"SeaFlower" hacks target crypto users via backdoored iOS and Android crypto wallets

The Confiant security research group has discovered a group that is backdooring and distributing versions of legitimate crypto wallets including Coinbase Wallet, MetaMask, TokenPocket, and imToken. The hackers have created reverse-engineered versions of the crypto wallets that operate as designed, but also steal the user's seed phrase, later using it to drain the users' cryptocurrency.

The attackers have distributed the tampered applications through websites that clone the legitimate applications' websites. Through search engine poisoning, primarily via Chinese search engines like Baidu, the attackers have successfully gotten unsuspecting users to install the malicious programs.

Lido-staked Ether (stETH) loses peg

Lido-staked ETH, a project that offers to allow users to stake ETH for the purposes of securing it after the Ethereum "merge"—that is, the ever-delayed move to proof-of-stake. Although stETH is backed 1:1 with ETH, it's not very liquid aside from the primary liquidity on Curve. Huge sell-offs of stETH for ETH have been causing slippage in the Curve pool, which was off peg by around 5% and heavily imbalanced on June 12.

Crypto researcher Small Cap Scientist suggested on June 9 that the sell-offs may have been triggered by a "canary in the coal mine": a 50,000 stETH (nominally worth $45.8 million) sell-off by Alameda Research, a trading firm founded by Sam Bankman-Fried. SCS also reported that Celsius Network was "quickly running out of liquid funds to pay back their investors", and "they are taking massive loans" against "billions in illiquid positions" to pay back customers.

Celsius pauses all withdrawals

The Celsius platform announced that they would be pausing all withdrawals, swaps, and transfers due to "extreme market conditions".

There has been a lot of concern lately about Celsius' reserves and its ability to honor redemptions, with some speculating that the platform might be underwater and forced to default. Celsius released a blog post on June 7 titled, "Damn the Torpedoes, Full Speed Ahead" where they accused "vocal actors" of "spreading misinformation and confusion", and promised that "Celsius continues to process withdrawals without delay", and that "Celsius has the reserves (and more than enough ETH) to meet obligations".

Celsius' June 12 announcement did not include any details on what their plans would be, just that they hoped it would allow them to "stabilize liquidity and operations while we take steps to preserve and protect assets".

On June 14, the Wall Street Journal reported that Celsius had hired restructuring attorneys.

Offline Cash project finally gives the world what it really needs: physical digital physical cash

Photo of hands holding colorful banknotes denominated in 10 (blue), 5 (red), 2 (green), and 1 (orange).Offline Cash's Bitcoin Notes (attribution)
Some crypto advocates have long promoted crypto as a proper digital equivalent to cash. Physical dollars have a lot of benefits, including that you don't need a bank account to use them and they provide a lot of privacy. Although bank transfers and apps like Venmo offer digital ways to transfer money, they typically require a bank account to use, and they leave a digital record of the transaction. Crypto advocates have long promised that crypto is a proper digital equivalent to cash, despite its own accessibility and privacy concerns.

Anyway, a project called Offline Cash has sprung up. In a stunning example of Poe's Law, the project seeks to provide a physical form of that digital physical cash people have spent so much time working on.

Hear me out: imagine you had paper notes that you could transfer to people in lieu of making a Bitcoin transaction! And unlike regular cash, it has an expiration date to keep track of!

Scammers compromise verified, 5-million-follower Twitter account for Venezuelan newspaper El Universal, use it to promote fake Goblintown site

Verified Twitter account showing the display name "goblintown.wtf", but a username of ElUniversalCompromised Twitter account (attribution)
Scammers successfully compromised the Twitter account for El Universal, a Venezuelan newspaper. The account is verified, and has five million followers. The scammers used the account to promote "goblintowm" (note the m on the end), a fake website pretending to be the recently-popular Goblintown project. Users who connected their wallets to try to mint the free NFTs instead saw their wallets drained of their cryptocurrency and NFTs.

One of the wallets used by the scammers had stolen 64 NFTs, though most of them were low in value. The address had also pulled in 16.5 ETH (~$30,000). However, most scammers rotate wallets, and this likely doesn't reflect the total damage from the scam.

20 million Optimism tokens sent to nonexistent address, someone else snags them before they can be recovered

As the Ethereum scaling project Optimism worked to create the $OP token, a token they launched in a move towards decentralizing the project's governance, they decided to obtain a loan from a third party, Wintermute, to provide initial liquidity, in exchange for 20 million $OP. However, Wintermute mistakenly provided the wrong multi-sig wallet address to Optimism, and the 20 million tokens were sent to an address that had not yet been created. The teams attempted to deploy the multi-sig wallet address to retrieve the tokens, but another person noticed the blunder and was able to do so first.

Wintermute published a blog post taking responsibility for the error, and announced that they would "proceed to buy OP every time the attacker sells it to make the protocol whole eventually". So far the attacker has sold 1 million $OP for about $1 million USD.

Wintermute wrote that they were "open to see this as a white hat exploit", but if the funds were not returned within a week, they were "100% committed to returning all the funds, tracking the person(s) responsible for the exploit, fully doxxing them and delivering them to the corresponding juridical system".

Remarkably, the attacker returned 17 million of the tokens two days later, keeping 2 million as a "bounty". Wintermute agreed to reimburse the Optimism Foundation for the remaining 2 million $OP.

Players Only NFT project, founded by NBA players, rug pulls for $1.4 million

A 3D rendering of a football player running with a football, wearing a red uniform showing the number 13. He has a bald head and his tongue is sticking out.Player #4820 (attribution)
Crypto-sleuth zachxbt reported on June 8 that Players Only, and NFT project created by a group of NBA players including Michael Carter-Williams and Jerami Grant, appears to be a rug pull. The players used their star power to drum up interest in the project and its somewhat unsettling NFTs of various bobblehead-esque sports players. The project promised close involvement from the athletes who founded it, with a roadmap advertising autographed merchandise, real life and metaverse meetups with the players, and other giveaways.

Although the project team promised that "every single one of our holders will win something", the collectors were in for a lot of disappointment: players never showed up for events, and Zoom meetups were never scheduled despite repeated requests, and merchandise was never sent. One person who was promised a signed jersey instead received a t-shirt, apparently devoid of any signature.

In mid-May, two project creators announced they would be "stepping back on the project as [they] cannot seem to please the community". The announcement broadly blamed the project's failures on "lack of interest" in the project. They said they would no longer be providing physical items, and would focus on "athlete utility", though in the time since then the project has remained similarly stagnant.

Collectors minted Players Only NFTs in early December for 0.08 ETH each (~$144). One NFT from the project has been sold on the secondary market in the last month, for $0.001 ETH (less than $2).

Baby Elon coin rug pulls for $179,000

The Baby Elon project on BNBChain rug pulled on June 8, with the token price plummeting 98% as the team withdrew 623 BNB (~$179,000) from the project. They quickly moved the funds to the Tornado Cash cryptocurrency tumbler.

The Baby Elon token is of course not to be confused with Baby Musk, a different BNB Chain-based, baby Elon Musk-themed memecoin that rug pulled in February after a $2 million ICO.

ApolloX exchange exploited for $1.5 million

The ApolloX exchange suffered an exploit where an attacker was able to withdraw around 40 million $APX, which they were able to swap for around $1.5 million. This also caused the $APX price to drop by more than 50%.

The exchange has announced to repurchase $APX to boost the price, so far spending $600,000 to do so.

Osmosis chain halted after bug leads to $5 million loss

The Osmosis chain was halted on June 8 after users discovered a bug where people could deposit money into Osmosis pools and receive 3x the amount when they withdrew. The bug was first reported in a public Reddit post where a user posted, "Bug on Osmosis There is a serious problem with osmosis. If you add liquidity to a pool and then remove it, it grows by 50%! How can we fix this!?!? Pools empty by morning!"

Developers halted the chain before liquidity pools were fully drained, but estimated that about $5 million was lost. They wrote that they were working on recovery plan; perhaps they will also encourage their community to report bugs privately, rather than via public Reddit post.

GYM Network exploited for $2.1 million

Attackers stole around $2.1 million from the GYM Network defi project after exploiting a bug in a recently-deployed contract that failed to check the identity of the caller. The attackers quickly transferred the stolen funds to the Tornado Cash cryptocurrency tumbler to cover their tracks.

GYM Network promised to use the entire project treasury to bolster the price of their token, which tanked as a result of the massive sell-off. "We can't promise that it will bring the price back to 0.20$ but we will use it All to recover this attack," they wrote on Telegram.

Representative Madison Cawthorn belatedly reports up to $950,000 in crypto trades, long past the STOCK Act deadline

Official portrait of Madison CawthornMadison Cawthorn (attribution)
Representative Madison Cawthorn (R-NC) is facing an ethics investigation pertaining to his involvement with the Let's Go Brandon coin, which includes allegations of insider trading as well as not disclosing his cryptocurrency trades as is required by the STOCK Act. After the investigation was announced in May, Cawthorn disclosed purchases of LGB and ETH, far past the 45-day deadline imposed by the Act.

On June 8, Cawthorn filed more reports of crypto trades he made in January to March, reflecting 24 purchases totaling between $290,000 to $950,000 in crypto projects including Kryll, Ethereum, Solana, Bitcoin, Let's Go Brandon, and Request.

Senators Lummis and Gillibrand work across the aisle to please cryptocurrency industry with their proposed legislation

Senators Lummis (R-WY) and Gillibrand (D-NY) introduced the "Responsible Financial Innovation Act", the first major proposal for cryptocurrency regulation in the US. A press release from Lummis included statements of support from Kraken, Coinbase, FTX, crypto lobbyists, and various other major players in the cryptocurrency industry—unsurprising support for a bill that is incredibly friendly to the sector. Notably, the bill broadly avoids classifying cryptocurrencies as securities, which would be regulated by the SEC and provide some consumer protections. Instead, the Senators create a foggy definition for sufficiently "decentralized" cryptocurrencies that would treat them as commodities and place them under the purview of the CFTC—the much smaller and less aggressive regulator that has been the preference of most in the cryptocurrency industry.

Senator Lummis has long been a strong supporter of Bitcoin and crypto more generally, sporting a "laser eyes" profile picture on Twitter and speaking at Bitcoin Miami, where she was introduced as a "champion of Bitcoin".

People get an anticlimactic sneak peek at one of the first NFT games to be released on Epic Games store

A screenshot from a video game, showing a cowboy character holding a pistol in a grey roomGrit gameplay (attribution)
You might think that, since Epic Games has decided to distinguish itself from its major competitor Steam by welcoming blockchain games to its platform, they might try to make a splash with a few flashy titles to be the first listed on the platform. Alas, it is not to be, as the first known game that will be offered, Grit, has been described by Kotaku as "gimmicky" and "remarkably beige". The trailer mostly looks like a worse version of Red Dead Redemption, featuring horses that appear to hover through grassland. A gameplay teaser posted by an NFT games enthusiast to Twitter features him narrating that the game "is looking insane in the membrane", as he does nothing other than fire a gun into an empty room and spin.

500 attendees of the "Galaverse" event (a gathering put on by Grit's creators, Gala Games) were airdropped "epic" rarity horse NFTs, which those with keen eyes were quick to observe are simply a premade asset the developers purchased from the Unreal Engine Marketplace.

SEC reportedly reviewing whether Binance's BNB token broke securities laws

The same day that Reuters released an investigation implicating Binance in helping to launder billions of dollars of illicit funds, Bloomberg reported that the U.S. Securities and Exchange Commission had opened an investigation into whether Binance had broken securities laws when they launched their BNB initial coin offering. Bloomberg based its reports on conversations with anonymous sources, as the SEC has not publicly disclosed the existence of such a probe into Binance.

Reuters reports that Binance facilitated $2.35 billion in illicit transfers from 2017–2021

A Reuters investigation alleged that Binance "served as a conduit for the laundering of at least $2.35 billion in illicit funds" between 2017 and 2021. Binance is the largest cryptocurrency exchange in the world. Reuters tracked hundreds of millions in funds passing through a Russian darknet drugs market called Hydra thanks to Binance, and pointed to Binance as facilitating the laundering of money from German investment fraud schemes and North Korean cybercrime groups.

A wave of Discord moderator account hacks impacts multiple NFT-related servers

The June 4 compromise of the Bored Apes Discord was only one of several Discord hacks in the same time period. All the attacks appeared to involve user accounts of individual moderators being compromised and used to post fake announcements that lured users of the server to phishing sites that stole NFTs. Discord servers for Yung Ape Squad, Apocalyptic Apes, Bubbleworld, and Aiternate were among the projects affected.

The Apocalyptic Apes Discord attackers stole around 21 NFTs. Bubbleworld attackers stole 171 NFTs, with combined floor prices amounting to around $243,000.

Decentralized exchange Maiar exploited for $113 million

Hackers were able to discover and exploit a bug in the decentralized exchange Maiar, stealing $113 million. Maiar developers took the exchange offline soon after discovering the exploit, but not before the hackers made off with 1.65 million EGLD (the native token of the Elrond blockchain, on which Maiar is built). The sale of the pilfered EGLD caused the token to plummet from $76 to $5 on the Maiar exchange.

Maiar's founder and CEO has claimed that "most exploited funds have been either recovered in full, or will be covered by the Elrond Foundation", though it's not clear how (or if) any of the funds were recovered.

Collector loses ten pricey NFTs to phishing scam

An illustration of a mummified grey cat wearing a fluffy white bathrobe and a crown encased in flamesCool Cat #2941 (attribution)
An NFT collector hoping to claim NFTs from the Goblintown collection was phished, resulting in ten of their NFTs being stolen from them. The scammers took two Mutant Ape NFTs and eight Cool Cats. "They stole everything from me," the collector wrote. "I'm devastated".

The collector had bought or minted the NFTs at various points over the past year, spending a total of 84 ETH on the ten stolen NFTs (worth ~$312,000 based on ETH prices at the time of each purchase). The thief has so far flipped seven of the Cool Cats NFTs for a total of 34.5 ETH (~$62,000). This collector doesn't appear to be the phisher's only victim; their Ethereum wallet shows a total balance of $365,000.

Bored Apes Discord compromised again, 32 NFTs stolen and flipped for $360,000

Phishing message from Bored Apes DiscordPhishing message from Bored Apes Discord (attribution)
Scammers were able to compromise the Discord account of a Bored Apes community manager, then use it to post an announcement of an "exclusive giveaway" to anyone who held a Bored Ape, Mutant Ape, or Otherside NFT. When users went to mint their free NFT, the scammers were able to steal their pricey NFTs. The scammer quickly flipped the stolen NFTs for a total of around 200 ETH (about $360,000), then began transferring funds to Tornado Cash.

The Bored Apes Discord was also compromised on April 1, along with those of several other big-name NFT projects.

DAO Maker project exploited for $530,000

The DAO Maker project (not to be confused with MakerDAO) is a launchpad that claims to be "building the future of venture capital". Its website boasts that users who stake their $DAO can "earn up to 70% APY". The project suffered an exploit on June 3 in which attackers stole 300 ETH, worth around $530,000. Although the project had been audited by three different auditing companies, hackers were able to exploit an issue in the claim portal for some tokens. Attackers moved the funds to the Tornado Cash cryptocurrency tumbler.

New York legislators pass moratorium on permits for fossil fuel powered crypto mining operations

The New York state Senate passed a bill putting a two-year halt on issuing new or renewing existing permits for crypto mining at fossil fuel plants—a practice that has been happening near Seneca Lake and elsewhere in the state. The bill will also begin an environmental impact study on such facilities.

Next, the bill will go to Governor Hochul to sign or veto.

FTC reports $329 million lost to crypto scams in Q1 2022

The U.S. Federal Trade Commission (FTC) reported that "Although it's yet to become a mainstream payment method, reports to the FTC show [crypto is] an alarmingly common method for scammers to get peoples' money." They found that consumers have reported $329 million in fraud only in the first quarter of 2022: already half as much as was lost in the entire prior year.

The report also detailed that 25% of the monetary amount lost to fraud since the beginning of 2021 was lost via cryptocurrency, and that the median individual loss was around $2,600. Most of the crypto scams were investment frauds, followed by romance scammers and business and government impersonators.

Timechain allegedly attempts to falsely blame missing money on Terra collapse

The Canadian firm Timechain claimed that they lost around $4 million to the Terra collapse, a loss they said destroyed the company. Timechain claimed that a stop-loss mechanism that should have triggered in Binance to avoid such devastating losses never actually fired, resulting in a loss of more than 95%. However, Binance has reported that Timechain almost completely emptied their account before the Terra collapse.

Animoon rug pulls for $6.3 million

A Bulbasaur character from Pokemon, recolored to be silver, with orange bows on its earsAnimoon #6891 (attribution)
Animoon is yet another Pokémon rip-off NFT project, with artwork that was ripped directly from Pokémon artwork and recolored. They claim to have a "signed NDA" with Pokémon (whatever that means), though it seems extremely unlikely that there's any real agreement granting them rights to use Pokémon IP.

Not only did their roadmap include play-to-earn game (of course), collaborations with a Swiss shoe and apparel store that would send them actual gear, and real-life trips, but they promised that 15 "legendary" cards would "automatically generate" their owners $2,500 each month, for life. The project was promoted by Jake Paul, an influencer whose crypto promotions don't have a great track record to say the least.

The project team began to grow more distant after launch, posting less frequently. Promised apparel shipments never arrived. The team changed the legendary rewards from $2,500 a month to "a percentage of incomes from the game", which they said "could be a lot more than $2500 monthly" despite no game actually existing. The project team eventually disappeared, took down the Twitter account and website, and disabled the general chat in their Discord project.

Renter loses half their security deposit after landlord puts it into Bitcoin

A Reddit poster asking for legal advice reported that when they moved out of their apartment, they received only $1600 of the $3000 they provided to their landlord as an initial security deposit. When they asked what happened to the rest of the money, the landlord explained that they had put the money into a "money market account" that had lost value, then admitted they'd invested it into Bitcoin. The landlord tried to claim that "this is how a lot of landlords operate now", despite most likely falling afoul of guidelines on how landlords are supposed to hold deposits.

Personally, I'm looking forward to telling my landlord that I can only pay half my rent because I lost the money I'd set aside for it in the crypto markets.

Coinbase rescinds already accepted job offers

The same day that Gemini announced they would be laying off 10% of their staff, Coinbase announced they would be extending a hiring freeze they'd put in place two weeks earlier, and also rescinding job offers that had already been accepted.

Crypto companies are not the only tech companies that have been slowing down hiring or even laying off employees recently, though rescinding already accepted offers is extremely unusual. A would-be employee wrote on the anonymous employee message board app Blind that their offer had been rescinded, and that "this feels like a nightmare that I can’t wait to wake up from". A current Coinbase employee replied, "Dodged a bullet".

Someone scrapes pre-launch NFT data to steal and launch their own goblin asses project

A green wrinkly pair of butt cheeks with light green goblin ears with gold rings, and a pink bandaidGoblin Ass #462 (attribution)
Hoping to riff off the popularity of the recent and weird Goblintown NFT project, some NFT enthusiasts decided to make their own "Goblin Asses" project, which is exactly what it sounds like. As one of the team wrote in a thread explaining what they also clearly thought was a pretty funny turn of events, the team was working quickly and with only one developer. They cut some corners on their development practices, and when testing their project contract, a watchful observer was able to scrape the image data, duplicate the contract, deploy it, and create and release their own website for the project.

All my goblin asses gone.

Gemini announces layoffs of 10% of their staff, blames "crypto winter"

The Winklevoss twins, founders of the Gemini crypto exchange, announced to employees and in a public blog post on June 2 that they would be laying off 10% of their workforce. They wrote that the crypto industry is "in the contraction phase that is settling into a period of stasis — what our industry refers to as 'crypto winter.'" According to CNBC, Gemini employed around 1,000 people, meaning that around 100 would lose their jobs.

The announcement came on the same day that the CFTC announced a lawsuit against Gemini for allegedly making false or misleading statements.

CFTC sues Gemini over allegedly misleading statements

Gemini is a major cryptocurrency exchange and market for Bitcoin futures. The Commodity Futures Trading Commission (CFTC) filed a lawsuit against Gemini for making false or misleading statements pertaining to their self-certification of a bitcoin futures product. The complaints contains several sections detailing allegations of "false or misleading statements and omissions" concerning loans and advances, self-trading, fee rebates and overrides, and trading volume and liquidity. The lawsuit seeks a permanent injunction preventing Gemini from engaging in trading activities, as well as civil penalties and forfeiture of money earned through their alleged violations of the law.

Someone impersonates Guardian tech editor Alex Hern to shill a cryptocurrency

Alex Hern, a technology editor at the Guardian, was surprised to receive an onslaught of messages asking about "Tsuka", a new crypto token. It turned out someone had been using Hern's identity to promote the token. After Hern set the record straight with a message in the token's Telegram channel and a note in his Twitter bio, the token crashed—at least as much as a $0.00015 token with a notional market cap of around $100,000 can crash. But it was enough to hurt some of the people who had been misled by the scam—one person messaged Hern to say he'd lost $400 on the crash, which was around a month's wages in his country, and which he described as his "life savings".

After the token plummeted, Hern received an email from the developers, who spun a story about how they were just fans of his, and that it was just an unfortunate mistake that people has mistaken their usage of his name and "Guardian" to mean he was involved.

Collector sells Bored Ape for $513,000 less than they paid for it

An illustrated ape with brown fur wearing a grey cap, with Xs for eyes, with a dagger in its mouth.Bored Ape #7256 (attribution)
NFT collector onekiller purchased Bored Ape #7256 for 188 ETH a month ago—at the time worth about $513,000. On June 1, they sold the ape for 0.088 ETH, or $161.

It's not quite clear what happened, but it seems likely that it may have been a listing error. Onekiller had posted and then canceled listings for the ape several times in the past week and as recently as four hours before the sale, all between 250 and 145 ETH, suggesting that they had control of their account and made a mistake while entering the listing value.

Technologists draft an open letter to US lawmakers urging them to responsibly legislate crypto industry

A group of 26 technologists (disclosure: myself included) have signed an open letter to U.S. lawmakers urging them to "take a critical, skeptical approach toward industry claims that crypto-assets ... are an innovative technology that is unreservedly good". The letter is an effort to push back against the well-funded crypto lobbyists attempting to influence U.S. lawmakers.

The Financial Times writes, "While individuals have made similar warnings about the safety and reliability of digital assets, it marks a more organised effort to challenge the growing influence of crypto advocates who want to resist attempts to regulate the frothy sector."

Solana network halted again

Solana is one of the more popular proof-of-stake blockchains, and is often trotted out as an alternative to Ethereum when people bring up Ethereum's environmental impact, slowness, or high transaction costs.

However, Solana has been plagued with stability issues, and on June 1 it was taken offline by its developers for what CryptoWhale says was the eighth time this year. This occurred only days after an incident in which the Solana blockchain clock drifted significantly behind real-world time.

Former OpenSea executive arrested, charged with money laundering

Nate Chastain was asked to resign from his position as Head of Product at OpenSea in September 2021 following allegations of NFT insider trading. Online sleuths had discovered that he had apparently bought NFTs based on insider knowledge that they would later be featured on OpenSea's front page. On June 1, the U.S. Attorney's Office of the Southern District of New York unsealed an indictment charging Chastain with wire fraud and money laundering, alleging that he had used anonymous crypto wallets and OpenSea accounts to buy NFTs before they were featured on the front page, then resell them for two to five times what he paid for them.

After leaving OpenSea in the wake of the allegations, Chastain began pitching a new NFT platform called "Oval" to investors, seeking $3 million in seed funding.

Chastain was arrested on June 1. The two charges he faces each carry a maximum sentence of twenty years in prison. The Attorney's Office described the charges as the first ever relating to insider trading of digital assets, and stated that, "today’s charges demonstrate the commitment of this Office to stamping out insider trading – whether it occurs on the stock market or the blockchain."

  • Press release from the U.S. Attorney's Office of the Southern District of New York

Toronto Comic Arts Festival sparks outrage by featuring NFT creator Saba Moeel, Moeel found to have widely traced her artwork

Two images: on the left, an illustration of a pink cat sitting on a tank; on the right, original Tank Girl artwork from which the cat artwork was tracedPink Cat artwork (left); Tank Girl artwork from which it was traced (right) (attribution)
The Toronto Comic Arts Festival angered artists and fans alike when they invited Saba Moeel, the artist behind the Pink Cat NFT collection, to attend as a featured guest. This was in part because of opinions around NFTs more generally, but much of the ire was directed at Moeel specifically when she was found to have traced much of her work from sources including Tank Girl, Tom and Jerry, and various artists on Instagram without providing any credit. Others were concerned with various transphobic or racist statements Moeel has made in the past, as well as the creation of artwork by a non-Black artist that appeared to be caricaturing Black people.

Moeel responded to the criticism in a slew of tweets, writing in one: "Why did i trace tank girl art? Why did Occidental soldiers raid the Iraqi national museum of art and steal all of our cultural artifacts and history? Many questions to answer". Moeef also accused those expressing concerns about her appearance of racism, and described them all as "people who love the central banking system". "Big organizations come out to try to destroy my community of 90% women, mostly WOC like me", she wrote.

One other TCAF featured guest, Ngozi Ukazu, withdrew from the Festival, writing, "Not only do I disagree with the platforming of NFTS, but I also will not be a featured guest alongside an influencer who traces art and explicitly commodifies Black culture." TCAF wrote on Twitter that they were preparing a response to "valid concerns", and the subsequent day announced that they had rescinded the invitation due to "code of conduct violations and the concerns expressed by the comics community".

Superlative Apes team does a "slow rug pull" after drawing in $2.9 million

A colorful pastel Bored Ape illustration with half-lidded eyes, wearing a bowler hat and t-shirtSuperlative Ape #2127 (attribution)
The Superlative Apes NFTs are a collection of Bored Apes derivative NFTs that feature colorful pastels. The project amassed a large following (including, apparently, the rapper Eminem), and its first collection of 4,444 NFTs sold out after launching in December 2021, netting the creators 301 ETH (about $1.2 million at the time). They also sold most of their 8,888-piece Superlative Mutated Apes collection that launched in February, pulling in another 658 ETH (~$1.7 million at the time). The project featured a roadmap promising all kinds of things: a metaverse gallery, "access to our worldwide global tour", future minting passes, a cut of the project fees, and a project to fight global hunger.

The project has been plagued with issues including missed deadlines, accusations of plagiarism (somehow), and connections to another rug-pulled project. Additionally, a flawed staking contract required the team to have holders migrate their NFTs to a new contract—a slow and painful process that has resulted in most of the NFTs being "stuck" in a temporary contract. People who have questioned the project or accused them of rug pulling have been banned from the Discord and blocked on Twitter.

Despite the team's repeat (though very infrequent) claims that the project is still going and is not a rug pull, this appears to be a classic "slow rug"—that is, when a project team engages just enough to keep the community from accusing them of wrongdoing, while still effectively abandoning the project. On May 7, a former community moderator for the project stepped down, publicly stating that "the team has all but given up on the project, they come back every 4 weeks to put forth just enough 'minimal' (understatement) effort to not get sued", and accusing the project team of not paying them as agreed.

Another bug affecting Terra's Mirror Protocol loses the project $2 million (and counting)

Someone has been able to drain more than $2 million from the Mirror Protocol in the Terra ecosystem. It appears they are exploiting an issue with the price oracle for "Luna Classic" (formerly known as Luna, but renamed with the release of Luna 2.0). The oracle seems to be providing an incorrect price for LUNC that is far higher than its price on exchanges. This has allowed a person to use a relatively small amount of LUNC as collateral for loans of much larger amounts in other assets.

Terra sleuth FatMan wrote on Twitter on May 30, "So far, the mBTC, mETH, mDOT and mGLXY pools have been drained. In around 12 hours, the market feed will kick in, and the attacker will be able to drain all of the mAsset pools (such as mSPY and mAAPL, mAMZN, etc.)". He begged Mirror developers to fix the oracle, writing that they are "completely MIA".

Another Bored Ape owner makes a typo, sells NFT for $180,000 less than they intended

A Bored Ape with grey fur, wearing goggles and rainbow suspenders, on a blue backgroundBored Ape #3158 (attribution)
An NFT collector trying to list their Bored Ape NFT for sale on OpenSea made a typo, and accidentally listed it for sale for 10 ETH (around $19,000) instead of 105 ETH (around $200,000). The NFT was quickly bought up before the trader had the opportunity to correct their mistake. It is common for people to run bots that automatically buy pricey NFTs that are listed for sale far below a collection's floor price, as this one was.

The trader later confirmed on Twitter that it was their mistake rather than an account compromise or some other hack: "Yep, was a fat finger. Was trying to list at 105. Never thought it'd happen to me. Devastating."

Meanwhile, the NFT's new owner has it listed for sale for 110 ETH (about $219,000), which will net them a tidy profit if they find a buyer.

Luna 2.0 airdrop sends 2.1 million $LUNA to Mirror Protocol thief

All holders of Luna, who saw their holdings crash to nothing in the Terra collapse, received an airdrop of the new Luna tokens with the release of Terra 2.0 (electric boogaloo). The researcher who originally observed that at least $88 million worth of ill-gotten tokens had been siphoned from the Terra Mirror Protocol before a patch was quietly applied in early May noticed that the attacker had been among the recipients of the airdrop, receiving more than 2.1 million $LUNA. "A nice little reward for stealing money from thousands of Mirror users & locking their funds, causing them millions in losses", wrote the researcher.

The price of the new $LUNA token has been volatile on its first day, starting at around $17 and later valued around $5.70. This would make the attacker's holdings of airdropped tokens worth around $12.1 million, assuming they could find liquidity to cash out.

PokeMoney blockchain game rug pulls for $3.5 million

The token associated with yet another crypto Pokémon rip-off, PokeMoney, suddenly crashed in price when around 11,800 BNB ($3.5 million) worth of it was pulled out of the project. The incident appeared to be a rug pull.

The project creators claimed it was a hack, and stuck around to try to keep the hope alive. They claimed on Telegram that for some reason they couldn't access the project Twitter account, and so couldn't inform their community of the hack. They also began rallying their community around hopes for a project relaunch. Meanwhile, they announced a "CHAT MUTE UNTIL TOMORROW TO AVOID FUD"—as any reputable, not-rug-pulled project would do, I'm sure.

Elon Musk deepfake tries to get people to give scammers Bitcoin

Elon Musk, sitting with his hands clasped in front of a purple background. A logo for "BitVex" is visible in the bottom right.Screenshot from the deepfake video (attribution)
A somewhat robotic-sounding deepfake Elon Musk speaks to a deepfaked interviewer, who asks "what can you tell us about your project and how can it help people get rich right now?" Fake-Musk explains that people who invest in the (scam) project, "BitVex", will "receive exactly 30% of dividends every day", and that if Bitcoin falls in price they will still receive twice their investment back.

According to BleepingComputer, only about $1,700 in deposits appeared to have gone to addresses associated with the scam, although they acknowledged that the addresses are likely rotated and so the true amount may be larger.

Someone brought the scam to Musk's attention on Twitter, where he replied, "Yikes. Def not me." The YouTube channel hosting the videos was taken down shortly after.

Researcher discovers vulnerability in the Terra Mirror Protocol that allowed attackers to siphon tens of millions from the project

A crypto researcher who goes by "FatMan" discovered that the Mirror Protocol in the Terra ecosystem contained a serious vulnerability, that was quietly patched with no announcement on May 9. The Mirror Protocol code previously lacked a duplicate check, which meant that attackers could create a short position and then withdraw it repeatedly in the same transaction, taking many times more money than they should have been authorized to withdraw.

FatMan discovered one instance where a person deposited $10,000 and later withdrew $4.3 million. According to FatMan, they found repeated exploits of this type that earned attackers "well over $30 million". Another researcher on Terra forums estimated about $88 million had been exfiltrated from the project in this way, over the many months the bug went undiscovered and unpatched by Mirror developers.

Solana loses track of time

The Solana blockchain clock drifted about 30 minutes behind real-world time on May 26, as a result of slower-than-usual slot times. Solana's status page read that "this has no impact on performance or network operations", though The Block noted that this time drift could result in smaller staking payouts.

Blockchain timekeeping is also selling point of Solana, which talks up its "proof of history" algorithm in a blog post where Solana Labs co-founder Anatoly Yakovenko says, "our clocks never drift".

Terra decides to release "Terra 2.0", because apparently the way to fix a crypto catastrophe is with more crypto

Following the dramatic collapse of Terra earlier this month, the Terra ecosystem voted to pass a proposal by Do Kwon to create "Terra 2.0". The project intends to "effectively create a new Terra chain without the algorithmic stablecoin"—an odd choice given that the whole point of the original Terra was the stablecoin. The proposal also involves renaming the existing Luna ($LUNA) coin to "Luna Classic" ($LUNC), so that Luna 2.0 can take its place—a change that I'm sure will not cause any confusion whatsoever.

Billy Markus, one of the original creators of the Dogecoin cryptocurrency (both of whom have since left the project), tweeted, "luna 2.0 will show the world just how truly dumb crypto gamblers really are".

Scammer steals 29 Moonbirds NFTs nominally worth about $1.5 million from a single collector

A purple pixel art owl with one squinting eye, on a green backgroundMoonbird #8749 (attribution)
A scammer was able to trick a prolific NFT collector into signing a transaction on a fake trading website, which then allowed them to maliciously transfer 29 pricey Moonbirds NFTs in a single transaction. Moonbirds are a popular collection of pixel art owls that currently trade with a floor price of 24 ETH (about $48,000). The trader who was targeted was a big time Moonbirds fan, holding 29 of the NFTs in their affected wallet. The loss has been estimated at around 750 ETH (~$1.5 million).

The highly exclusive group of NFT collectors known as Proof Collective, of which this trader was a member, was reportedly preparing a report for the FBI and police. Because the attacker used an exchange that requires KYC there may be some possibility that their identity could be traced, although falsified KYC is also increasingly common.

The WeWork founders are starting a carbon credit crypto company and they already raised $70 million in funding

Adam and Rebekah Neumann, the duo behind the WeWork coworking space company that imploded spectacularly in 2019, have re-emerged to start a company called Flowcarbon. The company intends to "tokenize carbon credits"—which they're calling "Goddess Nature Tokens"—and sell them to companies hoping to green up their image. The need for a blockchain is unclear.

The company has already raised $70 million in token sales and a Series A funding round led by Andreessen Horowitz (aka a16z), which seems like a startling amount of money to give to someone who resigned from his previous company amidst accusations of some serious self-dealing and the creation of toxic corporate culture.

DecentraWorld project rug pulls for $1 million

An illustration of a world with lines and dots connecting around it, with the word "decentraworld" in white capital lettersDecentraworld logo (attribution)
The creators of the Decentraworld project, and its associated $DEWO token, rug pulled for 3127 BNB, valued at just over $1 million. The project promised an "ecosystem of dapps with privacy protocols by default". The website spoke of how "governments around the world want to keep controlling their citizens by fighting the one thing they can’t control, the blockchain and crypto-assets", and the project promised to "help humanity maintain its privacy, control, and financial freedom". Unfortunately for the believers, this turned out not to be true when the project drained the funds and deleted their online presence.

Representative Madison Cawthorn under ethics investigation related to crypto, violated STOCK Act

Official portrait of Madison CawthornMadison Cawthorn (attribution)
The U.S. House of Representatives Committee on Ethics announced on May 23 that they had unanimously voted to investigate whether Representative Madison Cawthorn (R-NC) "improperly promoted a cryptocurrency in which he may have had an undisclosed financial interest", as well as one unrelated allegation.

On May 26, Cawthorn filed a disclosure to say he had bought between $100,000 and $250,000 of the "Let's Go Brandon" ($LGB) coin on December 21—eight days before posting that the coin would "go to the moon" just before a deal with NASCAR was announced. The coin then went up in price and Cawthorn sold at least $100,000 of his holdings. This timing led to accusations that Cawthorn had advance knowledge of the partnership.

Cawthorn also disclosed in the same May 26 filing that he bought between $101,000 and $265,000 of Ethereum in late December. Although Congressmembers are required by the STOCK Act to disclose purchases of various assets (including cryptocurrencies) within 45 days of the transaction, Cawthorn's disclosure came five months after the purchase. Cawthorn recently lost his primary, ending his chances of re-election, but his current term isn't slated to end until January 2023.

Crypto speculator loses over $200,000 to wallet compromise

Crypto speculator Jonny Reid wrote on May 22 that his crypto wallet had been hacked and drained of approximately $203,000. He wrote that he had never owned a hardware wallet before and had only used MyEtherWallet and MetaMask. "My security has always been great, always cautious with phishing links / websites / discord / telegram / social media scans etc". He wrote that he suspected the compromise might have been the result of a Chrome extension he had downloaded to auto-refresh a page to schedule a passport appointment.

Reid traced the stolen funds until they disappeared into the crypto exchange "Fixed Float". Reid contacted the exchange, who told him they couldn't supply him with server logs without a law enforcement request. Reid wrote that he was "angry [with] the fact they cant provide me with any details to help me follow the trace" and urged crypto Twitter to try to pressure the exchange to release more information to him.