At least one of the scammer wallets interacted with the Kraken crypto exchange, a U.S.-based exchange that requires KYC, so it's possible that Kraken could help identify the scammers — though they've not made any public moves to do so.
- "NFT Exchange SudoRare Goes Dark After $820,000 Rug Pull", CryptoBriefing
- "SudoRare Pulled the Rug for $820,000. How Will Kraken Respond?", CryptoBriefing
The three men were charged with wire fraud, bank fraud, and identity theft charges, and face potential decades in prison if convicted.
- "Three Members Of Miami Crew Charged With Defrauding Banks And Cryptocurrency Exchange Of More Than $4 Million", U.S. Attorney's Office of the Southern District of New York
BendDAO allows people to take out loans with their NFTs as collateral. However, if the floor price of those NFTs drops too far and the borrower doesn't pay back some of the loan to adjust its risk rating, other people can bid on the NFT.
The problem with this whole plan was revealed when lenders' confidence was shaken when it was reported that $5.3 million in Bored Apes were at risk of liquidation. Panicked users withdrew their assets from the platform, resulting in a bank run that drained the reserves to a low of 5 ETH (~$8,200). BendDAO had other assets, of course: the NFTs below the liquidation threshold. However, a lack of interested buyers willing to pay the minimum prices (95% of the collection floor price) left the project in a tough spot.
Since the extremely close brush with a liquidity crisis, the project has begun to consider a proposal that would reduce the threshold at which NFTs can be liquidated, reduce auction and liquidation protection periods, remove the 95% floor price bid requirement, and increase interest rates.
In this case, a person successfully sold their Pudgy Penguin NFT for 8.69 ETH a year ago ($27,500 at the time of sale). Those particular NFTs have been having a comeback lately, and so the collector bought the same NFT back — this time for 20 ETH ($31,500 at the time of sale). However, an old listing from their previous ownership was still active, and someone was able to snap up the NFT from them for only 9.89 ETH ($15,600) within minutes.
The collector's near-instantaneous $20,000 loss has a happy ending for them, though — the person who bought the NFT was willing to reverse the trade.
However, documents from the legal proceedings surrounding the now-underwater firm revealed that Hodlnaut had 317 million UST, which it liquidated at a loss when the previously dollar-pegged UST hit $0.85. In the filing, they wrote, "Due to the market's lack of liquidity, the average exit price of UST to USDC was around 42 cents on the dollar, resulting in realized losses to Hodlnaut Trading Ltd of about USD 189.7M. As a result, Hodlnaut's total debt to depositors of USD 500M became backed by realisable assets of around USD 315M as of 13 May 2022 due to the de-pegging event."
- "Hodlnaut Cuts Staff as Terra Exposure Is Revealed", Crypto Briefing
- Tweet by FatMan
Swyftx had announced in June that it would be merging with trading platform Superhero in a $1.5 billion deal.
Sub-primate lending: $5.3 million in Bored Apes used as loan collateral are at risk of being liquidated
However, NFTs in general haven't been doing so hot lately, and the Bored Apes haven't been immune from the slump. As the Bored Apes collection floor price has decreased, more than 15% of the apes used as collateral for BendDAO loans are in the "danger zone" — close to being auctioned off. These 45 apes are valued at roughly $5.3 million. Liquidation could lead to cascading liquidations, as the auctions could themselves cause the floor price to decrease.
As Bennett Tomlin put it, "I hate that y'all somehow created a risk for cascading liquidations of JPEG backed loans".
The FDIC sends cease and desist letters to FTX US and other entities who claim their products are insured
In July, the FDIC and Federal Reserve sent a cease and desist to Voyager, a company currently undergoing bankruptcy proceedings, which drew in customers with false promises that USD entrusted to the company were safe from any potential Voyager collapse thanks to FDIC insurance.
As expected, the lawyer consulted by the FT informed them that their chances of a do-over were pretty slim, and suggested that individuals negotiating a split with a partner don't take on all the high-risk assets like this person did.
As of August 20, Bitcoin was trading at around $21,200–70% lower than at its all-time-high of $69,000 in November 2021. Other major cryptocurrencies are faring similarly poorly, with ETH down 67% to $1,630 from its all-time-high of $4,890.
- "Can I cut my potential tax bills when returning to UK?", Financial Times
DegenTown first suffered issues in July, when the project's Twitter account was allegedly hacked, and users were tricked into approving a contract that drained their wallets. One individual behind the project promised they would compensate the users whose wallets were drained, but never did.
The project ultimately rug pulled instead, with Magic Eden acknowledging it in a blog post and Twitter thread on August 17. They wrote that they were "urging the original Degen Town founders to return the funds" — however, this is complicated somewhat by the fact that the identity of one of them is not known to Magic Eden. They explained, "Our prior policy was that we doxxed founders. NFTRamo claimed to be an advisor but we learned that he was actually the founder of the project and used being an advisor as a way of skirting our doxxing processes." This is not the first time their identity verification process was sidestepped — they introduced it after a serial rugpuller used their platform to anonymously sell and then rug pull another NFT project, but that same person was able to do it again only a few months later.
The DegenTown project minted 8,000 NFTs for 3 SOL apiece, bringing in $923,000. Beyond that, the creators took 7.5% in royalties on secondary sales. Magic Eden has said that they were able to get one of the two founders to return the funds they'd earned from the mint, and that they planned to use them to compensate buyers.
Bribe Protocol was incubated by Advanced Blockchain AG and Composable. Composable might ring a bell, because in February its pseudonymous head of product, 0xbrainjar, was revealed to be Omar Zaki, who had settled with the SEC over charges that he had misled investors while operating an unregistered investment advisement company and hedge fund. At the time, he wrote that "I do not want a mistake in my youth to cloud all of the team's efforts", though the SEC charge was filed less than three years prior, when Zaki was 21.
An employee of Figment Capital, one of the investors in Bribe Protocol, claimed that the project had formally shut down and returned 86% of the funds raised from institutional investors, though "retail took a huge L". However, this doesn't appear to have been publicly announced by the project.
Marszalek also tried to discourage employees from leaking about the layoffs, saying at a company town hall: "A number [of employees laid off] makes for a great headline, it's a great thing to gossip about. [But] as co-owners of this company, you should ask yourself, 'is it in my interest for this number to be out there?'" One employee told The Verge that this did nothing to assuage their fears about the layoffs, and that "[it felt like] I got told to shut up and get back to work. It felt insulting."
One recent review on Glassdoor claims that Crypto.com had laid off "more than 1,000 employees", and alleged that "They've removed the company directory so we can't see the numbers go down."
Although the FSC informed the exchanges they needed to register and report their activities, the exchanges did not comply. The FSC has moved to block access to these exchanges in the country, including by asking communications authorities to block access to the exchanges' websites. The FSC pointed to the risk of user data leaks and money laundering as motivations for their action.
Those operating unregistered exchanges in the country could face up to five years imprisonment or a ₩50 million ($37,900) fine, and be barred from registering in the country for five years.
The only evidence Hillman provided was a redacted conversation via LinkedIn, where he denies meeting with someone, and they reply: "they impersonated your hologram. This person sent me a zoom link then your hologram was in the zoom". (Again, hologram?) Amusingly, Hillman waxes poetic about the importance of security at Binance throughout the whole post, while also including a LinkedIn screenshot with a name that's blurred so poorly it remains completely legible.
Hillman goes on to claim, with no further evidence, that "a sophisticated hacking team used previous news interviews and TV appearances over the years to create a 'deep fake' of me". If so, this would be remarkable, as to date video deepfakes have mostly been limited to robotic-sounding and grainy pre-recorded Elon Musk impersonations, rather than anything that can respond naturally and quickly to alive conversation.
Another possible explanation is that Hillman is trying to cover Binance's collective ass after being caught taking listing fees for tokens they never list. But who's to say, really — maybe deepfakers have made a considerable breakthrough with startling implications, and Hillman just didn't feel it was important to elaborate on.
- "Scammers Created an AI Hologram of Me to Scam Unsuspecting Projects", Binance
- "Binance executive claims scammers made a deepfake of him", The Verge
- "News: $3b Bitcoin scam, BitConnect, Tezos ruling, bad ICO news, BitFi, Augur, Voatz", David Gerard
- "Update: Binance charged Blockstack $250,000 prior to listing Stacks, but both say it's not a listing fee", The Block
But Neumann has so far enjoyed a comeback thanks to the likes of Andreessen Horowitz, who led a $70 million funding round in May for Neumann's "Flowcarbon" startup, which aims to sell tokenized carbon credits — sorry, "Goddess Nature Tokens" — to companies trying to green up their image.
Andreessen Horowitz is now enabling another one of Neumann's new crypto schemes to the tune of $350 million — its largest investment to date. This one is just called "Flow", in which Neumann is returning to the real estate industry in a company that aims to help with the residential housing crisis... with blockchain, somehow.
God forbid the venture capitalists give money to deserving founders who haven't already been given, and squandered, a chance. Responding to the news that a16z had put $350 million into Neumann's new gambit — an amount larger than the money raised by all Black-founded startups in the US combined in Q2 — author and investor Kathryn Finney said it was a "slap in the face". "It sends a signal that you can really mess up as a white guy and still get second chances to win," she said.
Several weeks earlier, major crypto exchange FTX announced that they had removed HUSD from their USD basket, meaning they would not be able to be used as collateral.
Huobi worked to distance itself from HUSD as the coin de-pegged, emphasizing that the token is maintained by a different entity and claiming to have exited their stake in that entity in April. However, the token was originally launched by Huobi in 2018, and Huobi has continued to run promotions involving the token as recently as July.
- Tweet by CelerNetwork
- Etherscan for attacker wallet
- "Truth Behind the Celer Network cBridge cross-chain bridge incident: BGP hijacking", SlowMist
- "Genesis Announces New Leadership Team", press release
- "Genesis CEO Steps Down as Crypto Broker Slashes Its Workforce", Bloomberg
Needless to say, this hasn't worked out so hot for CDPQ — Celsius locked up its customers' funds in June and filed for bankruptcy in July, and the courts are in the middle of trying to figure out how to untangle it all. "For us it's clear when we look at all of this, even if the last chapter has not been written, that we went in too soon into a sector that was in transition", said CDPQ's CEO.
CDPQ reported a $33.6 billion loss in the first half of 2022, which they attribute mostly to declines in equity and bond markets.
They explained in a statement that they made the decision in order to try to avoid forced asset liquidation, "as it is a suboptimal solution that will require us to sell our users' cryptocurrencies at these current depressed asset prices".
Ripps is a part of a group of people who have vocally criticized the Bored Apes project for being racist and antisemitic, with what they believe are intentional hat-tips to 4chan culture. Ripps also created his own NFT project, called RR/BAYC, where he clones the Bored Ape NFTs and sells them in what he says is a "critique [of the] hateful imagery". Because Yuga Labs has never brought action against any of the many Bored Ape ripoff NFT collections, he and his lawyers are arguing this lawsuit is an attempt to silence his criticism.
Some of Ripps' and others' individual claims about dogwhistles in the project are more believable than others, but in their entirety they are pretty damning. Ripps is not the only one who has been outspoken about the issue, and is joined by people in and outside of the NFT world.
- "Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology", Daily Dot
- Motion to dismiss
- "Bored Ape Yacht Club is Racist and Contains Nazi Dog Whistles", Ryder Ripps' website
- "BAYC (Bored Ape Yacht Club, the highest market cap NFT) is racist. All that remains to be answered is: why?", Fredrick Brennan
- "Yuga Labs—the author of the highest market cap NFT—is either racist or complicit in Kerem Atalay (one of its executives)’s indifference to racism.", Fredrick Brennan
BitGo plans to seek damages from Galaxy Digital after they called off their $1.2 billion acquisition
Galaxy Digital claims that BitGo failed to provide audited financial statements for 2021 by the deadline they had agreed upon, and for that reason they decided to end the deal.
BitGo claims they've still got time to provide the statements, and that Galaxy Digital owes them $100 million for breaking the deal, which they plan to pursue in court.
Galaxy Digital just reported a ~$555 million dollar loss in the second quarter, which may have contributed towards their choice to back out of the acquisition.
In June 2023, the Delaware Court of Chancery dismissed BitGo's complaint with prejudice, finding that Galaxy Digital had a "clean termination right" based on BitGo's failure to provide financial statements.
They announced that the exchange will stop trading on August 22, and customers have a month to withdraw their funds.
ASEC_APE had just purchased the four NFTs between July 15 and August 13 for a combined total of 326 ETH (~$532,000 based on ETH prices at the time of each purchase; ~$631,000 at the price on the day of the theft).
One of the stolen NFTs, Bored Ape 9012, had just been stolen a week before from Cameo CEO Steven Galanis when his wallet was compromised, as were a handful of other pricey NFTs. ASEC_APE had purchased it from the person who purchased it from the hacker shortly after the August 6 theft.
Brazilian crypto lender BlueBenx halts customer withdrawals and lays off employees after $32 million "hack"
All 22,000 customers of BlueBenx suddenly found them unable to withdraw funds from the platform. The platform also reportedly laid off the majority of its employees.
Acala paused the protocol shortly after the attack, and disabled the transfer functionality of the stolen aUSD and of Acala-based tokens the attacker had swapped for some of the aUSD. It's important to note that the attacker could not earn a profit anywhere near $1.2 billion USD from the erroneous creation of new, unbacked tokens — they likely made off with around $1.6 million. Acala subsequently burned most of the new tokens, which helped the aUSD token return to between $0.90 and $0.94 — much closer to its intended peg.
On August 13, Gabagool posted a long confession to his Twitter account, writing that he had stolen the $350,000, and had previously taken $56,000 over the course of two months, to try to "revenge trade" the money he had lost in the crypto crash. Explaining why he took the $350,000, he wrote, "I thought I could make the 56k back and return all of the funds, which was delusional". He also wrote that "the majority of the funds have been returned to the Velodrome team. The rest will be." Velodrome later confirmed they had recovered all of the stolen money.
Gabagool had become a somewhat prominent part of the crypto community, providing insights into various crypto happenings as someone who was adept at tracing blockchain transactions. In June, he was featured in a Vice documentary titled, "Is Everything in Crypto a Scam?". He spoke about, among other things, his October 2021 discovery that the crypto-focused venture capital firm Divergence Ventures was Sybil attacking airdrops to claim millions in rewards. That particular incident ended with Divergence returning the money they had gained from the strategy, and Ribbon awarding 5% of that amount — equivalent to about $545,000 at the time — to Gabagool as a "bounty".
- Tweet by Velodrome, August 13
- Tweet by Gabagool admitting to the theft, August 13 (alternate link)
- Tweet by Velodrome about the initial theft, August 4
- Tweet by Gabagool about the initial theft, August 4
- "Is Everything in Crypto a Scam?", Gabagool
- "Airdrop Ethics: VC Firm Draws Ire Following $2.5M Ribbon Finance Exploit", CoinDesk
- RGP-6: Divergence Whistleblower Bounty, Ribbon governance forum
Armstrong has claimed that the video cost him more than $75,000 in damages, and has caused him emotional distress including anxiety and depression.
Oddly, in the lawsuit, he writes that he is "in the business of providing advice and commentary on cryptocurrency investments" — a strange thing to do for someone who, like most crypto influencers, constantly tries to claim that his videos are not financial advice.
Armstrong has promoted crypto projects including Celsius. He has also posted and then deleted videos on cryptocurrency projects that later failed, such as Ethereum Yield, Cypherium, and MYX Network. According to a recent CNBC story, he claimed he "could easily make more than $100,000 per month in promotions alone", though it was not clear to which time period he was referring.
Armstrong announced on August 24 that he planned to drop the lawsuit against Mengshoel, stating that "I didn't understand that my name is now so big that if I file a lawsuit it would be found and be made public" — a strange thing to be blindsided by given he sued a YouTuber with 1 million followers who predictably told his audience about the suit. "We are going to drop the lawsuit, 100%. I'm sorry it became public."
However, some have pointed out that issues with Coinbase's API leaked information about which coins were about to be listed, which could have enabled people to obtain the information allowing them to make such trades without an insider connection.
According to India's ED, 23 entities deposited Rs 370 crore (~$46.5 million) into FlipVolt, which the ED says were the proceeds of criminal activity. FlipVolt had "very lax KYC norms, no EDD [enhanced due diligence] mechanism, no check on the source of funds of the depositors, no mechanism of raising STRs [suspicious transaction reports], etc" and reportedly enabled the entities to launder the proceeds of crimes via the exchange.
The value of $MSI, Martin Shkreli Inu (really), plummeted 90% from $0.000014 to a mere $0.0000014 when a wallet owned by Shkreli suddenly dumped its tokens. The MSI token originally was a fan-made token, but Shkreli adopted it as the token "powering" Druglike (despite zero information as to how it's actually used to power the project). The MSI were swapped for 239 ETH (~$459,000).
Shkreli claimed via his Twitter persona "Enrique Hernandez" that "I got hacked last night." (Shkreli was banned from Twitter after being creepy to a journalist, and so now uses the thinnest of veiled identities to somehow evade Twitter suspension). Shkreli claimed that when he had tried to torrent a file called, no joke,
[BigTitsRoundAsses] 17.12.14 - Jazmyn [1080p], he ended up with a remote access trojan. However, crypto research project Rug Pull Finder tweeted, "Bruh - why is the attackers wallet funded by you then".
It's not immediately clear from the statement whether the activities that led to the arrest involved more than just contributing to the Tornado Cash codebase, but it would be very concerning if not. There are complexities around the sanctioning of Tornado Cash — a fairly decentralized software project — that raise concerns about the criminalization of code. For many, it brings to mind the "Crypto Wars" (where "crypto" is referring to cryptography rather than cryptocurrency).
This came as a shock to some crypto enthusiasts, who were taken aback that such a large number of blocks in a "decentralized" and "censorship-resistant" project would reject Tornado Cash transactions. Others worried that more miners would do the same, which could eventually prevent Tornado Cash transactions from being validated at all.
On August 11, about a year after the Kickstarter launched, the creators posted an update: they would be pausing development and putting the project on hold because they had run out of money. "We leaned into the crypto market and expanded rapidly off the back of the positive interest. When the crash came, we ended up heavily exposed with too short of a runway."
Project backers were not impressed by this announcement, with many asking for refunds — which the developers had promised if the game never launched. However, the game developers wrote that "Due to our cash reserves being empty, we are not in a position to refund our initial backers."
"Really disappointed by this- I put money into funding this game to back a game, not to throw money into the crypto market," wrote one backer. "Gutted and to be honest pretty appalled," wrote another.
- Announcement by Untamed Isles
Daniel Roberts, CEO of Decrypt, wrote on Twitter that they had used Mailchimp for more than four years, but that the company had "deactivated our newsletter account with no warning or explanation".
Mailchimp's acceptable use policy bans businesses offering "Cryptocurrencies, virtual currencies, and any digital assets related to an Initial Coin Offering". It's listed among other industries that they identify as having "higher-than-average abuse complaints, which can jeopardize deliverability" including work-at-home scams, make money online, and lead generation opportunities; gambling services or products; and multi-level or affiliate marketing. In an email reportedly sent to Friedland regarding his suspension, Mailchimp wrote, "We cannot allow businesses involved in the sale, transaction, trading, exchange, storage, marketing, or production of cryptocurrencies, virtual currencies and any digital assets."
In April, Mailchimp had experienced a security breach in which audience data was taken from around 100 accounts in finance and crypto-related industries.
Some have praised the change as a good step towards preventing false reports, whereas others have complained that the change does not apply retroactively to assets that have already been frozen from trading on the platform. Others have raised concerns about the new requirement that they engage with police.
While the choice could be chalked up to the end of an A/B test, some legal experts have expressed concern about the sudden and unannounced change in behavior: "It's potentially illegal... This seems straight up deceptive. They said we'll email you price alerts and then stopped doing it without saying they were [going to stop]." He also noted that even if a customer didn't sue for damages, depending on the number of users who saw the alerts, "if they caused harm to people who didn't sell crypto that they would have sold, that is potentially actionable by regulators." Another expert observed that a traditional brokerage firm would likely be penalized by FINRA if they did something similar.
Celsius CEO Alex Mashinsky reportedly sells off some of his $CEL holdings during price increase and attempted short squeeze
CEL enjoyed an all-time-high of around $8 in June 2021, but has been trading for less than half that for this year. The token hit $0.15 on the day Celsius announced they would be pausing withdrawals, but has, oddly, recently spiked above $2. Some have attributed this to the ill-advised attempts at a short squeeze by a group of people who believe that exchanges are somehow running out of CEL tokens to provide to short-sellers, and that a properly-coordinated short squeeze could somehow realistically send the token to $100. Protos did a useful explainer on why this is unlikely to work, but those pushing the idea have a fervency not unlike what was seen with those pushing the GameStop short squeeze, and enjoy dismissing those who question the strategy as "CEL shorters" who are trying to ruin any chance of a Celsius recovery.
All the same, Mashinsky can possibly thank the short squeeze folks for helping him pump his bags, and sell off a pile of tokens for over 10x more than what he previously could have.
Analytics firm Elliptic says RenBridge has been used to launder more than $540 million in proceeds from crimes over the last two years
Elliptic singled out the RenBridge chain in particular, saying that at least $540 million in funds linked to crimes have been moved through the bridge in the last two years. $153 million of this, they say, originated from ransomware plots, and $53 million is allegedly linked to the Russia-based group behind the Conti ransomware.
Hotbit announced the suspension on Twitter with a GIF of a crying Anya from the anime series Spy × Family which, despite demonstrating their good taste in shows, does not seem like it would exactly inspire confidence among customers.
As tends to happen with insolvent exchanges, they are hoping to "compensate" their depositors with a mix of CoinFLEX-issued tokens and equity, rather than actual money or more liquid, established cryptocurrencies.
Their announcement began by saying, "We would like to inform you about an important development that does not affect our services, funds or investments with Nuri," and throughout the post they stressed that customer funds were safe.
Nuri blamed the insolvency on everything from "the ongoing after-effects of the Corona pandemic" to "the economic and political uncertainties in the markets after Russia's invasion of Ukraine" to the more recent crypto bear market.
On October 18, the company announced they would be shutting down after failing to find someone to acquire the company. They asked customers to withdraw their funds by December 18. Unlike many of the services that faced insolvency crises this summer, Nuri is closing without any loss of customer funds.
Curve acknowledged the apparent exploit, tweeting at the iwantmyname domain platform to say they believed the issue was on their end. Around an hour after the issue was widely noticed, Curve announced the "issue has been found and reverted", and to use the alternate Curve Finance domain until DNS changes propagated for the affected domain. They also urged users to revoke any recent contract approvals they'd made on the Curve platform.
FixedFloat tweeted that they had been able to freeze 112 of the stolen ETH (~$192,000) that had been transferred to their platform. Binance later announced that they'd recovered the remaining stolen funds, with founder CZ tweeting, "The hacker kept on sending the funds to Binance in different ways, thinking we can't catch it. 😂"
The celebrities who received letters from TINA were Drake Bell, Tom Brady, DJ Khaled, Eminem, Jimmy Fallon, Paris Hilton, Eva Longoria, Madonna, Floyd Mayweather, Meek Mill, Von Miller, Neymar, Shaquille O'Neal, Gwyneth Paltrow, Logan Paul, Snoop Dogg, and Timbaland.
- "TINA.org Sends Notification Letters to Celebrities Promoting NFTs", Truth in Advertising
- "Celebrities Promoting NFTs", Truth in Advertising