- "My Big Coin Founder Convicted of Cryptocurrency Fraud Scheme", U.S. Attorney's Office of the District of Massachusetts
Former Coinbase product manager charged with tipping off co-conspirators about tokens that were about to be listed on the exchange
Wahi allegedly used his access to highly confidential information around which cryptocurrency tokens would be listed and when the news would be announced to tip off his brother and friend, who would then use multiple anonymous Ethereum wallets to purchase large quantities of the token before the prices spiked on the news. According to the press release, the two took positions in at least six tokens before Coinbase announced in April 2022 that they would be listing them on the exchange. The DoJ said that the scheme had generated approximately $1.5 million in gains. The DoJ acknowledged a "Twitter account that is well known in the crypto community", likely referring to Cobie, who identified the suspicious activity.
The DoJ also reported that when Coinbase's director of security operations contacted Wahi in May asking him to attend a meeting regarding the suspicious activity, Wahi purchased a one-way flight to India in an attempt to flee the country. He was stopped by law enforcement.
Each of the charges (four against Wahi, two each against his brother and friend) carry a maximum sentence of 20 years. The U.S. Attorney for the Southern District of New York stated in the press release, "Today's charges are a further reminder that Web3 is not a law-free zone... fraud is fraud is fraud, whether it occurs on the blockchain or on Wall Street."
- "Three Charged In First Ever Cryptocurrency Insider Trading Tipping Scheme"U.S. Department of Justice
Blockchain.com also announced that they would close their Argentina-based offices, cancel plans to hire in several countries, and cut executive salaries.
The wildfire is reportedly the second fire in that same location attributed to the company in the last month. Spain has been facing devastating fires brought on by record-breaking temperatures and drought, and Land Life acknowledged that contractors should not have been working during the heat wave due to the extreme fire risk.
- "La empresa forestal que originó el fuego de Ateca ya causó otro hace un mes en el mismo lugar", Heraldo (in Spanish)
- "Land Life Company Raises €3.5 million in Series A Funding", press release
- Comunicado - Incendio Bubierca, Land Life (in Spanish)
Based on a follower's suggestion, he created the ENS domain stop-doing-fake-bids-its-honestly-lame-my-guy.eth and placed a 100 ETH bid on it. To his surprise, another person came along and offered him 1.9 ETH (~$2,900). Apparently excited to receive a sizeable offer for a gag NFT, franklinisbored accepted the offer and took to Twitter to write about his good fortune: "Well this is the most surprising 1.891 ETH I have ever made. I owe it all to #ENS and @gweiman_eth's creative idea. #Marketing101".
Meanwhile, he had forgotten to cancel his joke 100 ETH offer, which remained active. The new buyer accepted the offer and sold the NFT back to him, pocketing 98 ETH in the process. Franklinisbored wrote on Twitter, "I was celebrating my joke of a domain sale, sharing the spoils, but in a dream of greed, forgot to cancel my own bid of 100 ETH to buy it back. This will be the joke and bag fumble of the century. I deserve all of the jokes and criticism." He also sent the 1.9 ETH back to the other person, with a message asking them to reverse the transaction. The other person replied, "No, thank you for the money though."
In their report, Tesla stated that "Conversions in Q2 added $936M to our balance sheet." Assuming this is all Bitcoin, this suggests Tesla sold at around $28,900—a 7–10% decrease from their buy price. The company stated in a shareholder presentation that the "Bitcoin impairment" had damaged the company's Q2 profitability.
This is grim news for some crypto enthusiasts, a group that overlaps considerably with Tesla and Musk superfans. Musk's Bitcoin purchases helped to convince many new people to buy in, and the news of Tesla's decision caused a sharp 2.5% decrease in Bitcoin prices.
According to CoinDesk, Zipmex faces an enormous loss on a loan of $100 million worth of assets to Babel Finance, an exchange that suspended withdrawals in mid-June and is now hiring restructuring attorneys.
On July 21, the Thai Securities and Exchange Commission sent a letter to Zipmex asking them to explain their decision, requesting details on customer assets under custody and where they were invested—particularly around any assets deposited in Celsius or Babel Finance.
- "Crypto exchange Zipmex halts withdrawals due to 'volatile market conditions'", The Block
- Tweet by Zipmex
- "Zipmex a Victim of Crypto Contagion as Concerns Grow Over Babel Loan: Sources", CoinDesk
- "ก.ล.ต. ให้ บริษัท ซิปเม็กซ์ จำกัด (Zipmex) ชี้แจงข้อมูลเพิ่มเติมเกี่ยวกับทรัพย์สินของลูกค้า", Thai SEC (in Thai)
Raccoon Network is a metaverse project. Freedom Protocol invested in the project in late June, and announced they would be working together. Freedom Protocol is a defi project that advertises an 183,394.2% APY "compounded by scientific calculations".
The Sho Restaurant does plan to allow members of the public as well as NFT holders, and even the holders will still have to pay for their food. NFT holders also get access to the exclusive Sho Club, and things like "Access to all future Sho Club lounges" (no such lounges appear to be in planning). Those who pay $15,000 or $300,000 for top two tiers of NFTs receive access to perks including a "Monthly curated omakase members dinner (food & beverage not included).
The FBI stated they had identified 244 victims, and estimated the total loss associated with these fraudulent apps to be around $42.7 million.
- "Cyber Criminals Create Fraudulent Cryptocurrency Investment Applications to Defraud US Investors", Federal Bureau of Investigation
Only four days prior, on July 14, Bexplus had published a press release offering "rewards worth up to $5,000 to new users who sign up and make their first deposit". The project also promised its users up to 21% interest on bitcoin kept with the exchange. Bexplus had also promised a 100% match on deposits to the platform, up to 10 BTC (currently priced at $235,550).
- "Notice on Indefinite Suspension of Bexplus Project", Bexplus
- "Bexplus Exchange Announces $5,000 Giveaway for New Users", press release
- "Corretora brasileira de criptomoedas fecha e dá 24 horas para clientes sacarem fundos", Livecoins (in Portuguese)
The move came only a month after BlockFi laid off 20% of their employees, or around 170 people. The company appears to be struggling to stay afloat, soliciting $400 million in loans from Sam Bankman-Fried's FTX crypto exchange and signing a deal with FTX that gives the exchange the opportunity to acquire them.
The week prior, an internal operating plan document was shared to the anonymous employee platform Blind, which outlined a plan that would reduce company headcount to around 800—a 15% reduction. The plan was taken down shortly after. Gemini co-founder Cameron Winklevoss wrote in a Slack message that the leak was "super lame", and wrote that "friendly reminder that Karma is the blockchain of the universe — an immutable ledger that keeps track of positive and negative behavior."
The fund is down 30% YTD. According to Scaramucci, the suspension was to avoid "damag[ing] investors that want to stay in the funds" if many investors decide to exit in a less than "orderly" fashion.
The fine was imposed on April 25, 2022, and Binance filed an appeal in June. This is not Binance's first time playing fast and loose with regulatory bodies—in February, Binance halted activities in Israel due to being unlicensed. In December 2021, the Ontario Securities Commission released a statement to say that Binance wasn't registered in the province, but Binance continued to operate there anyway for several more months.
Then, on July 17, the exchange released a new announcement: "Due to cooperation with the police investigation, the platform has suspended related services... Please wait for the police announcement." They also wrote in the post, "AEX reserves the right of final interpretation of this announcement", and below the signature wrote, "The closer you look, the further you see."
On July 20, PREMINT's CEO announced they would be compensating all users affected by the hack by sending them ETH equivalent to the floor price of the stolen NFTs. "I realize that the NFTs stolen were not all floor NFTs... You might feel like this compensation isn’t enough. But I don’t think there’s any other scalable and objective way to do this," he said. The total repayment will amount to about 340 ETH ($525,000). PREMINT also bought the two most expensive stolen NFTs from their new owners for the prices they had paid to buy them from the hacker—92 ETH ($138,000) for a Bored Ape and 12 ETH ($17,800) for an Azuki. Those NFTs were returned to their original owners.
NFTs valued at $150,000 stolen via phishing link posted to the hacked Twitter account of NFT artist DeeKay
Altogether, the stolen NFTs were valued at around $150,000. DeeKay reported that he wasn't sure how his Twitter account had been compromised, but that "my guess is that [two-factor authentication] was off for that specific time". DeeKay wrote that he was considering compensating his followers who were victim to the scam, but that "[a] few are pretending to be affected and looking for opportunities", and "this also encourages hackers to keep doing their thing". "There were some kind souls who were affected and have shown me great flexibility for me to compensate in different ways. Some are asking for high demands as if I was the hacker...😪", he wrote in the thread.
The news sparked rumors about Coinbase, including that they might be facing a liquidity crisis or insolvency. Others dismissed those rumors as unfounded, and normal behavior for a company facing a market downturn. Coinbase CEO Brian Armstrong tweeted that Coinbase was "well capitalized".
Reception on Twitter was brutal, with one person commenting, "And that's another one for Beloved Icons Ruined By Pyramid Scheme Bingo". Another described the decision to launch an NFT project as "jumping on the bandwagon while it's actively collapsing". The reception on Discord was also tepid, with only 130 people joining the server in the two days following the announcement.
McAfee died by suicide in June 2021 in a Spanish prison, shortly before he was due to be extradited to the United States on tax evasion charges. His death kicked off a tornado of conspiracy theories by QAnon followers.
Now, the SEC has wrapped up the investigation, finding his partner in crime responsible for the undisclosed promotion and pump and dump scheme. In addition to a $376,000 fine, Watson is prohibited from any professional cryptocurrency trading.
- "Crypto Lender Celsius Files for Bankruptcy After Cash Crunch", Bloomberg
- "Troubled Crypto Lender Celsius Hires New Restructuring Lawyers", The Wall Street Journal
As with many of these attacks, it's not immediately clear if there was truly an outside party who gained unauthorized access, or if the "attack" was actually a rug pull or an inside job. The project tweeted on July 16 that they were "continu[ing] to investigate" and had hired outside security firms to try to help them identify the hacker and recoup lost funds.
One single wallet targeted by the phishing attack lost more than $6.5 million worth of Ether and Bitcoin, and another targeted by attackers lost around $1.68 million worth of those currencies.
Rival firm Nexo has said it is considering acquiring Vauld, though some have expressed skepticism that Nexo is in a position to afford such an acquisition.
The usage of the exchange by residents of sanctioned countries could draw the attention of US regulators. It's also the latest in several investigative reports by Reuters into Binance, in addition to a June report that the exchange facilitated $2.35 billion in illicit transfers from 2017–2021, and an April report that Binance supplied the Putin regime with information about crypto donors to opposition leader Alexei Navalny.
Bifrost wrote in their post-mortem analysis that because the attack was limited to the BTC address registration server, and the hack didn't exploit any smart contract or protocol vulnerabilities, a security audit performed by Theori "is still valid"—leading one to wonder why anyone should trust an "audited" platform if $2.25 million in assets can be stolen without invalidating an audit.
- "Post-mortem: BiFi-BTC illegal address registration", Bifrost blog
Hackers used NFTs from the popular Doodles collection as collateral to borrow wETH, then withdrew all but one of the NFTs, allowing them to perform a re-entrancy attack. The attacker then laundered the funds using the Tornado Cash cryptocurrency tumbler.
According to Omni, only funds belonging to the platform that were being used for testing were taken by the attacker.
- "Hacker drains $1.4 million worth of ETH from NFT lender Omni", The Block
- Exploiter wallet on Etherscan
Although they initially dodged naming the counterparty, CEO Mark Lamb eventually publicly stated that this counterparty was Roger "Bitcoin Jesus" Ver, who he said failed to meet a $47 million margin call. However, Ver publicly refuted this claim, stating that CoinFLEX in fact owed him money. Both parties went back and forth, each accusing the other of misrepresenting the situation.
On July 9, the company stated that they would be seeking arbitration to recover $84 million from Ver—an updated figure that they said factored in the "significant loss in liquidating his significant FLEX coin positions".
In late June, the exchange laid off 30% of staff and took other measures to cut costs. They later disclosed they were short $70 million, partly from exposure to the Terra ecosystem which collapsed in May.
- "Peter Thiel-Backed Crypto Lender Vauld Files for Protection Against Creditors", The Wall Street Journal
What he didn't mention was the lawsuit that had just been filed against the company, by investors who allege that Ravlich and his co-founders lied to investors and never created any usable product or service. Investors claim to have lost millions in cryptocurrency, and one alleged that Ravlich and his compatriots used a shell company in the Cook Islands to make it harder for him to recoup his losses.
Hypernet initially promised to build a system for renting unused computing power, and in 2018 raised around $20 million in an initial coin offering. In late 2021, Hypernet "pivoted hard" into NFTs, which one investor stated was a "knee jerk reaction to the flavour of the day" and a "last-ditch attempt to find a non-existent market for a non-existent product".
The legal complaint reads, "Prior to Plaintiff coming on board, Defendants had no unified, organized, or overarching investment strategy other than lending out the consumer deposits they received. Instead, they were desperately seeking a potential investment that could earn them more than they owed to their depositors. Otherwise, they would have to use additional deposits to pay the interest owed on prior deposits, a classic 'Ponzi scheme.' The recent revelation that Celsius does not have the assets on hand to meet its withdrawal obligations shows that Defendants were, in fact, operating a Ponzi-scheme."
This is not Reddit's first foray into NFTs. The platform launched four 1-of-1 "CryptoSnoo" NFTs in June 2021, which allow the four holders to display the NFTs on their profile. The "Collectible Avatars" appear to be an attempt to open this same functionality to a broader group of Redditors, while simultaneously appearing to try to sidestep the more negative sentiment around NFTs that has developed since their last project.
2gether had previously made news in August 2020, when hackers stole 114 Bitcoin and 276 ETH—then worth around €1.183 million ($1.2 million), and representing 15% of customer funds. The company successfully raised €1.5 million ($1.52 million) in a financing round several months later to cover the loss.
- La plataforma de criptomonedas 2gether cierra y deja a 100.000 afectados, La Vanguardia (in Spanish)
Luckily for them, they were able to pause the contract before anyone exploited it in ways that were not so easily rectified. The ability to receive $1 trillion in USN out of $1 could have easily been used to drain the USN/USDT liquidity pool.
The plans enraged some of their users, who called the company a scam and questioned the decision to charge only the users with the least funds. Following the backlash, Bitstamp walked back the decision to impose the fee.
Genesis is owned by the deep-pocketed Digital Currency Group (DCG), which may enable it to weather this loss better than some of its crypto brethren. CEO Michael Moro tweeted that "DCG has assumed certain liabilities of Genesis" relating to Three Arrows Capital's inability to meet a margin call.
Report reveals that crypto investment firm Uprise lost 99% of customer funds trying to short Luna during its collapse
The firm advertised its AI-enabled automatic trading strategies, which it said would reduce the risk involved with leveraged crypto trading.
A spokesperson for Uprise stated, "It is true that damage to customer assets has occurred due to unexpected great volatility in the market."
- "Uprise lost 99% of client funds while shorting LUNA during its price crash: SE Daily", The Block
- [단독] '카카오·KB 베팅' 코인투자사, 루나로 267억 날렸다, Seoul Economic Daily (in Korean)
Voyager CEO Stephen Ehrlich wrote on Twitter that he expected that Voyager would "emerge as a stronger company", certainly an optimistic prediction for a crypto broker that froze customer funds with no promise they will ever be able to access them, then filed for bankruptcy.
U.S. Office of Government Ethics issues guidance prohibiting executive branch employees who hold crypto from working on crypto policy
The OGE's purview is limited to the executive branch, meaning that although this impacts White House employees and federal agencies like the Federal Reserve and Treasury Department, it unfortunately does not apply to legislators.
The website advertises specifications for an eventual console that contradict—it will be both 4K and 8K, for example—and promises to integrate Apple's TouchID (despite the fact that Apple does not allow non-Apple products to use that technology). The product's Medium page describes their plans to take pre-orders before the console hardware is built (good sign), and estimates a release date of Q3 2024.
Polium has also gotten flak for its logo, which quite resembles the GameCube logo. Although they claimed in a tweet that "we did not copy the Nintendo's GameCube logo", they also promised to "illustrate a new logo that is original"—apparently acknowledging that theirs is not.
Apparently forgetting the industry they're in, CoinLoan also wrote that their "strategy bars risky activities that could endanger CoinLoaners' funds".
Vauld, which is based in Singapore, also announced that they would be bringing on financial and legal advisors to "explore and analyse all possible options, including potential restructuring options".
- "Corporate statement" by Vauld
- "Peter Thiel-Backed Crypto Lender Vauld Suspends Withdrawals", Wall Street Journal
Twitter and YouTube accounts for the British Army simultaneously hacked and used to promote NFT and crypto scams
On Twitter, the account details were changed to resemble the Possessed NFT project (as also happened to top Super Smash Bros. Ultimate player MkLeo in March). Tweets from the account announced a "new NFT collection" and linked to a fake minting website, complete with a fake counter showing the number of available NFTs appearing to dwindle.
Meanwhile, the YouTube account was rebranded to resemble ARK Invest, the investment management firm founded by Cathie Wood. It ran a steady stream of fake videos cribbed from an old, real livestream with Elon Musk and Jack Dorsey, but surrounded with borders promoting "double your money" Bitcoin and Ether scams. This is a common YouTube scam, and one such scam earned crypto scammers $1.3 million in 24 hours back in May.
Crema Finance sent a message to the hacker via Ethereum transaction, writing that "you have 72h from now to consider becoming a white hat and keeping $800k as the bounty... Otherwise the police and legal force will officially get involved and there will be endless tracing waiting for you." On July 6, Crema announced that they had reached an agreement with the hacker, who returned most of the funds and kept 45,455 SOL ($1.68 million) as a "bounty".
Crema Finance is not to be confused with C.R.E.A.M. Finance, a crypto lending service that was hacked three separate times in 2021 for a total of nearly $200 million.