After raising user funds, the project's creators drained its liquidity pools. They also convinced users to send funds to them with a technique known as "ice phishing". They then deleted their social media accounts and disappeared.
Kokomo Finance rug pulls
- "Kokomo Finance", CertiK
Latest Sotheby's NFT sale is decidedly tepid
It seems perhaps even Sotheby's prestige is not sufficient to overcome the NFT downturn.
Collector accidentally burns their $123,000 CryptoPunk
However, some confusing instructions resulted in the owner sending the punk to the burn address, effectively destroying the NFT. "I was trying to wrap it and don't know what I was doing... Thought I was following the directions exactly..." they later wrote. They also later shared that they had borrowed money in order to purchase the CryptoPunk.
US prosecutors file criminal charges against Do Kwon
The criminal charges out of the US add to civil charges he's facing from the SEC, as well as an investigation out of South Korea.
Terra/Luna founder Do Kwon arrested
After the collapse, Kwon became a fugitive. South Korea issued a warrant for his arrest in September, and Interpol issued a red notice. However, he's remained on the lam for some time, reportedly hiding in Serbia for a time — a country with no extradition agreement with South Korea.
Now, officials in Montenegro have announced they arrested Do Kwon, who was attempting to travel through the country using falsified documents. Montenegro is a Balkan country bordering Serbia.
Kraken to suspend ACH transfers after Silvergate collapse
SEC sends a Wells notice to Coinbase
According to Coinbase, the Wells notice related to "aspects of the company's exchange, our staking service Coinbase Earn, and Coinbase Wallet". It's not terribly surprising that the SEC might have Coinbase Earn in its crosshairs, as it has recently taken action against similar products, such as Kraken's staking service. In the wake of the action against Kraken, Coinbase seemed to try to pre-empt SEC arguments by sending an email to customers emphasizing things like "You earn rewards from the protocol, not Coinbase". It doesn't look like this has shifted the SEC's thoughts much, though.
This should be an interesting saga to watch, partly because Coinbase has expressed willingness in the past to go head to head with the SEC.
Lindsay Lohan, Jake Paul, and other celebrities charged for illegally touting Justin Sun's tokens
With the exception of Soulja Boy and Mahone, the celebrities paid a total of more than $400,000 in disgorgement, interest, and penalties to settle the charges without admitting or denying them.
Justin Sun charged with offering unregistered securities and market manipulation
Eight celebrities were also charged with violations of anti-touting law.
SpankPay payments service for sex workers shuts down
In a tweet announcing the shutdown, SpankPay reassured customers, "Rest assured your money is safe and we'll get it to you as soon as possible" — always a scary thing to hear from a crypto company.
It seems that only the payments processing side of the business is shutting down, with projects including SpankChain and SpankMatch continuing to operate.
General Bytes crypto ATMs exploited for over $1.6 million
In addition to standalone servers, General Bytes' cloud service was impacted, and the company announced that it would be permanently shuttering it. "It is theoretically (and practically) impossible to secure a system granting access to multiple operators at the same time where some of them are bad actors," wrote the company in their statement explaining the decision, apparently unaware that this is something software companies find themselves doing all the time.
This exploit was the second breach suffered by General Bytes this year, after hackers exploited a vulnerability in August 2022 that allowed them to steal customer funds. It's unknown how much was stolen in that attack. The company also patched multiple hardware and software issues in their ATMs in September 2021, after Kraken Security Labs discovered issues including poor security practices that would allow attackers to "walk up to an ATM and compromise it".
- "General Bytes Bitcoin ATMs hacked using zero-day, $1.5M stolen", BleepingComputer
- "Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug", BleepingComputer
- "Kraken Security Labs Identifies Vulnerabilities In Commonly Used Bitcoin ATM", Kraken Security Labs
Thousands lose money to iEarn Bot crypto scam
According to the BBC, dozens of high-profile individuals in Romania, including members of the government and academics, lost money to the scam after it was promoted by technology expert Gabriel Garais — who also says he lost money in the scheme.
iEarn Bot claims to be a US-based company, although its website is full of false information. The person named as the company's founder told the BBC he has nothing to do with the scheme, and companies and institutions listed as "strategic partners" say there is no such partnership.
The BBC identified one cryptocurrency wallet that received payments from around 13,000 others totaling nearly $1.3 million.
Thwarted hacker asks security firm to reimburse gas fees
On March 17, blockchain security company BlockSec observed an attacker trying to exploit a vulnerability in the NFT lending project Paraspace. Although they had successfully identified a vulnerability that could have allowed them to steal 2,900 ETH (a bit over $5 million), their attempt to execute the hack failed because they didn't correctly estimate what it would cost them in gas fees.
After observing the attempt, BlockSec executed a whitehat rescue, where they successfully executed the same attack to remove the funds from Paraspace and secure them until they could return them to the project team.
Incredibly, the exploiter sent an on-chain message to BlockSec: "hey man, I am the one who made the contract you just copied, I couldn't make it work for a stupid gas estimation error. since I lost a lot of money trying to make it work, it would be cool to get at least some of them back... best of luck". Altogether, the would-be attacker spent around 0.7 ETH (~$1,200) on gas fees while trying to pull off the hack.
International group of law enforcement agencies shuts down ChipMixer
According to the US DOJ, ChipMixer had been used to process, among other things, proceeds of the massive March 2022 Axie Infinity hack by a North Korean cybercrime group.
US law enforcement seized two domains and a Github account tied to the organization, and German law enforcement seized ChipMixer's back-end servers and $46 million in cryptocurrency.
Phishers take advantage of fears surrounding the USDC de-peg
Holders trying to use the exchange approved transactions which they didn't realize allowed the phishers to drain their ETH. So far, the scammers have stolen around 74 ETH ($130,500).
Over $35 million lost as contagion from Euler hack spreads throughout defi
Around $11.9 million of tokens were sent from the Balancer defi liqiuidity project to Euler during the attack, prompting Balancer to pause the project.
The Angle Protocol decentralized stablecoin project also disclosed that almost half of the total value locked in the project — around $17.6 million in the USDC stablecoin — were sent to Euler during the hack.
Meta pulls the plug on NFTs
Mark Zuckerberg had once talked about eventually using NFTs for Meta's metaverse projects, suggesting that eventually "the clothing that your avatar is wearing in the metaverse, you know, [could] be basically minted as an NFT and you can take it between your different places". It sounds like that plan may no longer be on the table now.
Euler Finance exploited for almost $200 million
Euler announced that they were aware of the exploit, and were "working with security professionals and law enforcement".
On April 3, Euler Finance announced that they had completed successful negotiations, and that "all of the recoverable funds taken from the Euler protocol on March 13th have now been successfully returned by the exploiter". Unfortunately, based on on-chain transfers, this appeared to only be around $31 million.
Regulators shut down crypto-friendly Signature Bank
A joint statement from federal regulators announced that "All depositors of this institution will be made whole... no losses will be borne by the taxpayer. Shareholders and certain unsecured debtholders will not be protected. Senior management has also been removed."
The shutdown of Signature and the collapse of Silvergate leave many companies in the crypto industry without much access to the US banking system.
PeopleDAO loses $120,000 after payment spreadsheet is shared publicly
When team leads reviewed the spreadsheet to sign off on the payments, they didn't see the row, and there was no rollup showing total payments or anything else that would've helped them catch the malicious activity. The transactions were uploaded to a tool allowing asset transfers via CSV, and the required six out of nine multisig members approved the transaction.
PeopleDAO have reported that they're working with various security researchers to track the funds, and have reported the theft to the FBI and FTC.
USDC loses peg to the dollar
That evening, Coinbase announced they would be pausing USDC redemptions for dollars until the following Monday, claiming it was only because in times of high volume, they needed to process transfers via the traditional banking system. Despite their stated reason, this deepened fears about the stability of USDC, which is supported in part by Coinbase.
The price of USDC began to wobble on smaller, less liquid exchanges like Gemini and Kraken before the issue was reflected more widely. However, most exchanges were showing USDC trading at prices between $0.90 and $0.98 later that night — a noticeable departure from USDC's normally fairly steady peg.
A sustained de-peg would wreak havoc on the crypto industry, where USDC is the second largest stablecoin and boasted a $43 billion market cap (at least before substantial outflows surrounding the SVB concern). Other stablecoins even have exposure to USDC, with both FRAX and DAI using USDC for significant portions of their collateral.
Someone attempting to swap ~$2 million in 3CRV token ends up with $0.05 due to apparent Kyber issue
Kyber seemed to acknowledge that the issue was on their end, tweeting that "We have been in touch with him and are investigating the issue. We will provide an update soon."
Coinbase pauses redemptions of USDC for dollars
On the evening of the tenth, Coinbase announced that they would be "temporarily pausing USDC:USD conversions over the weekend while banks are closed," stating that "during periods of heightened activity, conversions rely on USD transfers from the banks that clear during normal banking hours".
"Your assets remain safe & available for on-chain sends," they said: cold comfort for those who are afraid their USDC may not be worth $1 come Monday.
Coinbase is one of the firms behind USDC, and its decision to stop processing redemptions is likely to add to the concern over the stablecoin's... stability.
Bankrupt BlockFi has at least $227 million at collapsed Silicon Valley Bank
The US Trustee reportedly warned BlockFi counsel on March 6 that the company needed to "immediately take steps to safeguard these funds in compliance with" the depository agreement, because a MMMF was not in compliance. BlockFi responded that the account was FDIC insured (up to the FDIC's $250,000 limit), but the Trustee maintains that that is not accurate.
- "BlockFi has $227 million in uninsured funds in Silicon Valley Bank", The Block
- Motion, In re: BlockFi
Silicon Valley Bank collapse causes crypto contagion concerns
SVB was also the preferred bank for various giants in the crypto VC world, including Andreessen Horowitz and Sequoia Capital. Pantera Capital also used SVB as a custodian.
Huobi Token flash crashes by 90%
Sun also announced that he had transferred $100 million to Huobi to provide more liquidity. He also announced that "Huobi will bear all leverage-through position losses on the platform resulted from this market volatility event of HT."
Although the token recovered quickly, the flash crash sparked rumors that Huobi was insolvent.
Blockchain.com shutters asset management arm
New York Attorney General sues KuCoin, claims ETH is a security
The NYAG took the additional step of alleging that ETH is a security. Many have argued that Bitcoin and ETH, the native token of Ethereum, are not securities because they are "sufficiently decentralized". The NYAG, however, wrote in the press release announcing the lawsuit that, "This action is one of the first times a regulator is claiming in court that ETH, one of the largest cryptocurrencies available, is a security. The petition argues that ETH, just like LUNA and UST, is a speculative asset that relies on the efforts of third-party developers in order to provide profit to the holders of ETH."
The NYAG is also going after KuCoin for offering a lending and staking product, a category of product that has recently been a focus of various enforcement actions. They claim that KuCoin did not comply with a subpoena.
Hedera Network halts access after exploit
Hedera has not disclosed how much had been stolen. Total value locked (TVL) on the network dropped 33% from $36.1 million to $24.6 million.
Some balked at Hedera's ability to simply turn off user access to the network, despite claiming to be a decentralized project.
Turkish electric vehicle company Togg announces presale via NFT, then scraps the plan after customers have already bought in
However, shortly after the NFT sales began, the platform crashed. Then, very soon after the sale began and Togg began addressing the issues with the platform, a series of earthquakes devastated portions of Turkey. As a result, Togg announced they would be postponing the sale until a later announcement.
On March 8, Togg announced that they had canceled their plans to conduct the pre-order process by NFT drawing, and that any NFT holders would not be prioritized in the pre-order.
This infuriated some customers who had purchased AVAX solely intending to use it to obtain a pre-order slot — particularly because AVAX is now priced below $15, meaning those who've been holding AVAX since purchasing it have lost 25%.
- "Togg to sell pre-order rights with NFTs", Hurriyet Daily News
- Tweet by Togg
Gemini reportedly loses banking with JPMorgan
It's hard to say why JPMorgan might have severed ties with Gemini — it could be related to recent statements from regulatory agencies frowning on banks taking crypto companies as clients, although Coinbase noted that it continues to have an active banking relationship with JPMorgan.
JPMorgan is not Gemini's only banking partner, so despite the blow to Gemini, this will not cut them off from banking.
Silvergate bank collapses
Silvergate's collapse may worsen crypto's already tenuous relationship with US banks. Silvergate was one of the few "crypto-friendly" banks, and the clients it previously served — among them, Crypto.com, Bitstamp, and Paxos — may face challenges finding a reliable replacement.
- "Silvergate has collapsed", The Verge
- "Crypto Bank Silvergate Capital Says It Will Shut Down; Stock Plummets", The Wall Street Journal
Lido token price tanks after podcaster spreads inaccurate rumor of Wells notice
Hoffman later retracted the statement in a long tweet and apologized, and the LDO price recovered somewhat, though not to its initial level. However, he continued to claim that "there is at least one confirmed Wells Notice that has gone out recently, that isn't known to the public", but wrote that "the idea of a mass recent carpet bomb isn't correct".
WSJ alleges Tether, Bitfinex, and related companies used falsified documents to obtain banking
Among other allegations, the WSJ outlined how Tether was repeatedly denied accounts at New York's Signature Bank, and so ultimately got an executive at an aviation fuel broker called AML Global to open an account that appeared to be used to fraudulently process transactions on behalf of Tether and Bitfinex.
Tether is the largest stablecoin in circulation, though its entire existence has been marred by questions around its legitimacy and the status of its claimed reserves.
Silvergate crypto-focused bank faces crisis
On March 1, Silvergate revealed that they would miss the deadline to file their annual report with the SEC, which they blamed on regulatory inquiries. They also revealed even more losses, which added to the massive $887 million in losses they experienced in Q4 2022. They also disclosed that they were having to evaluate whether the bank was going to be able to survive.
Silvergate's stock plunged on the news, worsening its already marked decline in price over 2022–23. Some crypto firms began distancing themselves from the bank, as well: Coinbase announced on March 2 that they would no longer be transacting with Silvergate "in light of recent developments and out of an abundance of caution". Galaxy Digital, Paxos, CBOE, Gemini, Crypto.com, and Bitstamp also announced they would cease transfers to and from Silvergate, and Circle announced they would be "unwinding certain services with them".
Developers accuse Binance of stealing their hackathon idea after Binance launches similar AI NFT product
Shortly after its launch, a group of developers accused Binance of stealing an idea they had presented at a December 2022 BNB Chain hackathon. Those developers had been awarded first place and $5,000 for "Chatcasso", a nearly identical tool.
Binance has refuted the allegations of theft, with a spokesperson acknowledging the "similarities" but claiming that "Bicasso was designed and developed independently more than two weeks before the BNB hackathon".
"It's disheartening to see a company that claims to support innovation and development steal from the very people who are working hard to build the ecosystem. Who would feel safe entering a hackathon? I don't." wrote one of the developers from the team. The developer also stated that they had not signed any contracts that would have assigned the rights to their work to the company, as is the case in some hackathons.
BitBNS discloses that they were hacked in February 2022, hid it as "system maintenance"
After zachxbt's investigation, BitBNS admitted that they had hidden the hack from customers. "Law enforcement advised us that the users should be educated about the incident only after the investigation is completed or reaches a dead end," said BitBNS CEO Guarav Dahake, who also said that some funds were ultimately recovered thanks to law enforcement and cooperation from other exchanges.
FTX co-founder Nishad Singh pleads guilty, agrees to co-operate against SBF
In direct messages to a Vox journalist in November 2022, shortly after the FTX bankruptcy, Bankman-Fried wrote that Singh had left, and that he was feeling "ashamed and guilty" because customer deposits were missing.
According to bankruptcy filings, Singh had received a $543 million loan from Alameda Research. Some of this may have gone towards illegal political donations, which Singh admitted in court to making, saying they were intended to bolster Bankman-Fried's and FTX's influence among politicians.
- "FTX Co-Founder Nishad Singh Pleads Guilty to Fraud Charges", The Wall Street Journal
- "FTX's Singh pleads guilty to six U.S. fraud, conspiracy charges", Reuters
Two BNB-based projects attacked for around $700,000 each
Later, 80% of funds in the liquidity pool for the defi project LaunchZone were suddenly drained, tanking the LZ token price over 80% to $0.026 from its previous price of around $0.15. The stolen funds were priced at around $700,000.
Some questioned if LaunchZone had rug-pulled. However, the project claimed that "$LZ is being hacked from [Dungeonswap] exploiter" and urged its users to "please keep calm". They also announced that they had paused trading and transfers of the LZ token.
Large Algorand holders have wallets drained
John Woods, the CTO of the Algorand Foundation, acknowledged the spate of hacks, writing, "I agree that there's too many of these hacks to be a coincidence". However, he stated that he was confident it was not an issue with Algorand itself. The Algorand wallet provider MyAlgo subsequently urged users to withdraw funds from wallets that use mnemonic phrases for recovery, suggesting that there may have been an issue with their software.
hideyoapes suffers $200,000 wallet drain
The thief sold all the NFTs and then transferred the proceeds from the sales to their own wallet. Altogether they made off with 127.3 wETH (~$208,000).
On Twitter, hideyoapes explained that they had downloaded and installed the MetaMask wallet extension from MetaMask's official website. "I didn’t think anything of it because it was the legit site and verified chrome app. While I was sleeping all my assets were sold," they wrote. At this point, it's not clear how exactly the hack was perpetrated.
Solana tries turning it off and on again (twice)
One "coordinated restart" apparently wasn't enough, because a second one followed later that day. Developers reportedly didn't know why the blockchain suddenly began to slow, though it followed shortly after validators began adopting a new version of Solana code, pointing to a possible culprit in the new release. The new version had reportedly operated for six months on the testnet before it began to be deployed.
Other theories were also considered, as reported by CoinDesk: "One leading theory was that a 'fat block' gunked up the blockchain's mechanics."
The outage is reminiscent of the ones that plagued the network through 2022, leading some to question whether it could be suitable for replacing critical infrastructure.
Per a court order, Oasis rewrites the rules for Jump Crypto to recover stolen assets
This decision was what allowed Jump Crypto to obtain a court order requiring the Oasis platform to "upgrade" a smart contract in such a way that Jump Crypto could remove stolen funds from where the hacker had placed them on the Oasis protocol. Oasis released a defensive statement, writing that their cooperation in the recovery was "only possible due to a previously unknown vulnerability in the design of the admin multisig access", and that "we will be making no further comment at this time". Oasis is a frontend for the MakerDAO project, which was originally started as part of MakerDAO but later spun into a separate entity, though it still appears to enjoy preferred status by MakerDAO.
The stolen funds in question were the proceeds of the February 2022 Wormhole bridge exploit, in which attackers stole 120,000 wETH (then ~$326 million; now $192 million). After the hack, Wormhole's parent company Jump Crypto plugged the hole left by the hack with their own funds. Since then, the attackers have been moving the funds throughout the cryptocurrency ecosystem, even taking out a highly-leveraged position on in Lido-staked Ether last month.
Ultimately, Jump was able to recover around $140 million via their "counter-exploit". While many celebrated the recovery, some were concerned about the precedent of a so-called defi platform changing a smart contract to remove funds from a wallet at the direction of a court. Some described the upgradability as a "backdoor". "If they'd do it for Jump, what does that say about possible coercion via state actors?" wrote one trader on Twitter.
Metroverse blockchain game implodes
Ultimately, the project delivered a game that was a far cry from Sim City, and which only a small subset of players designated as "leaders" could even play. As interest in NFTs and crypto prices began to fall, the community became increasingly dissatisfied with the project creators, who they felt had delivered a subpar game, engaged in an additional cashgrab mint, and took actions like performing a reverse-split of the token which they believed harmed secondary market prices.
Tensions emerged between the project team and the community, with the project team dismissing all criticism as "FUD" and accusing their community members of "sabotage", and community members accusing the project team of rug-pulling and failing to listen to feedback. The team shut down the project Discord, claiming that the community was only making it harder for them to do what they had promised to do, and saying that the attacks were damaging to their mental health. The team promised to complete the last item on the roadmap, but stated that they would not be continuing to develop the project or add additional roadmap items due to the current NFT markets and the "non-stop attacks from the community".
Very shortly after closing the Discord, the project team changed their mind and announced that they would be closing the project entirely. They announced that the upcoming battle would be the last available to play, but that they would be airdropping tokens to players as promised in the last item on the roadmap, and open-sourcing the code. Multiple project team members deleted their social media, and project AMAs were wiped from the Metroverse YouTube channel.
These gestures were far from enough to satisfy an angry community, some of whom threatened to dox the anonymous team behind the game or take legal action against the founders. The team themselves fired back with legal threats, contacting community members to tell them that they believed their conversations on a separate Discord server involved illegal activities that are "not only morally reprehensible but may also constitute serious criminal offenses".
Some community members claimed to have spent tens of thousands of dollars on the project. "I spen[t] like 25 eth at 3k" wrote one. "I spen[t] 250k" shared another.
- Community notice from Metroverse
- Metroverse Fireside/AMA - Jan. 2023, YouTube
- Tweet by Metroverse
Crypto investment scheme with links to UK Parliament vanishes
The firm built credibility by sponsoring an APPG — all-party parliamentary group — and its co-founder, Luke Sullivan, was active as a speaker for parliamentary groups and events hosted by MPs. The firm promoted itself based on these ties to the UK government, including by publishing a blog post about how they "brought the Metaverse to the Palace of Westminster".
Some investors say they have lost more than $100,000 each. One such investor is Alan Rogers, a former Premier League footballer who sunk around $50,000 into the rather Ponzi-looking scheme.
Sam Bankman-Fried indicted on four new charges in criminal case
The new indictment includes additional information about Bankman-Fried's alleged fraud. The indictment details SBF's attempts to circumvent due diligence by US banks by creating a fake company called North Dimension. Via North Dimension, SBF diverted funds to FTX, which was unable to get a bank account.
Bankman-Fried has entered a not guilty plea to the original eight charges, but has not yet entered a plea for the additional four.
These criminal charges add to securities fraud and other civil charges from the SEC, as well as civil charges out of the CFTC. Both civil cases have been stayed pending the outcome of the criminal case.
- Indictment, US. v. Sam Bankman-Fried
WazirX closes NFT marketplace after processing $112 in trades over a month
Many users of WazirX were angry, accusing the company of "abandoning the community".
Canadian regulators tighten rules for crypto exchanges
Platforms are expected to provide the pre-registration undertaking while working toward registration with Canadian regulators. Companies who don't comply with the new pre-registration requirements will have to close Canadian accounts and prohibit Canadian users from accessing their services.
Friendsies NFT project rug pulls
After partnering with the renowned auction house Christies to sell nine early-access mint passes, the NFTs were launched in April 2022. Each one started minting at 3.33 ETH in a Dutch auction, which at the time was around $12,000. Now, the NFTs have been selling for around 0.01 ETH (~$17).
The project's social media accounts went dormant late in 2022. On February 21, 2023, the project announced that "As the project founders, we have decided that it would be best to put a pause on Friendsies and all future digital goods for the time being... However the volatility and challenges of the market have made it very difficult to move this project forward in a way we can be proud of. For now, we have decided that it's best to allow the space to further mature." Some who asked questions like "So no AI friendsies as promised in your roadmap? What's going on?" found themselves blocked, and shortly afterwards the project deleted its Twitter account.
After being called out by crypto sleuth zachxbt for rug-pulling, the Twitter account returned to insist that they were not rug-pulling, and that "we were overwhelmed with hate and threats". Some Friendsies holders also blamed crypto influencers who had promoted the project near the beginning.
Galois Capital shuts down after losing half their money in FTX
Galois also sold its claim on FTX to a distressed buyer for around $0.16 on the dollar.