Someone scrapes pre-launch NFT data to steal and launch their own goblin asses project

A green wrinkly pair of butt cheeks with light green goblin ears with gold rings, and a pink bandaidGoblin Ass #462 (attribution)
Hoping to riff off the popularity of the recent and weird Goblintown NFT project, some NFT enthusiasts decided to make their own "Goblin Asses" project, which is exactly what it sounds like. As one of the team wrote in a thread explaining what they also clearly thought was a pretty funny turn of events, the team was working quickly and with only one developer. They cut some corners on their development practices, and when testing their project contract, a watchful observer was able to scrape the image data, duplicate the contract, deploy it, and create and release their own website for the project.

All my goblin asses gone.

Gemini announces layoffs of 10% of their staff, blames "crypto winter"

The Winklevoss twins, founders of the Gemini crypto exchange, announced to employees and in a public blog post on June 2 that they would be laying off 10% of their workforce. They wrote that the crypto industry is "in the contraction phase that is settling into a period of stasis — what our industry refers to as 'crypto winter.'" According to CNBC, Gemini employed around 1,000 people, meaning that around 100 would lose their jobs.

The announcement came on the same day that the CFTC announced a lawsuit against Gemini for allegedly making false or misleading statements.

CFTC sues Gemini over allegedly misleading statements

Gemini is a major cryptocurrency exchange and market for Bitcoin futures. The Commodity Futures Trading Commission (CFTC) filed a lawsuit against Gemini for making false or misleading statements pertaining to their self-certification of a bitcoin futures product. The complaints contains several sections detailing allegations of "false or misleading statements and omissions" concerning loans and advances, self-trading, fee rebates and overrides, and trading volume and liquidity. The lawsuit seeks a permanent injunction preventing Gemini from engaging in trading activities, as well as civil penalties and forfeiture of money earned through their alleged violations of the law.

Someone impersonates Guardian tech editor Alex Hern to shill a cryptocurrency

Alex Hern, a technology editor at the Guardian, was surprised to receive an onslaught of messages asking about "Tsuka", a new crypto token. It turned out someone had been using Hern's identity to promote the token. After Hern set the record straight with a message in the token's Telegram channel and a note in his Twitter bio, the token crashed — at least as much as a $0.00015 token with a notional market cap of around $100,000 can crash. But it was enough to hurt some of the people who had been misled by the scam — one person messaged Hern to say he'd lost $400 on the crash, which was around a month's wages in his country, and which he described as his "life savings".

After the token plummeted, Hern received an email from the developers, who spun a story about how they were just fans of his, and that it was just an unfortunate mistake that people has mistaken their usage of his name and "Guardian" to mean he was involved.

Collector sells Bored Ape for $513,000 less than they paid for it

An illustrated ape with brown fur wearing a grey cap, with Xs for eyes, with a dagger in its mouth.Bored Ape #7256 (attribution)
NFT collector onekiller purchased Bored Ape #7256 for 188 ETH a month ago — at the time worth about $513,000. On June 1, they sold the ape for 0.088 ETH, or $161.

It's not quite clear what happened, but it seems likely that it may have been a listing error. Onekiller had posted and then canceled listings for the ape several times in the past week and as recently as four hours before the sale, all between 250 and 145 ETH, suggesting that they had control of their account and made a mistake while entering the listing value.

Technologists draft an open letter to US lawmakers urging them to responsibly legislate crypto industry

A group of 26 technologists (disclosure: myself included) have signed an open letter to U.S. lawmakers urging them to "take a critical, skeptical approach toward industry claims that crypto-assets ... are an innovative technology that is unreservedly good". The letter is an effort to push back against the well-funded crypto lobbyists attempting to influence U.S. lawmakers.

The Financial Times writes, "While individuals have made similar warnings about the safety and reliability of digital assets, it marks a more organised effort to challenge the growing influence of crypto advocates who want to resist attempts to regulate the frothy sector."

Solana network halted again

Solana is one of the more popular proof-of-stake blockchains, and is often trotted out as an alternative to Ethereum when people bring up Ethereum's environmental impact, slowness, or high transaction costs.

However, Solana has been plagued with stability issues, and on June 1 it was taken offline by its developers for what CryptoWhale says was the eighth time this year. This occurred only days after an incident in which the Solana blockchain clock drifted significantly behind real-world time.

Former OpenSea executive arrested, charged with money laundering

Nate Chastain was asked to resign from his position as Head of Product at OpenSea in September 2021 following allegations of NFT insider trading. Online sleuths had discovered that he had apparently bought NFTs based on insider knowledge that they would later be featured on OpenSea's front page. On June 1, the U.S. Attorney's Office of the Southern District of New York unsealed an indictment charging Chastain with wire fraud and money laundering, alleging that he had used anonymous crypto wallets and OpenSea accounts to buy NFTs before they were featured on the front page, then resell them for two to five times what he paid for them.

After leaving OpenSea in the wake of the allegations, Chastain began pitching a new NFT platform called "Oval" to investors, seeking $3 million in seed funding.

Chastain was arrested on June 1. The two charges he faces each carry a maximum sentence of twenty years in prison. The Attorney's Office described the charges as the first ever relating to insider trading of digital assets, and stated that, "today's charges demonstrate the commitment of this Office to stamping out insider trading — whether it occurs on the stock market or the blockchain."

  • Press release from the U.S. Attorney's Office of the Southern District of New York

Toronto Comic Arts Festival sparks outrage by featuring NFT creator Saba Moeel, Moeel found to have widely traced her artwork

Two images: on the left, an illustration of a pink cat sitting on a tank; on the right, original Tank Girl artwork from which the cat artwork was tracedPink Cat artwork (left); Tank Girl artwork from which it was traced (right) (attribution)
The Toronto Comic Arts Festival angered artists and fans alike when they invited Saba Moeel, the artist behind the Pink Cat NFT collection, to attend as a featured guest. This was in part because of opinions around NFTs more generally, but much of the ire was directed at Moeel specifically when she was found to have traced much of her work from sources including Tank Girl, Tom and Jerry, and various artists on Instagram without providing any credit. Others were concerned with various transphobic or racist statements Moeel has made in the past, as well as the creation of artwork by a non-Black artist that appeared to be caricaturing Black people.

Moeel responded to the criticism in a slew of tweets, writing in one: "Why did i trace tank girl art? Why did Occidental soldiers raid the Iraqi national museum of art and steal all of our cultural artifacts and history? Many questions to answer". Moeef also accused those expressing concerns about her appearance of racism, and described them all as "people who love the central banking system". "Big organizations come out to try to destroy my community of 90% women, mostly WOC like me", she wrote.

One other TCAF featured guest, Ngozi Ukazu, withdrew from the Festival, writing, "Not only do I disagree with the platforming of NFTS, but I also will not be a featured guest alongside an influencer who traces art and explicitly commodifies Black culture." TCAF wrote on Twitter that they were preparing a response to "valid concerns", and the subsequent day announced that they had rescinded the invitation due to "code of conduct violations and the concerns expressed by the comics community".

Superlative Apes team does a "slow rug pull" after drawing in $2.9 million

A colorful pastel Bored Ape illustration with half-lidded eyes, wearing a bowler hat and t-shirtSuperlative Ape #2127 (attribution)
The Superlative Apes NFTs are a collection of Bored Apes derivative NFTs that feature colorful pastels. The project amassed a large following (including, apparently, the rapper Eminem), and its first collection of 4,444 NFTs sold out after launching in December 2021, netting the creators 301 ETH (about $1.2 million at the time). They also sold most of their 8,888-piece Superlative Mutated Apes collection that launched in February, pulling in another 658 ETH (~$1.7 million at the time). The project featured a roadmap promising all kinds of things: a metaverse gallery, "access to our worldwide global tour", future minting passes, a cut of the project fees, and a project to fight global hunger.

The project has been plagued with issues including missed deadlines, accusations of plagiarism (somehow), and connections to another rug-pulled project. Additionally, a flawed staking contract required the team to have holders migrate their NFTs to a new contract — a slow and painful process that has resulted in most of the NFTs being "stuck" in a temporary contract. People who have questioned the project or accused them of rug pulling have been banned from the Discord and blocked on Twitter.

Despite the team's repeat (though very infrequent) claims that the project is still going and is not a rug pull, this appears to be a classic "slow rug" — that is, when a project team engages just enough to keep the community from accusing them of wrongdoing, while still effectively abandoning the project. On May 7, a former community moderator for the project stepped down, publicly stating that "the team has all but given up on the project, they come back every 4 weeks to put forth just enough 'minimal' (understatement) effort to not get sued", and accusing the project team of not paying them as agreed.

Another bug affecting Terra's Mirror Protocol loses the project $2 million (and counting)

Someone has been able to drain more than $2 million from the Mirror Protocol in the Terra ecosystem. It appears they are exploiting an issue with the price oracle for "Luna Classic" (formerly known as Luna, but renamed with the release of Luna 2.0). The oracle seems to be providing an incorrect price for LUNC that is far higher than its price on exchanges. This has allowed a person to use a relatively small amount of LUNC as collateral for loans of much larger amounts in other assets.

Terra sleuth FatMan wrote on Twitter on May 30, "So far, the mBTC, mETH, mDOT and mGLXY pools have been drained. In around 12 hours, the market feed will kick in, and the attacker will be able to drain all of the mAsset pools (such as mSPY and mAAPL, mAMZN, etc.)". He begged Mirror developers to fix the oracle, writing that they are "completely MIA".

Another Bored Ape owner makes a typo, sells NFT for $180,000 less than they intended

A Bored Ape with grey fur, wearing goggles and rainbow suspenders, on a blue backgroundBored Ape #3158 (attribution)
An NFT collector trying to list their Bored Ape NFT for sale on OpenSea made a typo, and accidentally listed it for sale for 10 ETH (around $19,000) instead of 105 ETH (around $200,000). The NFT was quickly bought up before the trader had the opportunity to correct their mistake. It is common for people to run bots that automatically buy pricey NFTs that are listed for sale far below a collection's floor price, as this one was.

The trader later confirmed on Twitter that it was their mistake rather than an account compromise or some other hack: "Yep, was a fat finger. Was trying to list at 105. Never thought it'd happen to me. Devastating."

Meanwhile, the NFT's new owner has it listed for sale for 110 ETH (about $219,000), which will net them a tidy profit if they find a buyer.

Luna 2.0 airdrop sends 2.1 million $LUNA to Mirror Protocol thief

All holders of Luna, who saw their holdings crash to nothing in the Terra collapse, received an airdrop of the new Luna tokens with the release of Terra 2.0 (electric boogaloo). The researcher who originally observed that at least $88 million worth of ill-gotten tokens had been siphoned from the Terra Mirror Protocol before a patch was quietly applied in early May noticed that the attacker had been among the recipients of the airdrop, receiving more than 2.1 million $LUNA. "A nice little reward for stealing money from thousands of Mirror users & locking their funds, causing them millions in losses", wrote the researcher.

The price of the new $LUNA token has been volatile on its first day, starting at around $17 and later valued around $5.70. This would make the attacker's holdings of airdropped tokens worth around $12.1 million, assuming they could find liquidity to cash out.

PokeMoney blockchain game rug pulls for $3.5 million

The token associated with yet another crypto Pokémon rip-off, PokeMoney, suddenly crashed in price when around 11,800 BNB ($3.5 million) worth of it was pulled out of the project. The incident appeared to be a rug pull.

The project creators claimed it was a hack, and stuck around to try to keep the hope alive. They claimed on Telegram that for some reason they couldn't access the project Twitter account, and so couldn't inform their community of the hack. They also began rallying their community around hopes for a project relaunch. Meanwhile, they announced a "CHAT MUTE UNTIL TOMORROW TO AVOID FUD" — as any reputable, not-rug-pulled project would do, I'm sure.

Elon Musk deepfake tries to get people to give scammers Bitcoin

Elon Musk, sitting with his hands clasped in front of a purple background. A logo for "BitVex" is visible in the bottom right.Screenshot from the deepfake video (attribution)
A somewhat robotic-sounding deepfake Elon Musk speaks to a deepfaked interviewer, who asks "what can you tell us about your project and how can it help people get rich right now?" Fake-Musk explains that people who invest in the (scam) project, "BitVex", will "receive exactly 30% of dividends every day", and that if Bitcoin falls in price they will still receive twice their investment back.

According to BleepingComputer, only about $1,700 in deposits appeared to have gone to addresses associated with the scam, although they acknowledged that the addresses are likely rotated and so the true amount may be larger.

Someone brought the scam to Musk's attention on Twitter, where he replied, "Yikes. Def not me." The YouTube channel hosting the videos was taken down shortly after.

Bitso lays off around 10% of staff

The Latin American crypto exchange Bitso laid off 80 employees, around 10% of their staff which had previously amounted to around 700 people. The exchange told CoinDesk that they needed to reconsider the skills they were looking for in employees, so they could "move faster".

Bitso is a major Latin American exchange, with mor than four million users across Mexico, Argentina, Colombia, and Brazil.

Researcher discovers vulnerability in the Terra Mirror Protocol that allowed attackers to siphon tens of millions from the project

A crypto researcher who goes by "FatMan" discovered that the Mirror Protocol in the Terra ecosystem contained a serious vulnerability, that was quietly patched with no announcement on May 9. The Mirror Protocol code previously lacked a duplicate check, which meant that attackers could create a short position and then withdraw it repeatedly in the same transaction, taking many times more money than they should have been authorized to withdraw.

FatMan discovered one instance where a person deposited $10,000 and later withdrew $4.3 million. According to FatMan, they found repeated exploits of this type that earned attackers "well over $30 million". Another researcher on Terra forums estimated about $88 million had been exfiltrated from the project in this way, over the many months the bug went undiscovered and unpatched by Mirror developers.

Solana loses track of time

The Solana blockchain clock drifted about 30 minutes behind real-world time on May 26, as a result of slower-than-usual slot times. Solana's status page read that "this has no impact on performance or network operations", though The Block noted that this time drift could result in smaller staking payouts.

Blockchain timekeeping is also selling point of Solana, which talks up its "proof of history" algorithm in a blog post where Solana Labs co-founder Anatoly Yakovenko says, "our clocks never drift".

Terra decides to release "Terra 2.0", because apparently the way to fix a crypto catastrophe is with more crypto

Following the dramatic collapse of Terra earlier this month, the Terra ecosystem voted to pass a proposal by Do Kwon to create "Terra 2.0". The project intends to "effectively create a new Terra chain without the algorithmic stablecoin" — an odd choice given that the whole point of the original Terra was the stablecoin. The proposal also involves renaming the existing Luna ($LUNA) coin to "Luna Classic" ($LUNC), so that Luna 2.0 can take its place — a change that I'm sure will not cause any confusion whatsoever.

Billy Markus, one of the original creators of the Dogecoin cryptocurrency (both of whom have since left the project), tweeted, "luna 2.0 will show the world just how truly dumb crypto gamblers really are".

Scammer steals 29 Moonbirds NFTs nominally worth about $1.5 million from a single collector

A purple pixel art owl with one squinting eye, on a green backgroundMoonbird #8749 (attribution)
A scammer was able to trick a prolific NFT collector into signing a transaction on a fake trading website, which then allowed them to maliciously transfer 29 pricey Moonbirds NFTs in a single transaction. Moonbirds are a popular collection of pixel art owls that currently trade with a floor price of 24 ETH (about $48,000). The trader who was targeted was a big time Moonbirds fan, holding 29 of the NFTs in their affected wallet. The loss has been estimated at around 750 ETH (~$1.5 million).

The highly exclusive group of NFT collectors known as Proof Collective, of which this trader was a member, was reportedly preparing a report for the FBI and police. Because the attacker used an exchange that requires KYC there may be some possibility that their identity could be traced, although falsified KYC is also increasingly common.

The WeWork founders are starting a carbon credit crypto company and they already raised $70 million in funding

Adam and Rebekah Neumann, the duo behind the WeWork coworking space company that imploded spectacularly in 2019, have re-emerged to start a company called Flowcarbon. The company intends to "tokenize carbon credits" — which they're calling "Goddess Nature Tokens" — and sell them to companies hoping to green up their image. The need for a blockchain is unclear.

The company has already raised $70 million in token sales and a Series A funding round led by Andreessen Horowitz (aka a16z), which seems like a startling amount of money to give to someone who resigned from his previous company amidst accusations of some serious self-dealing and the creation of toxic corporate culture.

DecentraWorld project rug pulls for $1 million

An illustration of a world with lines and dots connecting around it, with the word "decentraworld" in white capital lettersDecentraworld logo (attribution)
The creators of the Decentraworld project, and its associated $DEWO token, rug pulled for 3127 BNB, valued at just over $1 million. The project promised an "ecosystem of dapps with privacy protocols by default". The website spoke of how "governments around the world want to keep controlling their citizens by fighting the one thing they can't control, the blockchain and crypto-assets", and the project promised to "help humanity maintain its privacy, control, and financial freedom". Unfortunately for the believers, this turned out not to be true when the project drained the funds and deleted their online presence.

Representative Madison Cawthorn under ethics investigation related to crypto, violated STOCK Act

Official portrait of Madison CawthornMadison Cawthorn (attribution)
The U.S. House of Representatives Committee on Ethics announced on May 23 that they had unanimously voted to investigate whether Representative Madison Cawthorn (R-NC) "improperly promoted a cryptocurrency in which he may have had an undisclosed financial interest", as well as one unrelated allegation.

On May 26, Cawthorn filed a disclosure to say he had bought between $100,000 and $250,000 of the "Let's Go Brandon" ($LGB) coin on December 21 — eight days before posting that the coin would "go to the moon" just before a deal with NASCAR was announced. The coin then went up in price and Cawthorn sold at least $100,000 of his holdings. This timing led to accusations that Cawthorn had advance knowledge of the partnership.

Cawthorn also disclosed in the same May 26 filing that he bought between $101,000 and $265,000 of Ethereum in late December. Although Congressmembers are required by the STOCK Act to disclose purchases of various assets (including cryptocurrencies) within 45 days of the transaction, Cawthorn's disclosure came five months after the purchase. Cawthorn recently lost his primary, ending his chances of re-election, but his current term isn't slated to end until January 2023.

Crypto speculator loses over $200,000 to wallet compromise

Crypto speculator Jonny Reid wrote on May 22 that his crypto wallet had been hacked and drained of approximately $203,000. He wrote that he had never owned a hardware wallet before and had only used MyEtherWallet and MetaMask. "My security has always been great, always cautious with phishing links / websites / discord / telegram / social media scans etc". He wrote that he suspected the compromise might have been the result of a Chrome extension he had downloaded to auto-refresh a page to schedule a passport appointment.

Reid traced the stolen funds until they disappeared into the crypto exchange "Fixed Float". Reid contacted the exchange, who told him they couldn't supply him with server logs without a law enforcement request. Reid wrote that he was "angry [with] the fact they cant provide me with any details to help me follow the trace" and urged crypto Twitter to try to pressure the exchange to release more information to him.

Founder of Milady NFT project revealed to have horrifying history involving a 4chan suicide cult, white supremacist cult, and pro-anorexia grooming

An anime style illustration of a person with green hair wearing a cat ears headband and light blue blouse with a peter pan style collar. At the bottom of the illustration are defense and attack points bars like in a card game.Milady #5539 (attribution)
The founder of the Remilia Collective and its popular "Milady Maker" NFT project, "Charlotte Fang", was discovered to have been a key player in a white supremacist cult known as Kali Yuga Accelerationism (abbreviated "kaliacc"). They were also tied to a group called "Systemspace", that is variously described as a suicide cult and as a 4chan trolling attempt that nevertheless tried to drive people to suicide. They also engaged in what they themselves described as "grooming" and "bullying" of young people into disordered eating and self-harm, and were apparently deeply involved with pro-ana online culture.

"Charlotte Fang" originally tried to deny the connection, attempting to cover up the connections between their online aliases and encouraging others to lie and also cover up any mentions of the alter ego. However, they eventually admitted to their past, writing that it was "toxic baggage that's hurting Milady community & poisoning the vibe". They apologized for trying to hide the account, attempted to brush off their past actions as "trolling" that didn't reflect their "real views", announced they would be leaving the project team, and finished by saying they were "more bullish than ever for Milady".

Beeple's Twitter account is hacked and used to promote fake NFT mints

Tweet by beeple: "Been working on this with LV for a long time behind the scenes. 1000 total unique pieces. BEEPLE x VUITTON COLLECTION_1: BEEPLES Official Raffle Below. 1 ETH = 1 Raffle Entry. All non-winning entries are refunded post-raffle. Good luck :)"Tweet from Beeple's compromised account (attribution)
Attackers gained control of the Twitter account belonging to Beeple, an artist known for "selling" an NFT for $69 million in March 2021 and for his recent horror-inducing NFT collab with Madonna. They used the account to share two scam mint links — first to a supposed NFT collaboration with Louis Vuitton, then to "extra" artwork Beeple supposedly created but never minted as NFTs. The scam drew in around $272,000 in ETH and stole 45 NFTs worth approximately $166,000 before Beeple regained control of his Twitter account about five hours later.

Various commenters replied to Beeple's tweet to say they'd been scammed, and to ask if he could help them recover their funds or NFTs. Some blamed him and his poor security practices for their losses, asking if he would repay those who were scammed. He has not suggested he intends to do so.

bDollar stablecoin suffers $730,000 price manipulation attack

bDollar was the first algorithmic stablecoin on the BSC blockchain. An attacker was able to manipulate the price of underlying assets to pull 2,381 wBNB out of the protocol, worth around $730,000. The project had been audited by CertiK.

Class action lawsuit filed against HUMBL blockchain platform

A litigation firm filed a class action lawsuit against HUMBL, a financial services company that touts its web3 and defi products. The lawsuit alleges that HUMBL and its executives made false and misleading statements about the company and its prospects, made "selectively timed announcements to keep Humbl stock price high so that Company insiders could sell off their holdings into artificially created volume", and sold its BLOCK ETX assets in violation of securities laws.

HUMBL stock has dropped from a high of $6.84 per share to a low of $0.11. Similarly the BLOCK ETX asset has dropped more than 87% from its high.

Doodled Dragons serial rug-puller revealed to be behind yet another Solana project

A green lizard with green flames in its forehead, biting a dagger and wearing a black turtleneck shirtLizard #2858 (attribution)
The serial rug-puller who was behind the Balloonsville rug pull in February and Doodled Dragons rug pull in January has popped up once again, this time with a Solana NFT project called Reptilian Renegades. A project called Hydra Launchpad, which had recently announced they would be adding Reptilian Renegades to their lineup, were the ones to expose the project team member, who went by "Fuopist" on this project. Hydra claimed that they had been able to take control of the project's mint authority and cut off Fuopist from receiving further proceeds from the project.

After the Balloonsville rug pull, which used the Magic Eden NFT marketplace, Magic Eden announced they would no longer be accepting anonymous projects on their platform. Despite that, this person was able to launch Reptilian Renegades on Magic Eden, where they were able to get their account verified.

Following the unmasking, the Reptilian Renegades Twitter account posted a slew of tweets supposedly exposing various NFT influencers for shady behavior including undisclosed promotions. "I'm literally the Batman. I stop crime whilst committing crimes," they wrote in response to a person who tweeted, "The balloonsville guy is back and he's ready to tell you how corrupt NFTs are while he steals from you. The lack of self awareness is truly next level."

Users threaten to sue after yield generation project Stablegains loses $44 million in Terra collapse

A class action law firm sent a letter to the yield generation project Stablegains, demanding records on customer accounts, marketing and advertising strategies, and communications relating to the Terra stablecoin. Stablegains described itself as aiming to "make it simple and safe for everyone to benefit from advances in financial technology", and promised that "regardless if crypto markets are soaring or crashing, the value of assets under our management remains stable".

Unfortunately for their customers, it turned out that Stablegains was heavily invested in the Terra project's Anchor protocol, which collapsed along with the rest of the Terra ecosystem last week. Stablegains' website had stated they primarily generated yields through the asset-backed stablecoin USDC. However, after the collapse of Terra, Stablegains admitted that "All users' holdings are in UST" — which lost over 90% of its value.

"Quantum-resistant" blockchain QAN suffers bridge attack

The $QANX token for the QAN project suddenly plummeted in value as an attacker stole more than 4 million QANX from the project. The attacker subsequently swapped the tokens for around 370 ETH ($707,000). In a video posted to Twitter, the project CEO stated that it was "definitely a bridge issue", and that they'd shut down the project's bridge. They also said they had contacted exchanges to freeze the wallets that had been involved in the "issue".

QAN describes itself as a blockchain that helps "resist quantum attacks", though apparently not the types of bridge attacks that have become fairly common in the past year or so.

Class action lawsuits filed against Terra founders after crypto collapse

Following the collapse of the Terra ecosystem and its tokens TerraUSD and Luna, affected Korean investors have filed both criminal and civil lawsuits against the project's creator, Do Kwon. Represented by RKB & Partners, the lawsuit seeks to seize Kwon's assets and pursue fraud charges.

Another Korean group, calling themselves "Victims of Luna, UST coins", has amassed 1,500 members and reportedly plans to file a lawsuit against Kwon and Terraform Labs' other cofounder, Shin Hyun-Seong (who is also known as Daniel Shin, and is no longer with Terraform Labs).

This development may be particularly inconvenient for Kwon and Shin, given Terra's legal team quit the company the previous day.

On June 17, another investor filed a separate lawsuit against Terraform Labs, Kwon, and various others in a US court.

"Feminist Metaverse" token exploited for $533,000

The "Feminist Metaverse" ($FM) token suddenly plunged in value by 99.7% after an attacker stole 1,838 BNB ($533,000). The hacker quickly transferred the stolen funds to the Tornado Cash tumbler to help hide their tracks.

The project advertised on its website its plans to "Create Feminist economics in the form of a DAO to balance the male-dominated world." The project's whitepaper explains how the metaverse will apparently "greatly reduce the impacts on women's normal work and inequality in wages brought by their physiological differences and pregnancy. As a consequence, it helps eliminating a number of unresolved problems in the real world like gender discrimination, inequality in wages, sexual harassments, sexual assaults, trafficking of women and child marriage." It's not clear what specifically the "Feminist Metaverse" project was hoping to achieve.

Fake minting links distributed after several large NFT Discord servers are compromised

Members of several large NFT Discord servers began seeing suspicious-looking messages announcing supposed NFT mints that turned out to be fakes. Affected communities appeared to include Moonbirds/PROOF, Axie Infinity, RTFKT, Memeland, Alien Frens, and others. The attack appeared to involve a Discord bot called MEE6, though there was some confusion around whether there was a compromise of MEE6 itself or if it was simply used in the attack. The following day, MEE6 acknowledged that an employee account had been compromised.

Bot compromises have emerged as a wide attack vector in crypto and web3 communities, as widely-used bots can have elevated permissions across Discord channels used as official information sources across many communities.

Terraform Labs' legal team resigns

In what seems like a bad sign for Terraform Labs, the developer of the Terra blockchain and the TerraUSD (UST) and Luna cryptocurrencies, the three members of the company's legal team left the company. This came shortly after UST, Luna, and the entire Terra ecosystem dramatically collapsed after the stablecoin lost its peg last week.

Four pricey NFTs stolen from actor Seth Green, complicating his plans for an animated series

Portrait of Seth Green speaking into a microphoneSeth Green (attribution)
Actor Seth Green tweeted that he had been targeted with a phishing attack that resulted in the theft of four pricey NFTs: a Bored Ape, two Mutant Apes, and a Doodle. The thief quickly flipped three of the four NFTs for sale, netting 145.5 ETH (about $300,000).

The theft occurred on May 8, though Green only seemed to notice on May 17 when he tweeted, "Well frens it happened to me. Got phished and had 4NFT stolen."

The loss of the Bored Ape was later revealed to have put Green in a bit of a pickle, when he released the trailer for a new animated series he was developing that starred his pilfered primate. Given that BAYC ownership grants commercial usage rights (which are presumably transferred to the new owners when the NFT changes hands), the person who bought the NFT flipped by the phisher could have possibly brought a lawsuit against Green if he moved forward with the series.

Green ultimately spent about $300,000 to buy his ape back from the hacker.

American running "untraceable" service "designed to evade US sanctions" is charged after being traced

An unidentified US citizen transferred more than $10 million in Bitcoin to a cryptocurrency exchange in a "comprehensively sanctioned" country where they were running a payments platform. They advertised that transactions through the platform were untraceable, and described the platform as designed to evade U.S. sanctions. Despite this, law enforcement was able to obtain information from U.S. and foreign cryptocurrency exchanges — including KYC information provided by the individual — to help identify and trace the individual behind it.

Though the country is as yet unnamed, the limited number of countries sanctioned in the way described in the decision allow us to deduce that it was either Cuba, Iran, North Korea, Syria, or Russia. This case marked the D.O.J.'s first criminal prosecution involving alleged use of crypto to evade sanctions.

U.S. Magistrate Judge Zia M. Faruqui wrote in the opinion: "Virtual currency is traceable. Yet like Jason Voorhees the myth of virtual currency's anonymity refuses to die. See Friday the 13th (Paramount Pictures 1980)."

Scream lending protocol racks up $35 million in bad debt after hardcoding not-so-stablecoin prices to $1

The defi lending protocol Scream may have taken the "stable" in "stablecoin" a bit too literally when they hardcoded the prices of the Fantom USD (fUSD) and DEI stablecoins. In the past few weeks we've seen many stablecoins wobble, and when fUSD and DEI followed suit, Scream ended up in trouble. Users were able to take advantage of the inaccurately high price to borrow other stablecoins on the cheap, leaving Scream with $35 million in bad debt. The platform's reserves of other stablecoins were completely drained; meanwhile, Scream users holding fUSD or DEI can't withdraw.

CZ admits Binance held Luna and UST in bizarre tweet threads

On May 15, Binance CEO Changpeng Zhao (widely known as CZ) created a tweet thread in which he attempted to speak nonchalantly about questions that had "just occurred to [him]" about whether Binance held any UST. In the thread he attempted to distance himself from decisions or knowledge around such holdings, speaking cavalierly about how "we probably do have some". Former FBI agent James Harris wrote an interesting analysis of the thread, concluding, "If people weren't worried before, they will be now. If investigators weren't suspicious before, they should be now."

The following day, CZ tweeted, "Binance received 15,000,000 LUNA (at peak worth $1.6 billion USD, now not much) as part of the original ($3m) invest. 560x return at peak." In this tweet, "not much" glossed over the fact that these LUNA, obtained in return for a $3 million investment and at one point nominally worth $1.6 billion, are now worth $2,900.

He also wrote that Binance had 12,000,000 UST — worth $12 million when UST was properly pegged, and now worth $1.16 million (assuming liquidity exists to sell it at all).

Luna Foundation Guard reports what it did with its Bitcoin reserves, raising more questions

Many were eagerly awaiting a report from Luna Foundation Guard (LFG) on what happened to the several billion dollars' worth of Bitcoin reserves they once held, which they transferred during the UST collapse. The organization tweeted an explanation of the actions they took with those funds on May 16, describing how they began to convert Bitcoin to UST. They referred to transferring BTC and other reserves to "a counterparty", who traded them UST in exchange. They didn't name who these counterparties were.

More than a few people were unsatisfied with this reporting, asking more transparency around who these "counterparties" were. Ultimately, this action benefited the "counterparties", providing liquidity to these whales who were able to exit their now risky UST positions for a good price, and did not help most of the individuals holding UST.

"Stable"coin DEI loses peg

Another stablecoin lost its peg as dominoes continued to fall in the declining crypto market. DEI, an algorithmic stablecoin created by Deus Finance on the Fantom network, de-pegged on May 15. Intended to be pegged to the US dollar, the token dipped to a low of around $0.50, and continued to hover well below its intended price through the next day. DEI had a nominal market cap of more than $88 million before losing its peg.

This is another bump in the road for Deus Finance, which lost a total of $16.4 million in two separate flash loan attacks in March and April 2022.

Flash loan attacks on "Feed Every Gorilla" token take $1.9 million

A flash loan attack on the "Feed Every Gorilla" (FEG) token swap contracts pulled $1.3 million from the project, also tanking the token price by 80%. The project operates on both the Ethereum and BSC chains, and the attacker was able to use the exploit against the contracts on both networks. Shortly after the first attack, FEG was hit with a second flash loan attack that drained another $590,000 from the project.

Prior to these attacks, FEG had earned some notoriety from a May 2021 Vanity Fair article outlining an alleged pump-and-dump scheme, titled "Inside the Rise and Fall (and Rise and Fall) of Shit Coins". Despite the bad press, much of the FEG community maintained that the article was a smear and nothing more than an attempt by the author to create FUD. "You could literally take every token and this would apply to everyone..." wrote a moderator of the official FEG subreddit.

People continue to wait for a public accounting of what happened to Terra's $3.5 billion in Bitcoin reserves

Now that the dust is settling somewhat from the dramatic collapse of Terra, people are beginning to wonder when they'll hear more about what exactly happened to the 80,394 Bitcoin (priced at $3.5 billion at time of purchase; priced closer to $2.5 billion at the time of writing this entry) that previously belonged to Luna Foundation Guard (LFG). The project had previously purchased the assets to hold as reserves, and as UST began to lose its peg, LFG announced they would use those reserves to buy UST to help maintain the peg. Over the next few days, the reserves were emptied, but after they were moved to the Gemini exchange they became impossible to trace further. Although transactions are usually quite traceable on the blockchain, when funds are moved to services like the Gemini exchange, they become impossible to trace using public data because of how exchanges pool funds and transactions internally.

Terraform Labs CEO Do Kwon tweeted on May 13 that "We are currently working on documenting the use of the LFG BTC reserves during the depegging event. Please be patient with us as our teams are juggling multiple tasks at the same time." It's not clear when this documentation will be released. Binance CEO Changpeng Zhao joined the group of people asking about the BTC reserves, tweeting, "I would like to see more transparency from them. Much more! Including specific on-chain transactions (txids) of all the funds. Relying on 3rd party analysis is not sufficient or accurate."

Blockchain insurance company InsurAce shortens their claims window for Terra holders to just a week

InsurAce is a defi insurance provider (oh yes, they exist) that allows people to buy insurance against events including smart contract vulnerabilities and stablecoin depegs. Following the Terra collapse, InsurAce suddenly announced that its customers who held Terra had only a week to file claims, and that "Late submission [sic] will be rejected without further appeal".

Altogether, InsurAce says they paid out about $11 million to around 173 claimants as a result of the depeg. Evidently there were 61 others who did not submit their claims within the deadline.

SpiritSwap is the latest victim of a domain hijacking attack

In what is beginning to become a pattern, SpiritSwap was the latest project where attackers gained control of their domain and were able to modify the frontend to divert funds to a wallet under their own control. SpiritSwap tweeted that the "the hacker has managed to exploit Godaddy" (unlikely — it was more likely a case of stolen credentials) and swap out the recipient address.

The hacker only managed to exfiltrate around $18,000 before being discovered, and SpiritSwap shut down their swapping through their router to prevent the attack from continuing.

MM.Finance suffered a similar attack earlier in the month, losing $2 million after an attacker gained control of the domain and swapped in their own address to siphon funds.

Phishing attack targets users of sites including Etherscan and CoinGecko

Popular cryptocurrency websites including Etherscan, CoinGecko, and DeFi Pulse were showing users a pop-up prompting them to connect their MetaMask wallets. CoinGecko founder Bobby Ong stated that he believed the culprit was a malicious advertising script from a crypto ad network called Coinzilla. The advertisement appeared to be from a site mimicking the popular Bored Apes Yacht Club NFT project, which was taken down after the scam was discovered. It's as yet unclear how many users accepted the prompt, or what malicious actions (if any) were taken.

Crypto.com reverses some Luna trades, offers $10 consolation prize

One of the features of crypto that its proponents sometimes highlight is that transactions can't be reversed. This, of course, is not true when making trades on exchanges like Crypto.com, who can largely do whatever they want with the wallets they maintain and the coins they keep track of on users' behalf.

On May 13, the company announced it would be reversing transactions made during an hour-long period on May 12 when "users who traded LUNA were quoted an incorrect price". Some users were able to profit off the discrepancy, but later were told that their transactions were being reversed. Crypto.com offered $10 in CRO, their cryptocurrency token, "for the inconvenience caused". Crypto.com halted Luna trading after discovering the issue, and it remains halted as of May 13.

The issue sounds quite similar to issues that affected various defi projects around the same time. Several projects who failed to account for unexpected Luna price data coming from blockchain oracles including Chainlink suffered major attacks.

Unexpected oracle data in the wake of Terra blockchain halt enables multiple attacks on other platforms

Earlier today, Terra halted their blockchain after a devastating few days. Subsequently, Chainlink's oracle paused the price feed, causing it to fall out of sync with the apparent market price of the token. This enabled multiple attacks on various platforms.

$13.5 million was fraudulently borrowed from the Venus protocol on BSC. Blizz Finance on Avalanche reported their protocol had been entirely drained, amounting to around $8.3 million. Blizz subsequently announced in a post-mortem that "Blizz has no treasury or development fund and a significant portion of the stolen assets belonged to our team. As such we regret to announce the protocol has been paused and we do not intend to resume operations."

FBI charges EminiFX CEO with fraud

Eddy Alexandre, CEO of the cryptocurrency and forex trading platform EminiFX, was charged by the FBI with fraud for his role in what he described to investors as a crypto investment scheme. Promising to double investors' money in five months with his secret robo-investing software and team of "experienced traders", in reality Alexandre pocketed most of the money. He spent $15 million of the money on his own expenses, including luxury vehicles. The small portion of funds he did invest ended up losing money.

Alexandre was sentenced to nine years in prison on July 18, 2023 and ordered to pay $249 million in forfeiture and $214 million in restitution.

Terra blockchain is halted after token crash increases threat of governance attacks

After $LUNA dropped below $0.01, Terra announced that they halted the Terra blockchain. "Terra validators have decided to halt the Terra chain to prevent governance attacks following severe $LUNA inflation and a significantly reduced cost of attack", they wrote on Twitter. This means that no transactions can continue on the Terra chain, and that holders of any tokens based on that chain (including the TerraUSD stablecoin or LUNA) can't do anything with those tokens.

Terra only announced this after halting the network, giving their users no opportunity to try to withdraw funds. They have made no announcement about whether or when they intend to bring the network back online, although it seems safe to assume that the enormous loss of confidence in Terra would make any restart short-lived.