Genesis files for bankruptcy

The Genesis cryptocurrency lending platform filed for bankruptcy, following weeks of turmoil after the FTX collapse. Genesis halted withdrawals shortly after FTX's failure, and shortly afterwards warned of possible bankruptcy if they couldn't raise at least $1 billion in new capital. The past few months have also featured a public conflict between Genesis, along with its parent company DCG and DCG's CEO and founder Barry Silbert, and the Winklevoss twins behind the Gemini crypto exchange.

It remains to be seen what the impact of a Genesis bankruptcy may have on its parent company, Digital Currency Group (DCG). DCG owes Genesis more than $1.65 billion, according to bankruptcy filings, including a $1.1 billion promissory note created to absorb Genesis losses in the Three Arrows Capital collapse.

Founder of Bitzlato crypto exchange charged for processing more than $700 million in illicit funds

US authorities arrested and charged Anatoly Legkodymov, the founder of the Bitzlato cryptocurrency exchange. Although the exchange is relatively unknown, the justice department alleges that it was instrumental to darknet criminal marketplaces, including Hydra Market. The DOJ alleges that users of Hydra Market processed more than $700 million in cryptocurrency through Bitzlato, which also helped to facilitate more than $15 million in ransomware proceeds. Although Bitzlato claimed not to serve users in the United States, the DOJ claims that the exchange "did substantial business with U.S.-based customers".

Three Arrows Capital founders seek funding for an exchange to enable customers to trade claims against firms 3AC helped to bankrupt

Kyle Davies and Su Zhu, the founders of the bankrupt Three Arrows Capital crypto hedge fund, have joined forces with Mark Lamb and Sudhu Arumugam, the founders of the CoinFLEX platform, which is undergoing restructuring due to its own solvency issues. Davies and Zhu are still on the run from liquidators. What a dream team.

The group is seeking $25 million to create a cryptocurrency exchange they're calling "GTX" for now — which they write in the pitch deck is "because G comes after F".

Not only that, but the exchange plans to focus on claims trading — that is, the trading of claims held by creditors against debtors who are undergoing bankruptcy proceedings, like FTX, Celsius, BlockFi, or Mt. Gox (throwback!). The fact that 3AC was a major catalyst in kicking off the string of bankruptcies we saw throughout 2022 was not lost on observers, with Nic Carter of the Castle Island venture capital firm commenting that the endeavor "is akin to arsonists returning to the scene of the crime and offering to charge their victims for buckets of water".

NFT GOD's wallet drained, accounts used to phish others after malware infection

A Mutant Ape with x-ed out eyes, snot on its face, and a green fur coat with skulls sticking out of itMAYC #22284 (attribution)
According to NFT GOD, his computer was infected with malware when he clicked a sponsored link in a Google search when he went to download the streaming software OBS. This is similar to an attack in April 2022 where scammers stole millions using malicious Google ads.

According to NFT GOD, not only did the hackers drain his crypto wallet of his NFTs and crypto, including his beloved Mutant Ape, but they also hijacked his accounts to send out phishing links to his substantial followers.

The person who purchased the stolen ape (for 16.65 ETH, ~$25,800) said he was willing to sell the ape back to NFT GOD for the same price they paid for it, which seemed to be taken as good news by NFT GOD.

LendHub reports $6 million hack

In a Twitter thread, LendHub published a message stating that "hackers stole about 6 million US dollars of assets from Lendhub". They wrote that they had "locked the hacker's attack address", but whatever they meant by this was not enough to stop the thief from transferring 1,100 ETH (~$1,562,000) to Tornado Cash to tumble.

Security firm SlowMist attributed the attack to a token that had been replaced with a new version, but whose original version remained active on the platform. The attacker was able to mint and redeem tokens in the old market, while borrowing against them in the new one, ultimately making off with the majority of the assets on the platform.

Nexo raided by Bulgarian authorities

Bulgarian prosecutors raided more than 15 locations in Sofia, Bulgaria in relation to the Nexo cryptocurrency lender. A spokesperson for the prosecutors has said that the raids are "part of a pre-trial investigation aimed at neutralising an illegal criminal activity of crypto lender Nexo". These activities reportedly include setting up of an organized crime group, tax crimes, money laundering, banking activity without a license and computer fraud. Bulgarian authorities allege that Nexo has processed $94 billion through its platform over the past five years.

Authorities charged four individuals with various crimes shortly after the raid. Two were arrested and released on bail; authorities are still looking for the other two. Police have also confiscated money, computers, and crypto assets.

Within a 24-hour period after the raid was announced, Nexo experienced $45 million in withdrawals — about the same amount they normally process in an entire week — as customers rushed to get their money off the platform.

FTX liquidators get liquidated

As they tried to close an Alameda position on the Aave defi lending project, liquidators in charge of recovering customer funds lost $72,000 due to an error in their approach. The liquidators first removed extra collateral that was supporting the position, which resulted in two liquidations in nine days. The total loss was 4.05 aWBTC, which is priced at around $75,000 based on prices at the time of the transactions.

This SNAFU unfortunately means that those assets won't be available to be repaid to FTX customers, although this loss is relatively small compared to the total amount owed.

SEC charges Gemini and Genesis for allegedly offering unregistered securities

The SEC filed charges against Genesis Global Capital and Gemini, two crypto firms that collaborated to create Gemini's embattled Earn lending program. According to the SEC, their lending program constitutes an offer and sale of securities and, as such, should have been registered. Other companies, such as (now bankrupt) Celsius, have in the past shut down similar products in the US due to concerns over regulatory action; it's not clear why Gemini thought their product would pass muster.

On November 16, Gemini halted withdrawals from Earn after Genesis halted withdrawals after FTX collapsed. Since then, Gemini and Genesis have been engaged in a very public battle, with Gemini's founders accusing Genesis and its parent company of misconduct and demanding the return of the $900 million in Gemini customer funds.

Coinbase lays off nearly 1,000 people in second round of layoffs over the last year

After laying off 1,100 people in an 18% staffing cut in June 2022, Coinbase CEO Brian Armstrong wrote that "in hindsight, we could have cut further at that time." The company announced that they would be laying off around 950 people, which is approximately 20% of their employees.

Like the first round of layoffs, they were performed via email to employees' personal emails, because access to internal systems had already been cut off. The public blog post acknowledged that the strategy "feels sudden and harsh".

Huobi performs 20% layoff, reportedly requires employees to take salary in stablecoins

The major cryptocurrency exchange Huobi confirmed they planned to lay off 20% of employees, shortly after Huobi's advisor and somewhat its public face, Justin Sun, denied any layoffs were planned.

Crypto reporter Colin Wu has also reported that the company is requiring all employees to begin accepting their salaries in Tether or USDC stablecoins, or face dismissal. Rumors on Twitter emerged that internal communications channels had been shut down to quell dissent over the change.

Some crypto advocates commenting on the change maintained that there should be no difference to employees if they receive salaries in stablecoins vs. real money, but none seemed able to elucidate any legitimate reason that an exchange might find itself unable to pay salaries except in stablecoins.

At least they're not being asked to take salaries in USDD, the Tron-based stablecoin associated with Justin Sun. USDD depegged even further from its peg (which has been unstable since around October 2022), dipping to around $0.97.

Developer of Mutant Ape Planet NFT project charged in $2.9 million rug pull

An ape with green melting skin, wearing a hat with gravestones embedded in it. Its eyeballs are bloodshot with Xs on them and it has a katana slung on its back.Mutant Ape Planet #4076 (attribution)
The U.S. Attorney's Office of the Eastern District of New York announced fraud charges against Aurelien Michel, a 24-year-old French national living in Dubai. Michel, under the alias "James", had created an NFT project called Mutant Ape Planet, which minted in February 2022. He collected $2.9 million in proceeds from the project, which promised an extensive roadmap: hundreds of thousands of dollars to be put towards marketing, community raffles, merchandise, a project crypto token with staking features, metaverse land acquisition, etc. However, none of this ever came to be.

Michel said in his defense that he "never intended to rug but the community went way too toxic". In a press release, an IRS Special Agent stated, "Michel can no longer blame the NFT community for his criminal behavior."

Mutant Ape Planet — though clearly based on it — is unaffiliated with the Mutant Ape Yacht Club project, a Yuga Labs-created spin-off of their own Bored Ape Yacht Club.

Genesis lays off another 30% of staff

After a round of layoffs in August that impacted 20% of their employees, Genesis is laying off another 30% of their employees.

Genesis is currently in a really bad spot, halting withdrawals from their lending arm in the wake of the FTX collapse and warning of bankruptcy shortly afterwards. The company owes $900 million to customers of Gemini, and Gemini's CEO recently sent an open letter to Genesis's parent company demanding the funds be returned.

Silvergate bank takes $718 million loss liquidating debt during FTX collapse

Silvergate, a Californian bank that primarily serves the crypto industry, and which was FTX's primary banking partner, scrambled to cover $8.1 billion in withdrawals during the chaos surrounding the FTX collapse. This forced the bank to sell some assets at steep losses, liquidating debt at a $718 million loss. This loss far exceeds the bank's total profits since at least 2013, writes the Wall Street Journal.

Silvergate announced that they would be cutting 40% of their staff — around 200 employees. They also announced that they would be taking a $196 million impairment charge on assets they purchased from Diem — Facebook's blockchain-based payment system once known as Libra. "Given the significant changes in the digital asset industry landscape, this charge reflects the Company’s belief that the launch of a blockchain-based payment solution by Silvergate is no longer imminent," they wrote.

Silvergate's stock plunged 41% on the news.

New York Attorney General sues Celsius CEO Alex Mashinksy for defrauding investors

Alex Mashinsky sitting onstage, wearing a Madonna microphone and a t-shirt reading "Banks are not your friends." with the Celsius logoAlex Mashinsky (attribution)
As Celsius bankruptcy proceedings continue on, the New York Attorney General has come out with a lawsuit against the company's founder and CEO, Alex Mashinsky. Attorney General Letitia James accuses Mashinsky of "engag[ing] in a scheme to defraud hundreds of thousands of investors", promoting his company as a "safe alternative to banks while concealing that Celsius was actually engaged in risky investment strategies".

The lawsuit seeks to permanently bar Mashinsky from engaging in similar business in the state, and seeks disgorgement, damages, and restitution.

Sports company Fanatics jettisons its majority stake in NFT company Candy Digital

"Over the past year, it has become clear that NFTs are unlikely to be sustainable or profitable as a standalone business," wrote CEO Michael Rubin in an internal email explaining the decision to sell off Fanatic's share in NFT company Candy Digital. Candy Digital has created NFTs in partnership with MLB, Stranger Things, WWE, and various Nascar teams.

Fanatics purchased a 60% stake in Candy Digital in a $100 million Series A round in October 2021. Now, they've sold the stake to a group of investors led by Galaxy Digital for an undisclosed amount, in what Rubin wrote was "a rather straightforward and easy decision". He highlighted Fanatics' ability to "realize [when] things aren't working", he wrote in the email.

Logan Paul threatens to sue CoffeeZilla for exposing his (alleged) grift

A pixel art bear with a duckling(?) headA "Bearling" zoo creature from Paul's promised CryptoZoo game (attribution)
Influencer-turned-(alleged)-crypto-grifter Logan Paul has threatened to sue scam researcher CoffeeZilla, who has exposed Paul's "CryptoZoo" blockchain game project as his latest (alleged) scam. Paul's (alleged) scam history is not to be confused with any of the other long list of (alleged) crypto scams perpetrated by his brother, Jake, which CoffeeZilla has also helped expose.

After many attempts over the span of a year to contact Paul, directly and via his manager (who CoffeeZilla did speak with), Paul has claimed that CoffeeZilla made no attempts to get his side of the story. Instead of addressing any of the many well-researched claims about the flagrant (alleged) grift that Paul has been perpetrating, he has instead reacted in typical (alleged) cryptoscammer fashion: by threatening to sue CoffeeZilla.

NFTs reportedly stolen from influencer CryptoNovo, flipped for at least $525,000

A pixel art human head, wearing a grey hoodie and with a brown goatee, on a red-brown background.CryptoPunk #4608 (attribution)
Crypto influencer CryptoNovo tweeted, "I just got hacked!!! Are you kidding me!?!" with a screenshot of valuable CryptoPunk NFTs being transferred from their account. An attacker apparently transferred from CryptoNovo's wallet two or three CryptoPunks, one Bored Ape, one Mutant Ape, three Meebits, and two CloneX NFTs — all "blue chip" NFTs that fetch high prices.

The thief quickly flipped all of the NFTs for around 417 ETH ($525,000). It's unclear if one of the CryptoPunks was stolen, as it was transferred to a wallet to whom CryptoNovo has previously made transfers, but that NFT too was sold for 75 ETH ($94,200).

The thief made a pretty penny, but the loss to CryptoNovo is more substantial based on how much money they spent on the NFTs. They had purchased the Bored Ape in August 2021 for 30 ETH (then around $100,000), and CryptoPunk #4608 in September 2021 for 290 ETH (then $850,000).

The attack appears to have been phishing-related.

Coinbase settles with New York regulators, set to pay $100 million

Coinbase agreed to a $100 million settlement with the New York State Department of Financial Services over charges that the company violated anti-money laundering laws by performing insufficient background checks. Coinbase will pay a $50 million fine, and has committed to spending another $50 million to strengthen its KYC program.

Early last year, Coinbase was ordered by regulators to hire an outside monitor to oversee compliance. Under the settlement agreement, Coinbase will be required to continue the monitoring for at least another year as it works to improve its compliance.

Fake NFTs listed under verified collections on Magic Eden marketplace

A simplistic drawing of a girl holding a broom with a carrot at the end of it. She has blue skin and there is a bird next to her.ABC #2157 (attribution)
Magic Eden, as with many NFT marketplaces, has a verification layer that shows popular projects as "verified" to reduce the chances of people being tricked by NFTs with the same images and names that are not a part of the official collection. However, someone was able to list NFTs they had arbitrarily created on the Magic Eden marketplace in such a way that they appeared as though they were a part of a verified collection of "ABCs" NFTs. The issue also affected a handful of other collections, including the popular "y00ts" collection.

Magic Eden acknowledged the issue in a tweet, asking users to contact their support if they had bought any of the fake NFTs. Various users on Twitter had reported buying the spoofed NFTs, paying 20–50 SOL ($266–$666) for fake NFTs that appeared as though they were a part of a verified collection that usually sold for around 165 SOL ($2,200).

Clicking in to the NFT details showed that they were a part of a different collection that was not verified, but they appeared in listings among the verified NFTs, and were in some cases quickly purchased by collectors who thought they were taking advantage of a seller's mistake in listing the NFT.

Crypto payments platform Wyre to shut down or "scale back"

Crypto payments platform Wyre inked a deal to be acquired by Bolt in a $1.5 billion deal in April 2022, but the acquisition was canceled in September after the two firms "mutually agreed to continue their partnership as independent businesses". However, Wyre only made it a few more months before CEO Ioannis Giannaros abruptly emailed employees on December 30 to inform them that he would be liquidating the company, terminating services, and that nearly all employees would be let go.

Giannaros told Axios that the company was "still operating but will be scaling back".

Hackers steal $3.2 million from GMX whale

A chart of the GMX price over a one day period on January 3, 2023. Around 3pm there is a sudden drop from around $41.50 to just above $38, which then rebounds to around $40 fairly quickly before drifting back up towards $41.50.GMX/USD on January 3 (attribution)
An apparent wallet compromise netted hackers 82,519 GMX tokens from a wallet belonging to a GMX whale. The hackers exchanged these tokens for 2,627 ETH ($3.18 million), then swapped the assets cross-chain.

The sudden sale of such a large number GMX tokens (which are comparatively illiquid compared to much larger cryptocurrencies like Ethereum) caused the price to suddenly drop from ~$41.50 to ~$38 per token, though the token price recovered fairly quickly. GMX is the native token for the defi exchange of the same name.

Users of several NFT marketplaces see porn, Big Bang Theory stills appearing instead of their NFT images

A grid of Goonie NFTs from the RetroGoons project. Most are illustrations of monkey figures, but one has been replaced with a photograph of a nude woman.A collection on Magic Eden during the compromise (attribution)
Users of NFT marketplaces and explorer applications including Magic Eden, NFT Explorer, and Rand Gallery were briefly shown pornographic images and still frames from the Big Bang Theory television show instead of the expected NFT images after someone compromised a third-party image caching service. The affected NFTs used images stored on the decentralized storage system IPFS, and the NFTs themselves were not impacted. However, a third-party caching service used by the NFT platforms caused in some cases very unexpected images to display instead.

"What the fuck is happening, why my 5 years old kid watching porn JPEGs on [Magic Eden's] website" tweeted one shocked user.

The issue was resolved fairly quickly, although some visitors continued to see the unsavory images for a while longer due to browser caching.

Streamer and crypto founder DNP3 admits to gambling with investor funds

DNP3 is a streamer known for giving away large sums of money to other streamers. He is also a crypto founder behind projects including CluCoin, the Xenia play-to-earn game, the Gridcraft play-to-earn game platform, and the Goobers NFT project.

On January 3, he released a statement on Twitter explaining that he had become addicted to gambling over the past year — specifically mentioning his use of the Stake cryptocurrency casino. He wrote, "Every dollar I could find I would put into Stake in hopes of winning big. Even when the big wins did happen it wasn’t enough. Eventually I lost everything. In addition to my own life savings, I also irresponsibly used investor funds to try and 'get my money back' from the casino which was wrong for so many reasons."

The impact on the projects he created — and those who put money into them — is not yet fully clear.

Hacker drains the wallet of the RTFKT crypto project's COO

A silver robot wearing a pink octopus as a hat, and with light pink wings and rainbow-colored pointy teethCloneX #17088, which the hacker flipped for almost $14,000 (attribution)
An attacker drained the wallet of Nikhil Gopalani, the COO of the Nike-owned crypto organization RTFKT. Most of the stolen NFTs were RTFKT NFTs, and the priciest were the nineteen CloneX NFTs that the thief flipped for between $5,850 and $13,960 each, for a total of 112.3 ETH ($136,000). Gopalani's wallet was also relieved of nineteen RTFKT Animus Eggs (priced at a cumulative ~$20,000 based on floor price) and eleven RTFKT x Nike Dunk Genesis CRYPTOKICKS NFTs (priced at a cumulative $3,300).

Gopalani tweeted that "I was hacked by a clever Phisher (same phone # as apple ID) & sold all my clone x / some other nfts... Obviously pretty upset and hurt by this and I havent really been able to move all day." He didn't provide further details, but a tweet by RTFKT CTO Samuel Cardillo suggested that Gopalani may have provided passwords or private keys to a phisher.

Gemini founder writes open letter to Barry Silbert begging for the return of $900 million

Tyler and Cameron Winklevoss, both wearing Gemini t-shirtsTyler and Cameron Winklevoss, Gemini founders (attribution)
On November 16, Genesis halted withdrawals from its lending service shortly after the FTX collapse. Gemini, who partners with Genesis lending to power their Earn program, halted withdrawals hours later. On December 3, the FT revealed that Genesis owes Gemini's customers $900 million.

On January 2, Cameron Winklevoss — one of the twin brothers who operates Gemini — published an open letter on Twitter to Barry Silbert, the founder and CEO of DCG, which is the parent company of Genesis. DCG also has a substantial amount of money that they have borrowed from Genesis.

"More than 340,000 Earn users ... are looking for answers. These users aren't just numbers on a spreadsheet, they are real people. A single mom who lent her son's education money to you. A father who lent his son's bar mitzvah money to you. A husband and wife who lent their life savings to you. A school teacher who lent his children's college funds to you. A policeman, and so many more. All together, these people entrusted more than $900 million of their assets to you," wrote Winklevoss, without any apparent self-reflection on the fact that these words could just as easily have been (and should also be) addressed to him by those same customers of his service.

Bitcoin core developer claims his wallets were compromised, more than 216 BTC (~$3.6 million) stolen

One of the original Bitcoin core developers, Luke Dashjr, claimed on Twitter that attackers had managed to compromise multiple wallets — which he described as both hot and cold wallets — to steal all of his Bitcoins. Dashjr originally blamed the attack on a PGP key compromise, but later said the PGP compromise was only a part of a much broader hack where attackers also bypassed two-factor authentication and got access to what he had believed to be a cold wallet.

Dashjr complained on Twitter about having trouble getting in contact with the FBI about the theft. Some joked about the irony of a Bitcoin maximalist running to the FBI when his coins were stolen.

There are some questions about the veracity of Dashjr's claims, given his supposed security practices, the extent of the breach, and some of his odd comments on Twitter.

Swiss crypto broker Covario goes bust

Just before the holidays, employees of the Covario crypto broker based in Zug, Switzerland learned that their employer was no longer solvent. Attempts to secure a buyout had been unsuccessful, and the company is entering bankruptcy.

The firm had attempted to keep up appearances that all was well, spending lavishly and even opening new offices several weeks before entering bankruptcy. However, it turns out that employee pension contributions had not been being paid since early summer. Employee salaries had not been paid since October.

Tax loss harvesting service emerges to help collectors unload their worthless NFTs

If you bought an NFT for $1,000 and it's now worthless, you still have to find someone willing to buy it before you can claim it as a loss on your taxes. A project called "Unsellable" has emerged to fill that need—buying worthless NFTs for $0.01 (for a small fee) so that people can claim the losses.

"This tool really helped me unload those embarrassing early NFT Hype investments. Should shave about $1000 off my tax bill", a supposed user writes in a testimonial blurb on the site (although the testimonials appear to be faked).

Perhaps someone has finally found a viable crypto business model after all.

Wallets linked to Sam Bankman-Fried's Alameda Research unexpectedly begin selling off $1.7 million in tokens

Wallets known to be controlled by Alameda Research, the crypto trading firm founded by Sam Bankman-Fried and currently in bankruptcy with the other FTX companies, suddenly began selling off large quantities of mostly small altcoins on December 28. Whoever controls the wallets swapped the tokens for Tether stablecoins or Ethereum, then tumbled the funds through cryptocurrency mixers — a strong sign that this was probably not just the FTX liquidators consolidating wallets.

Altogether, an estimated $1.7 million was moved through various services to obfuscate the flow of funds.

3Commas finally owns up to API key leak

In October, several people reported losing more than a million dollars each from accounts that were connected to the 3Commas trading platform. 3Commas vociferously denied that there was any security breach of their crypto trading service, instead claiming that some of their users were at fault for being phished and having assets stolen. Now that someone has published the API key database that was exfiltrated from 3Commas, however, the company has finally owned up to the breach. They confirmed the data in the files was legitimate on Twitter, and wrote that they had contacted Binance, Kucoin, and other exchanges with whom they integrate to ask them to revoke all API keys connected to 3Commas.

3Commas did not come off looking very good after this incident, after they spent weeks denying any breach and accusing those who were concerned 3Commas had been compromised of spreading misinformation and "FUD".

Researcher zachxbt wrote that he had verified 44 victims who had lost a combined $14.8 million due to the leak, although he acknowledged that this was only the number of people he could verify and that the total number of people affected was likely much higher.

Midas Investments platform closes after revealing they're $63.3 million in the hole

Midas Investments announced suddenly that they would be shutting down their platform, which previously enabled users to deposit cryptocurrencies which would then be invested in various defi projects. The team revealed that they had only $51.7 million in assets compared to $115 million in liabilities, a fact they had not disclosed to most of their employees.

Users with assets on the platform will see a significant haircut in what they are allowed to withdraw. Midas intends to keep 55% of the Bitcoin, ETH, or stablecoins held by users in their accounts, as well as any rewards users had earned.

Lest the users be too upset that more than half of their assets no longer belong to them, fear not: Midas will be making up the difference in a new, valueless token that does not yet exist, but that will be associated with some future project that Midas has not described yet. You're welcome!

They've also announced they will be pivoting to "CeDeFi". Yes, that is indeed short for "centralized decentralized finance". No, I am not joking.

Mango Markets exploiter arrested despite claiming all his actions were legal

A very close-up portrait of Avraham Eisenberg, who has curly red hair and a beardAvraham Eisenberg (attribution)
In October, an exploiter was able to manipulate collateral prices to extract tokens from the Mango Markets defi project, ultimately resulting in a $116 million loss for the project. The exploiter then tried to create a governance proposal in which he would agree to return some of the stolen funds in exchange for an agreement that the protocol would not try to freeze the tokens or pursue criminal charges.

It quickly became apparent that a man named Avraham Eisenberg was behind the exploit. In screenshots leaked from a conversation in a private Discord channel shortly before the attack, Eisenberg talked about the exploit he had planned. "I'm investigating a platform that could maybe lead to a 9 figure payday. Should I do it?" he wrote. When someone replied, "unles[s] it is highly illegal", Eisenberg responded: "Are there rules these days?" When someone suggested responsibly disclosing the vulnerability to the protocol, Eisenberg refused, saying the bug bounty was likely to be too small.

Eisenberg later owned up to the attack, tweeting a thread in which he wrote that he "was involved with a team that operated a highly profitable trading strategy last week. I believe all of our actions were legal open market actions, using the protocol as designed, even if the development team did not fully anticipate all the consequences of setting parameters the way they are."

The feds apparently disagreed with his evaluation, and arrested Eisenberg in Puerto Rico on December 26. He is charged with commodities fraud and commodities manipulation.

BTC.com suffers $3 million attack

In a press release, BIT Mining reported that their subsidiary BTC.com had experienced a "cyberattack" in which $700,000 of customer assets were stolen. They also reported that $2.3 million of company assets were stolen, though they said that some of these funds had been recovered. They wrote that they were working with Shenzhen law enforcement to investigate the attack, but provided few details on the attack vector.

BTC.com is the seventh largest Bitcoin mining pool, which also operates other crypto mining services. Its parent company, BIT Mining, is publicly traded on the NSYE.

Millions of dollars of user funds stolen in BitKeep wallet hack

BitKeep, a popular cryptocurrency wallet in Asia, suffered a hack in which at least $8 million in various cryptocurrencies were stolen from user accounts.

BitKeep has claimed that attackers were able to compromise a version of their software and introduce malicious code which enabled them to drain user funds. BitKeep recommended their users contact the team behind BNB Chain on social media to plead with them to freeze an address used by the hackers, although the attackers had already begun to tumble the funds.

This is the second BitKeep-related hack in the last few months. In October, hackers stole more than $1 million worth of BNB when the Swap feature of the BitKeep wallet was exploited.

Rubic cross-chain exchange hacked, $1.4 million in user funds stolen

The Rubic cross-chain exchange suffered an exploit in which attackers were able to siphon a total of around $1.4 million in user funds from their wallets. The exploit was enabled by an error by the project team, who erroneously added the USDC stablecoin address as a router, which allowed attackers to arbitrarily withdraw USDC held by Rubic users. The hacker then transferred the stolen funds through the Tornado Cash cryptocurrency mixer.

Rubic paused their project to limit further thefts, and stated they would pursue audits before coming back online. They also stated that they would "strive to compensate for the losses".

Police arrest two executives of shuttered AAX exchange

The Hong Kong-headquartered AAX cryptocurrency exchange suddenly halted withdrawals on November 13, claiming they were performing temporary system maintenance. However, withdrawals were never re-enabled, and customers quickly realized the exchange was unlikely to resume withdrawals. Some even began searching for the whereabouts of AAX execs, showing up at offices in Hong Kong and Singapore.

Now, Hong Kong police have arrested Liang Haoming and Thor Chan, two executives connected to AAX. Police have reportedly accused the men of using the maintenance excuse to halt customer withdrawals while dealing with a liquidity crisis.

Defrost Finance fails to rug pull

Defrost Finance, a defi trading platform built on the Avalanche Network, apparently tried and failed to rug pull its users. The project claimed on December 23 that they were "sad to announce that our V2 has suffered a hack, with an attacker using a flash loan function to withdraw funds". They later announced that this "hacker" had also managed to exploit the v1 version of their project. Altogether, it appeared that tokens valued at around $12 million had been stolen.

Observers were quick to notice that the "hack" was made possible by the addition of a fake collateral token, which was then manipulated to liquidate the protocol's users, suggesting the "hack" was likely an inside job.

On December 26, Defrost claimed that the "hacker" had miraculously returned the money. The announcement didn't seem to convince the project's users, who left comments like, "It was never hacked. You tried to rug your users".

Defrost Finance's team had previously run a project called FinNexus, which also suffered a "hack" in May 2021 that was widely believed to have been a rug pull.

The latest Pokémon knockoff is stopped in court

Knock-off Pokémon crypto products — including NFTs and blockchain games — have been so prevalent in the past two years that they've earned their own collection on this blog.

Now, it seems that The Pokémon Company International (TPCI) is doing something about it. They hired private investigators to try to locate and serve a company called Kotiota with legal papers, though ultimately were unsuccessful in finding their offices or any employees.

Kotiota was engaged in unusually brazen Pokéfraud, sending legal letters to news outlets who had written about the real Pokémon games and insisting they be named as a developer. Their website falsely claimed Kotiota had been working on various recent Pokémon games, and the company had even forged an agreement with TPCI to claim they had a license agreement.

Kotiota had been planning to release a Pokémon-based play-to-earn blockchain game and collection of NFTs in January 2023, but an Australian court has barred the company from doing so, and ordered them to stop using the Pokémon brand or claiming to have developed the games.

FTX executives Caroline Ellison and Gary Wang plead guilty to criminal charges, are cooperating with investigation

Side-by-side photos of Caroline Ellison and Gary WangCaroline Ellison and Gary Wang (attribution)
Two of Sam Bankman-Fried's inner circle, Caroline Ellison and Gary Wang, have pled guilty to federal criminal charges and are cooperating in the case against Sam Bankman-Fried. Ellison was the CEO of Alameda Research, the trading firm founded by Sam Bankman-Fried in 2017. Wang was a co-founder of FTX alongside Bankman-Fried, and served as its CTO.

Ellison's and Wang's pleas were announced in a short message by U.S. Attorney Damian Williams, who did not elaborate on what the charges were. He again urged any others who had knowledge of criminal activity at FTX to come forward, and warned that these were not the last charges he expected to file.

Simultaneously with the charges from the Justice Department were civil complaints from the Securities and Exchange Commission, which alleged that both had been involved "in a multiyear scheme to defraud equity investors in FTX". In particular, the SEC accused Ellison of artificially manipulating the price of FTT, the FTX-issued token that formed a large portion of Alameda's balance sheet. The SEC accused Wang of creating a backdoor in FTX software that allowed Alameda to move customer funds from FTX for use in its trading activities.

The CFTC filed an amendment to their complaint against Sam Bankman-Fried, adding Ellison and Wang as defendants.

Paxful crypto marketplace delists ether, citing "scams that have robbed people of billions"

Peer-to-peer crypto marketplace Paxful announced that it will be delisting ether, citing "scams that have robbed people of billions".

So close. You're almost there.

Paxful CEO Ray Youssef said in an email to the platform's claimed 11.6 million customers that the decision was based on Ethereum moving from proof-of-work to proof-of-stake, not being decentralized, and spawning an ecosystem of scammy Ethereum-based altcoins. The email featured a header photo of Youssef himself posing triumphantly, and Youssef spent much of the subsequent day tweeting memes he made from pictures of himself.

With the loss of ether, the platform will only allow swaps of Bitcoin, Tether (USDT), and USDC — despite both Tether and USDC being Ethereum-based tokens.

Swan Bitcoin releases a new product to streamline the process of losing your house speculating on Bitcoin

"Convert home equity into Bitcoin", Swan Bitcoin advertises with their new home equity product. Relatively few details are available on the new loan product they're offering, but they advertise that you can close on the loan in "as little as 5 days", obtain loans with no income or credit check, and obtain loan amounts from $20,000 to over $1 million. What could go wrong?

"Rates starting at 7.5%, with 80% Bitcoin upside appreciation", they say. Downside risk is, naturally, not mentioned.

For those unfamiliar, Swan Bitcoin is a US-based Bitcoin-only crypto platform (although CEO Klippsten would surely yell at me for saying it is a "crypto platform", as he insists at every opportunity that "Bitcoin is not crypto").

Core Scientific Bitcoin mining firm files for bankruptcy

Core Scientific warned in October that it was teetering on the edge of bankruptcy, so it was no huge surprise when the company filed for bankruptcy protection on December 21. Core Scientific is one of the largest Bitcoin miners, responsible for around 10% of the computing power on the Bitcoin blockchain. The company operates around 143,000 miners, and host an additional 100,000.

Core Scientific is only one of many Bitcoin miners in distress, as low Bitcoin prices and other factors make mining much less profitable. Other mining firms, including Argo Blockchain and Greenidge Generation, have warned that they may face bankruptcy in the near future. Some firms, such as Iris Energy, have powered off a significant amount of their mining capacity.

Auros files for bankruptcy

Crypto market maker Auros filed for bankruptcy protection in the British Virgin Islands, not long after a missed loan repayment to the Maple defi lender in late November signaled something was amiss. At the time, Auros attributed the missed payment of 2,400 wETH (valued at ~$3 million at the time) to a "short-term liquidity issue as a result of the FTX insolvency".

Now, however, Auros is seeking a "light touch" liquidation path that would allow them to continue operations while they develop a restructuring plan. Meanwhile, they have missed another Maple loan repayment, this time for $7.5 million.

Court filings have revealed that "a significant proportion of the Company's assets" are frozen with FTX, leaving the company insolvent. These assets have an estimated value of $20 million.

Waves founder announces a new, "undepeggable" stablecoin as USDN even more dramatically de-pegs

A one year chart of the USDN price, showing it repeatedly dipping below the intended $1 peg, and becoming very unstable beginning in late August 2022USDN price over the last year (attribution)
Apparently adopting Do Kwon's belief that the solution to a crashing algorithmic stablecoin project is creating another project, Waves founder Sasha Ivanov has announced, "I will launch a new stable coin". This comes after Neutrino USD — aka USDN — has spent much of the year de-pegged, recently plunging dramatically to around $0.50.

The USDN stablecoin remained within a few cents of its intended USD peg for about a year, before losing its peg in April. Since then, it has had a pretty bumpy road, spending much of the year more than a few cents off the dollar peg, and dropping much farther below it in early November.

A less-than-enthused commenter responded to Ivanov's Twitter announcement of a new coin, writing, "My brother in Christ more stablecoins to depeg is not the answer". "It will be undepeggable", replied Ivanov. Well, in that case.

Scammer steals fourteen Bored Apes from one victim, flips them for over $1 million

A Bored Ape with grey fur, wearing a red baseball cap, a green army jacket, and a blindfold over its eyesBAYC #2060, which the scammer claimed to want to license (attribution)
A scammer spent a month setting up a con in which they stole fourteen Bored Ape NFTs belonging to one individual. Posing as a casting director at a real film production company—complete with a fake website, a fake partner company, and fake individuals pretending to have signed deals with the company—a scammer was able to convince the collector that they were interested in paying $13,000–$17,000 to license a Bored Ape for use in an animation.

After some back-and-forth, with legitimate-looking contracts and falsified emails appearing to come from the real company's real founding director, the NFT collector was asked to use their crypto wallet to sign a contract, via the fake company partner website that had been set up.

When the collector did so, the smart contract drained the collector's wallet of its fourteen pricey Bored Ape NFTs, then accepted the highest offers that were outstanding on each of the Bored Apes, netting 852.9 ETH. The scammer converted the stolen ETH to the DAI stablecoin, making off with $1,075,000 in DAI.

Over 100 Bitcoin moved from dormant QuadrigaCX wallets in "unauthorized" transfer

QuadrigaCX was a Canadian crypto exchange that shut down and filed for bankruptcy in early 2019, with hundreds of millions more in liabilities than in assets. It later became apparent that the exchange's founder, Gerald Cotten, had taken customer funds for his own personal use. Cotten reportedly died shortly before the exchange's collapse, though there have been questions around whether he may have faked his own death to pull off an exit scam. Poor accounting processes have made the bankruptcy process — which is still ongoing — a nightmare for those in charge of trying to locate and recover assets.

Now, someone has moved 104 BTC (priced at $1.75 million today) from what is supposed to be a Quadriga cold wallet. In 2019, Quadriga's bankruptcy trustee Ernst & Young revealed they had erroneously transferred these roughly 100 Bitcoin to that wallet, which they could not access. Oops.

Most of the stolen BTC was transferred to a privacy service to obfuscate its ultimate destination. Ernst & Young subsequently confirmed the transfers were "unauthorized transactions" and not performed by them.

Raydium exploit results in ~$5 million loss

An exploit on the Solana-based Raydium decentralized exchange project resulted in a total loss to the platform of $4.4 to $5.5 million. The attacker's actual spoils were less — somewhere around $2–3.5 million.

Raydium claims the exploit was a trojan attack, though they've provided no further evidence to substantiate this. According to Raydium, a trojan allowed an attacker to compromise the private key belonging to the pool owner account. With control over the private key, the attacker was able to withdraw a mix of assets from the pools. They bridged at least $2 million to Ethereum and tumbled them through Tornado Cash; another $1.5 million remained on the Solana chain, where some projects began freezing assets.

Raydium has offered a 10% "bug bounty" to the hacker if they return the stolen funds.

Auditing firm cuts ties with crypto clients, deletes Binance's "proof of reserves" report they issued days prior

The accounting firm Mazars Group has ceased working with cryptocurrency clients, including Binance, KuCoin, and Crypto.com. A statement from the firm attributed their decision to "concerns regarding the way these reports are understood by the public".

On December 7, a branch of Mazars Group had published a "proof of reserves" report for Binance — though it only accounted for Bitcoin, and did not reflect liabilities for Binance's lending product. On December 9, Crypto.com also published a "proof of reserves" report that had been produced by the firm.

As of December 16, the Binance audit — which had been hosted on Mazar's website — had been deleted.

"Proof of reserves" reports have been offered by various cryptocurrency exchanges in lieu of proper audits, but have reasonably failed to reassure many customers of those exchanges. These reports do not involve the scrutiny that would be applied by a full audit — they only reflect a snapshot of assets at a point in time, and do not show a firm's liabilities.

Donald Trump teases a "major announcement" that's just NFTs

Social media post by Donald Trump: "MAJOR ANNOUNCEMENT! My official Donald Trump Digital Trading Card collection is here! These limited edition cards feature amazing ART of my Life & Career! Collect all of your favorite Trump Digital Trading Cards, very much like a baseball card, but hopefully much more exciting. Go to collecttrumpcards.com/ & GET YOUR CARDS NOW! Only $99 each! Would make a great Christmas gift. Don't Wait. They will be gone, I believe, very quickly!"Donald Trump NFT announcement (attribution)
It's finally happened. The siren song of NFT grifting proved too much for Donald Trump.

Trump supporters got all excited when Trump posted on social media to tease a "major announcement". Was he going to run for speaker of the House? Return to Twitter? Unveil a presidential running mate?

His supporters were surprised — and not exactly thrilled — when the announcement turned out to be a collection of 45,000 NFTs (sorry, "digital trading cards") featuring artwork of himself in heroic outfits and poses. The NFTs are "just" $99 apiece, and money goes to Trump, not his campaign.

Even some of his strongest supporters were nonplussed. Steve Bannon said, "I can't do this anymore," and opined that he should fire whoever advised him to make the collection. A source working for Trump said that he is "supposed to be running for president right now", and questioned how "fleecing our supporters for $99" was in service of that goal.

Nevertheless, the NFTs seemed to sell decently well, with more than 30,000 minted by that evening.

Binance withdrawals surge due to concerns over the company's reserves

Binance, the largest cryptocurrency exchange in the world, processed at least $1.9 billion in withdrawals in a 24-hour period—considerably more than it processes in a typical day. In fact, the company briefly had to pause withdrawals of the stablecoin USDC because they needed to swap various stablecoins in order to continue to process withdrawals—something they could not do while the New York-based bank was closed.

These mass withdrawals signal concerns about Binance, whose users are looking for reassurance that the company is not engaged in similarly shady practices as their now bankrupt rival FTX. Recent news that the US Department of Justice is considering criminal charges against the company has not helped reassure customers.