooksRare which sees more than 1,000 daily). Furthermore, the platform has only broken $50,000 in volume traded on five of the days it's been publicly available, with some days seeing only a few thousand dollars traded. OpenSea has been doing over $150 million in daily volume in that same time frame, and LooksRare around $100 million (though it should be noted that the prevalence of wash trading, particularly on LooksRare, makes these numbers hard to evaluate).

U.S. Treasury sanctions cryptocurrency tumbler Blender, the first sanction of its kind

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced that they had sanctioned the North Korean cryptocurrency tumbler Blender.io. This was the first U.S. government sanction levied against a cryptocurrency tumbling service. Blender was used to launder more than $20.5 million of the $620 million stolen in March from the blockchain used by the play-to-earn game Axie Infinity. The U.S. government has alleged that the North Korean state-sponsored cybercrime group Lazarus was behind the hack.

The U.S. began sanctioning various wallet addresses belonging to the hackers in mid-April, though have faced obstacles given that it is trivial for the hackers to create new wallets. The use of cryptocurrency tumblers (also called "mixers") has also stymied the government's attempts to limit the DPRK's access to the ill-gotten funds. Blender is not the primary tumbler that Lazarus has been using — that would be Tornado Cash, which they have used to tumble more than $213 million from the hack. Tornado has taken perfunctory steps to comply with sanctions, but nothing that would meaningfully impact Lazarus' ability to use the service.

Someone hijacks a Ferrari domain to host scam NFT mint

A website with the URL forms.ferrari.com, showing the text "Mint your Ferrari! A collection of 4,458 horsepowered NFTs on the Ethereum network"Scam webpage (attribution)
Someone was able to gain control of a ferrari.com subdomain to create a scam NFT mint. Most scam NFT projects rely on eager NFT collectors not noticing a URL that isn't quite right — for example, something like ferrari-nft.com. This one was able to gain some additional legitimacy by using an actual ferrari.com subdomain. Additionally, Ferrari had recently announced an upcoming NFT project, making the scam project seem more plausible.

Sadly for the scammer, the scam was discovered and shut down when they had only managed to scam one person. The unsuspecting collector sent 0.3 ETH ($800), which the scammer transferred to Tornado Cash.

Day of Defeat project rug pulls for $1.35 million

The token associated with the Day of Defeat project, which describes itself as a "radical social experiment token mathematically designed to give holders 10,000,000X PRICE INCREASE" (🚩🚩🚩), suddenly dropped in value by more than 96% as the project rug pulled. More than $1.35 million worth of assets were drained from the BSC-based project and transferred to external wallets.

The project's website is one of the most absurd I've seen, promising that "all final holders will get 10,000,000x gains". Their project roadmap includes a "mystery plan" that results in a 1,000,000x price increase. Their FAQ states, "First of all, we promise that the team will not redeem the fund pool." Apparently projects based on pinky swears aren't great investments.

After the funds were drained, the project claimed that they had been compromised by an external actor, and had "reported to Binance and local authorities".

OpenSea Discord hacked

The OpenSea Discord server was compromised, allowing a scammer to post a seemingly-official announcement that OpenSea was partnering with YouTube on a line of NFTs. They urged people to act quickly to snag one of only 100 free NFTs that would offer "insane utility".

Given OpenSea's prominence, it's surprising that the hacker managed to obtain relatively few NFTs of much value. The wallet appeared to have successfully stolen only 13 NFTs, none of which were from high-value collections, that are worth a collective $20,000 if resold at the collections' floor prices.

OpenSea tweeted several messages acknowledging the hack and urging users not to click any links. They have not yet confirmed that they've conclusively re-secured their server.

"Double your money" scam using an old livestream of Elon Musk, Jack Dorsey, and Cathie Wood earns crypto scammers $1.3 million in 24 hours

A screenshot of a YouTube video, showing a panel with Elon Musk highlighted and three others speaking alongside. Around the video are a fake tweet from Musk and blocks of text advertising a "double your money" scam. The website URL has been blurred.Scam livestream (attribution)
Crypto scammers on YouTube rehosted a "live" panel discussion — actually from "The ₿ Word" conference in July 2021 — in which Elon Musk, Jack Dorsey, and Cathie Wood discussed "Bitcoin as a Tool for Economic Empowerment". The scammers added a frame around the video that advertised "giveaways" and "double your money" scam websites. The websites promised that if you sent cryptocurrency to the address, you would receive twice as much in return — a classic scam I remember from the Runescape days, which has also enjoyed success in crypto markets for years. The scammers inflated YouTube subscriber and active watcher numbers to add legitimacy to their streams, and some of them faked screenshots of tweets from Musk.

McAfee identified 26 scam websites that were linked from the YouTube livestreams, which altogether took in $1.3 million in Bitcoin and Ether in a 24 hour period.

Mining Capital Coin CEO indicted for $62 million investment fraud scheme

The Department of Justice unsealed an indictment on May 5, showing that Mining Capital Coin's CEO and founder Luiz Capuci Jr. was charged with orchestrating a $62 million investment fraud. Capuci allegedly misled investors about MCC's program, which he said would use investors' money to mine new cryptocurrency and would generate guaranteed returns. Instead, Capuci put the funds into his own crypto wallets, and used them to fund his own lifestyle of Lamborghinis, real estate, and a yacht. Capuci also allegedly ran a pyramid scheme of promoters, to whom he promised luxury gifts including iPads and luxury cars.

Capuci was charged with conspiracy to commit wire fraud, conspiracy to commit securities fraud, and conspiracy to commit international money laundering. If convicted on all counts, he could be sentenced to up to 45 years in prison.

Pragma defi protocol developers rug pull for $1.5 million

The Pragma defi project on the Fantom blockchain announced that their treasury and project wallets had been drained for around $1.5 million in $FTM.

The rug pull appeared to have been perpetrated by one team member, although several other team members had to sign off on the transaction in order for it to go through.

The team had had their real-life identities verified by Obsidian, and remaining team members said they were working with Obsidian to try to investigate those behind the theft. Third-party KYC verification like the service Obsidian provides is often used by crypto projects to increase trust, though Pragma is hardly the first project with this kind of verification that stole funds anyway.

Juno accidentally transfers $36 million in seized funds to inaccessible wallet address

A protracted discussion and two different votes ended with the Juno project deciding to confiscate all but 50,000 of the 3 million $JUNO accumulated by one individual. When the discussions began, the 2.95 million $JUNO to be confiscated were worth a combined $121 million. However, the $JUNO price has dropped from the then all-time-high of around $40 to under $13, putting the value of the tokens to be confiscated closer to $38 million.

Juno intended to transfer the seized tokens from the individual whale's wallet to a community-controlled wallet. However, the person making the transfer accidentally copied and pasted the wrong value, resulting in the funds being sent to a wallet address that no one can access — effectively burning the tokens.

Daniel Hwang, who helps run one of the Juno validators, said to CoinDesk, "We fucked up big time". He also offered an unusual opinion: "Validators should have due diligenced for ourselves to actually check the code we're executing and running".

Shortly after the botched transaction, the Juno community began voting on a proposal to hard fork a second time to fix their mistake.

Attacker compromises MM.Finance to redirect $2 million in crypto assets to their own wallet

MM.Finance, a group of crypto projects based on the Cronos blockchain, suffered an attack that allowed a hacker to redirect more than $2 million worth of crypto assets that were being exchanged through the project's website to their own wallet. Although MM.Finance described the attack as "DNS hijacking", it seems unlikely this is an accurate description of the attack, which seems more likely to involve phished credentials to their domain service providers.

"Please do not perform any transactions or your funds will be sent to the exploiter wallet," MM.Finance tweeted shortly before taking the website offline. Three days earlier, MM.Finance had published a blog post to address "FUD" in their ecosystem stemming from a popular Reddit post that described MMF as an "inverse pyramid of derivatives" that the author believed would "topple", and outlined the project's "rosy future".

The project promised to try to compensate users, with its developers foregoing 45 days of trading fees to reimburse users. They also appealed to the OKC crypto exchange to intervene to help recover funds from someone they believed to be the attacker, and threatened the attacker with the FBI. "With all these information, we have more than what we need to bring this information to the FBI," they wrote on Twitter. "So here's the deal, return 90% of the funds you stole and we will let this go, no questions asked. You have 48 hours to return these funds."

ape holders can use multiple slurp juices on a single ape

a lotta yall still dont get it

ape holders can use multiple slurp juices on a single ape

so if you have 1 astro ape and 3 slurp juices you can create 3 new apes

Tonight's slurp juice mint event is essentially a minting event for both Lab Monkes and Special Forces

Video game company Square Enix agrees to sell much of their Western IP so they can go into the blockchain market

Cover of a copy of Tomb Raider for XBOXTomb Raider (attribution)
Video game company Square Enix, the creators of titles including Deus Ex and Tomb Raider, agreed to sell off the intellectual property rights to those games, as well as other games and their respective game studios. The move, they said, was so they could invest more heavily in "blockchain, AI, and the cloud". This didn't come as an enormous surprise, as in January, Square Enix CEO announced these intentions in a letter that acknowledged that that (apparent subset) of players who "play to have fun" wouldn't be thrilled with their blockchain plans.

The sale agreement announcement came at a tough time for Square Enix, as it was published the same day as a report from the Wall Street Journal that "NFT Sales are Flatlining".

NFT sales drop 92% from peak, says Wall Street Journal

The Wall Street Journal reported that "the NFT market is collapsing", citing data from NonFungible that showed daily average sales of NFTs had dropped 92% from their September peak. They also reported that active wallets had dropped 88% from their November peak, suggesting fewer people were regularly trading NFTs. This may reflect growing disillusionment with a sector that's increasingly earned its reputation as full of scams and opportunities to lose money.

However, the article must be taken with a grain of salt. It's very difficult to determine in the moment what's simply a temporary lull rather than a death spiral, and notoriously inconsistent NFT and crypto data sources can tell wildly different stories.

The Vatican plans a metaverse NFT gallery

A grid of four rendered humanoid figures with very shiny skin. The women have large breasts and tiny waists, the man is muscular and slim. The top left woman is wearing a shiny white bodysuit and an iridescent complex harness around her breasts and midsection. The top right woman is wearing a translucent pink bra with large nipple rings, and fishnet pantyhose under purple pants. The bottom left man is wearing no shirt but an iridescent chest harness, and ashiny blue bottoms. The bottom right woman is wearing a very small orange crop top that reveals the bottom half of her breasts, tiny orange underwear, and a translucent pink waist harness.Can't wait to roll up to the Vatican museum in my metaverse avatar (attribution)
A press release from metaverse developer Sensorium announced a "VR and NFT gallery" that would host art and content for the Vatican. The project will allow VR, PC, and mobile interactions, and enable people to "build unique NPCs and communicate with them". That part is a promising prospect for anyone interested in watching the Roman Catholic Church try to deal with the challenges of moderating metaverse shenanigans, and made altogether more amusing by the fact that Sensorium's current collection of example metaverse avatars are all hypersexualized, apparently covered in oil, and wear skimpy or sheer outfits apparently made from mesh, latex, and various harnesses.

For now it sounds like the project doesn't involve selling NFTs, which raises the question of why NFTs are required at all when the goal seems to just be to display artwork online — something the Vatican already does. Personally, until I can own the Popemobile in the metaverse, I'm not interested.

Juno whale threatens to sue network validators if community confiscates his tokens

The Juno community has officially voted to confiscate over 2.95 million $JUNO owned by one whale who they believe gamed the airdrop to obtain more than his fair share. This follows a long community discussion about his actions, and formalized a previous community poll on what to do. When the discussions began, the 2.95 million $JUNO to potentially be confiscated were worth a combined $121 million. However, the $JUNO price has dropped from the then all-time-high of around $40 to $11.30, putting the value of the tokens to be confiscated closer to $33 million.

The whale has repeatedly appealed to the community not to revoke his tokens, even trying to claim that the Juno developers had been secretly selling off $JUNO and damaging the community. Unfortunately for him, he didn't succeed in swaying the community, who voted on April 29 to confiscate his tokens.

The whale has threatened to take "legal action against each validator" if the community burns or locks the tokens that previously belonged to him, and which he claims to have been managing on behalf of clients in an investment scheme.

Wikimedia Foundation stops accepting cryptocurrency donations

The Wikimedia Foundation, the non-profit organization that owns and operates Wikipedia and related projects, announced that they would no longer accept donations in cryptocurrency. The announcement followed a formal request from the community that the WMF no longer accept such donations, a request that came from three months of discussion among members of the community.

The Wikimedia Foundation has accepted cryptocurrency donations since 2014, accepting donations in cryptocurrencies including Bitcoin, Bitcoin Cash, Ether, Ripple (XRP), Litecoin, Dogecoin, and the DAI and USDC stablecoins. However, it has made up a small portion of the non-profit's donation revenue — they received only $130,000 worth of crypto donations in the last fiscal year, which made up 0.08% of their revenue.

There has been strong pressure from crypto advocates on the WMF to accept crypto donations — both in 2014 when it was initially implemented, but also via brigading of the recent community discussion.

Phishing sites appearing to be the "Otherside" Bored Ape land project steal NFTs valued at $6 million

In what should surprise nobody, some of the historically phishing-prone fans of the pricey Bored Apes project fell for scams that pretended to be the Bored Apes' new land project, called "Otherside". In collectors' hurry to mint the metaverse land NFTs, some fell for phishing sites pretending to be the real deal.

Blockchain sleuth zachxbt found one such address that had netted around $1 million in NFTs just today, and tracing its transactions led to two other scammer wallets containing $5.1 million of other stolen NFTs.

Popular NFT mint spikes Ethereum gas prices; OpenSea transaction fees exceed $3,500

A pixel-art image of a blue goat sitting in a red bowlGoat Soup #3672: $275 for the NFT, $3,850 for the fee (attribution)
The much-awaited Bored Ape Yacht Club "Otherside" metaverse land sale began, and its popularity just about wrecked Ethereum for everyone else. Gas fees, which increase based on network congestion, spiked to shocking levels, with an average OpenSea sale costing more than 1.25 ETH ($3,500) in gas.

Most trading on OpenSea during this period was for the much-anticipated Otherside land deeds, which sell for around 5 ETH ($13,500) plus gas. However, some people oddly continued to buy and sell cheaper NFTs, including one person who bought a 0.1 ETH ($275) NFT and paid $3,850 in transaction fees.

Solana goes down again

On April 30, NFT minting bots began flooding the Solana network with 4 million transactions per second, causing the network to lose consensus. The project tweeted that "Engineers are still investigating why the network was unable to recover, and validator operators prepare for a restart." The network was offline for seven hours.

This is hardly the first instability the network has demonstrated, much to the chagrin of its users. Transaction flooding is an issue on Solana in part because of the low transaction fees compared to networks like Bitcoin and Ethereum, which have relatively high gas fees that would make flooding extremely expensive.

"Official" Teenage Mutant Ninja Turtles NFT project buys a fake IP rights contract

Illustration of a Teenage Mutant Ninja Turtle holding a boombox to its earTMNT NFT Twitter profile picture (attribution)
A project to create Teenage Mutant Ninja Turtles NFTs stirred up a lot of excitement, garnering more than 100,000 Twitter followers on a verified Twitter account that described itself as "The Official TMNT NFT". Crypto research project "Rug Pull Finder" wrote on March 29 that they didn't believe the project owned the IP rights they needed. The TMNT project posted later that day same day, "Let's make it clear: we own the NFT digital rights of the Original Teenage Mutant Ninja Turtles 1987". Rug Pull Finder followed up with a detailed thread in late March outlining their belief that the project didn't own the proper rights to create the NFTs, writing that, "unless they can get cooperation from Viacom for the release of their collection, it will absolutely be a rugpull".

In late April, the Twitter account was suddenly suspended. On April 30, the TMNT project announced in their Discord that they had discovered that they had been sold a "fake IP rights contract", which they learned after communication from Paramount. They, probably overly optimistically, wrote that they would be pausing the project but they were hoping to "continue the project hand in hand" with Paramount.

Saddle Finance loses more than $11 million to hack

An exploiter used a flash loan attack to pull 3,933 ETH (~$11 million) from the "decentralized automated market maker" Saddle Finance. Shortly after the attack, the hacker began moving the stolen funds through the Tornado Cash tumbler to launder the money.

Saddle Finance had lost money once before, hours after it launched in January 2021. An individual was able to arbitrage Saddle Finance pools for a profit of around $275,000.

$80 million stolen from Fei Protocol and Rari

A hacker attacked multiple Rari liquidity pools relating to the Fei Protocol, exploiting a known re-entrancy vulnerability that exists on forks of the Compound protocol. The attacker stole more than $80 million from the projects.

Fei Protocol tweeted that they had paused borrowing to avoid further thefts, and offered a $10 million bug bounty if the hacker returned the money.

SEC files fraud complaint against NASGO organizers

The SEC charged four individuals with fraud violations in relation to their actions with NASGO, a company that created various tokens that the SEC has since described as unregistered securities. The defendants allegedly made claims that one of the tokens would increase in value by 10¢ every week, plus another 10¢ each time a new business joined their platform. The defendants also engaged in various other shady business, including hiring traders to trade the tokens amongst themselves to give the appearance of investor demand. This worked only until investors actually decided they wanted to cash out, causing the whole thing to fall apart because the market demand was faked. According to the SEC, NASGO misappropriated almost $4 million in investor funds.

Deus Finance exploited for $13.4 million in the second hack in two months

The defi project Deus Finance was hit with a flash loan attack that netted the hacker $13.4 million. The loss to the protocol was likely larger than what the hacker was able to withdraw, though Deus announced that no users had been liquidated and that "the loss is on the protocol".

Deus had suffered a similar attack in March, with an attacker using a flash loan attack to steal more than $3.1 million. Deus reimbursed users who were liquidated in the incident.

According to Deus' CEO, the exploit in this incident was not the same one used in the previous attack. He wrote on Twitter that the exploit was "the first of its kind, a zero-day exploit on Solidly [decentralized crypto exchange] swaps".

Central African Republic adopts Bitcoin as legal tender

The Central African Republic became the second country to adopt Bitcoin as legal tender, after El Salvador did the same in September 2021. It's a strange move, in a country where only 4% of people have Internet access, whose currency (the Central African CFA franc) is fairly stable, and which already has access to digital currencies via services like Orange Money.

The Bank of Central African States (BEAC) has expressed surprise at the CAR's choice, saying that they only learned about it along with the rest of the public. Two former prime ministers of the CAR co-authored a letter stating that adopting Bitcoin as legal tender without guidance from the BEAC was a "serious offence".

Scammers create fake Louis Vuitton NFT project

OpenSea page of a Louis Vuitton branded collection, showing a profile photo with a blue checkmark on the image itselfLouis Vuitton scam page (attribution)
Scammers created a project on OpenSea with Louis Vuitton branding, which invited individuals to visit an external site to mint exclusive NFTs. They placed a blue checkmark on the project profile image to try to trick people into believing the project was verified, and they were able to manipulate the floor price to make it appear at a glance as though the NFTs could be traded for tens of thousands of dollars more than they cost to mint.

The project airdropped these NFTs to NFT whales, causing some trackers used by people who follow and imitate whales' behavior to believe the whales themselves had minted the NFTs. The site then used a random counter to make it appear that the NFTs were quickly selling out, causing people to quickly mint their NFTs in fear of missing out. One NFT collector recounted her experience falling for the scam, buying five of the NFTs for a total of 0.6 ETH (~$1700) in hopes of striking it rich on a newly-launched project before it became widely known.

An examination of the website source code shows that the project is reusing code from a different scam based around World Cup themed NFTs.

Representative Madison Cawthorn faces accusations of insider trading and disclosure violations related to Let's Go Brandon coin

Instagram post of Madison Cawthorne posing with several others. Caption by jameskoutoulas reads "Never get sick of a @madisoncawthorn bro out". A comment by madisoncawthorn reads, "Tomorrow we go to the moon!"Cawthorn, pictured in an Instagram post by LGBCoin project leader James Koutoulas (attribution)
North Carolina Representative Madison Cawthorn was one of several influential people who helped to promote the "Let's Go Brandon" memecoin, which has since become the subject of a class-action lawsuit due to a reported pump-and-dump scheme. Cawthorn is not named in the lawsuit, but he may face his own troubles: although he has claimed to own the currency, he has never publicly disclosed any stake in the coin as is likely required by ethics legislation. Cawthorn also commented "Tomorrow we go to the moon!" on a post about the coin from his official Instagram account, the day before the team of NASCAR driver Brandon Brown announced the cryptocurrency would be the primary partner for the 2022 season. "This looks really, really bad," said governmental watchdog group member Dylan Hedtler-Gaudette. "This does look like a classic case of you got some insider information and acting on that information. And that's illegal."

Fidelity plans to allow people to put retirement savings into Bitcoin

Financial services company Fidelity announced its intentions to allow people to put some of their retirement savings into Bitcoin in the near future, despite the Department of Labor's urgings otherwise. It is concerning to see a large financial helping to normalize the idea that cryptocurrencies are an "investment".

The Employee Retirement Income Security Act of 1974 requires plan fiduciaries to act solely in the financial interest of plan participants, and the U.S. Department of Labor issued guidance in March reminding plan fiduciaries of this duty, urging them to "exercise extreme care before including direct investment options in cryptocurrency". In a blog post shortly after, the DoL wrote that they had "serious concerns" about plans that would expose participants in cryptocurrencies and related products, outlining risks including valuation concerns, obstacles to making informed decisions, price volatility, and a still-developing regulatory landscape.

A Fidelity executive said that the company "believe[s] they should withdraw that guidance".

MetaDocs NFT project wants TikTok-famous doctors to diagnose you, but they don't have a license

TikTok screenshot of a doctor wearing black scrubs, mid-sentence. There is overlaid text that says "Ear Candling" and a MetaDocs logo.MetaDocs TikTok video (attribution)
Buy the $570 NFT and you'll get access to "celebrity doctors" who have amassed followings on apps like TikTok. Promising to "provide access quality doctors without all the usual red tape", the project has lofty dreams including one day providing metaverse diagnoses with remote examinations delivered using haptic suits... somehow.

Whether they actually get close to that dream very much remains to be seen. The project has faced several setbacks, including complaints from doctors whose likenesses were used without permission, and lack of any telemedicine license that would allow doctors to actually provide remote medical services. The project has also faced criticism for hosting "Ask a Doc" chats where physicians answered various questions without clarifying they weren't providing medical advice, for listing "physicians" in their whitepaper who were still completing residency, and for pledging to donate its first $1 million in revenue to an autism-related charity which has promoted the false claim that vaccines cause autism and has described autism as a disorder that needs to be "cured".

Reggie Fowler pleads guilty to fraud in Crypto Capital case

Fowler pictured from the shoulders up, wearing a suitReggie Fowler (attribution)
Reggie Fowler, a businessman and former pro football player who worked for the Panama-based Crypto Capital Corp., pled guilty to various charges involving bank fraud, wire fraud, and conspiracy. Crypto Capital Corp. was a shadow bank that allegedly enabled crypto exchanges and criminal enterprises to access the traditional banking system. At the time, crypto exchanges were largely excluded from traditional finance due to the potential exposure to money laundering. CCC is perhaps best known for its ties to Bitfinex, and for losing funds in an incident that Bitfinex was fined for attempting to cover up.

After initially rejecting a plea offer that would have allowed him to plead guilty to one felony if he forfeited up to $371 million, Fowler ultimately decided to enter an open plea to the charges against him and skip a trial. He pled guilty to five charges: bank fraud, conspiracy to commit bank fraud, operating a money transmitter business, conspiracy to operate a money transmitter business, and wire fraud. Fowler faces a maximum sentence of 90 years in prison.

FTX founder Sam Bankman-Fried tries to explain yield farming and it's just a ponzi

Sam Bankman-Fried pictured from the shoulders upSam Bankman-Fried (attribution)
Sam Bankman-Fried, one of the most well-known crypto execs and the founder of the popular FTX crypto exchange, appeared for an interview on Bloomberg's Odd Lots podcast alongside finance journalist Matt Levine. When asked by Levine to explain yield farming, Bankman-Fried launched into an explanation in which he compared it to a box that "they probably dress up to look like [it's] life-changing" but it "does literally nothing". He explained how people put money into the box "because of, you know, the bullishness of people's usage of the box". "So they go and pour another $300 million in the box and you get a psych and then it goes to infinity. And then everyone makes money."

Levine responded, "I think of myself as like a fairly cynical person. And that was so much more cynical than how I would've described farming. You're just like, well, I'm in the Ponzi business and it's pretty good."