MoonPay executives pocketed $150 million raised from Series A

According to a report from The Information, MoonPay executives including CEO Ivan Soto-Wright pocketed $150 million from their $555 million Series A funding round completed in November 2021. MoonPay is a crypto payments platform known for its NFT "concierge" service popular among celebrities, and for the various allegations of undisclosed promotion leveled against it related to some of those celebrity deals.

According to The Information, MoonPay never disclosed that $150 million of the Series A funding was used to purchase shares from insiders including Soto-Wright, and never went to the company. Several weeks after the funding round, Soto-Wright purchased a $38 million Miami mansion.

Bybit exits Canada

The cryptocurrency exchange Bybit announced that they would be exiting Canada. The company cited "recent regulatory development" in the country for their decision to stop offering services to Canadian customers.

In June 2022, Bybit settled a complaint from the Ontario Securities Commission for operating an unregistered platform and offering unregistered securities to Ontarian investors. The company disgorged CA$2.5 million (US$1.9 million) as result. At the time, the OSC stated that Bybit was working to come into compliance with the OSC's requirements.

Apparent whitehat exploits El Dorado Exchange, claiming developers built in a backdoor to steal user funds

The new Arbitrum-based El Dorado Exchange (EDE) was exploited for around $580,000. In an interesting twist, the attacker claimed to be a whitehat who was exposing that the developers had "implemented a backdoor that allowed them to force liquidate any position they desired. This activity involved intentionally signing incorrect prices to manipulate users' positions and steal their funds".

The attacker promised to return all funds, minus a 10% "white hat fee", if the developers "admit to manipulating the prices", and also offered to disclose other vulnerabilities they claimed to have found in the project.

The project founders wrote in response: "Yes we acknowledge making an ill-advised decision to manipulate the price. However our intention was to blacklist those who had previously exploited the system, fully aware that all transactions are recorded on the blockchain. We did not aim to misappropriate users funds as this would leave a traceable record. We will promptly remove the problematic bomb contract."

The exploiter began returning funds shortly afterwards.

BKEX crypto exchange halts withdrawals due to money laundering investigation

The BKEX crypto exchange announced on May 29 that they would be suspending withdrawals, claiming it was related to a police investigation. "Recently, the platform users' funds were involved in 'money laundering' and BKEX is currently cooperating with the police to collect evidence, for which we will suspend withdrawals to cooperate with the work", they wrote in an announcement on their website.

The exchange offered no estimate of when withdrawals might be re-enabled.

Jimbos Protocol exploited for $7.5 million

Three days after the launch of its v2 protocol, the Arbitrum-based Jimbos Protocol was exploited for 4,090 ETH (~$7.5 million). The project had not properly controlled for slippage, which enabled an attacker to use a flash loan to manipulate the trading pairs on the project. The attacker then bridged the stolen funds to the Ethereum chain.

After the attack, Jimbos Protocol tweeted "We are aware of the exploit regarding our protocol and are actively in contact with law enforcement and security professionals. We will release further information when possible." They also sent an on-chain message to the exploiter, offering to stop all investigations if the hacker returns 90% of the stolen funds.

Nigerian crypto trading app Patricia suffers multimillion dollar theft, freezes withdrawals

Patricia, a retail cryptocurrency trading app in Nigeria, froze withdrawals after revealing that they had suffered a ₦2 billion hack. According to the outlet TechCabal, despite announcing the hack in May 2023, the incident actually occurred in January 2022, but Patricia had managed to hide it up until that point.

The stolen ₦2 billion would have been worth around US$4.8 million based on the value of the Naira at the time of the theft.

Malfunctioning bot costs Poo Finance token hunters $440,000

Some traders hoping to snipe new tokens launched by Poo Finance (yes, really) decided to try to use a MEV bot to snag priority ordering compared to other pending blockchain transactions. They spent a combined 240 ETH (~$440,000) to be spent on the tokens and on bribes paid to the bot. However, the bot sent the tokens to the wrong Uniswap pool, ultimately obtaining only 4 ETH (~$7,300) of Poo Finance tokens.

Coinone employees "admit to facts" in case regarding token listing bribes

A lawyer for a broker and the former director of the South Korean cryptocurrency exchange Coinone have told a court that their clients "admit the facts of the prosecution". The director, "Mr. Jeon", is accused of accepting more than ₩2 billion (~$1.5 million) in bribes in exchange for listing shady tokens on the exchange. In one case, the exchange was the only platform to list a token called "Furiever Coin", which has been linked to a kidnapping and murder investigation in Seoul.

Four executives were arrested in connection to the investigation in April, under suspicion that they had received ₩2.4 billion (~$2.2 million) in bribes in exchange for listing dozens of coins.

Coinone is one of the most popular South Korean cryptocurrency exchanges. In July 2022, it was among the seven exchanges raided by Korean authorities in the wake of the Terra/Luna collapse, as the country began applying harsher scrutiny to crypto platforms.

Crypto payments firm Unbanked to shut down

The US-based crypto payments and custody platform Unbanked announced in a blog post that they will be shutting down services. The company was founded in 2018, and claimed they wanted to provide regulated, on-shore services to US-based companies hoping to engage with crypto. As is common with blockchain company shutdowns these days, they blamed US regulators. Referring to their choice to build the company in the US, they wrote: "We unfortunately learned... taking this path lead [sic] to a lot of wasted time and excessive costs. To state it bluntly, US regulators are actively trying to stop companies (banks and fintechs) from supporting crypto assets – even when the companies are trying to do it correctly and by the book. Their efforts are working and ultimately limited Unbanked’s ability to raise capital and run a self-sustaining business."

However, Unbanked also let on that their closure was more related to an investment falling through than to any regulatory issues. The company wrote that a $5 million investment was never delivered, and that the company had "exhausted all options" funding-wise.

DCG shutters TradeBlock subsidiary

Digital Currency Group, the parent company of several companies in the crypto industry including Genesis, Grayscale Investments, and CoinDesk, announced that it will be shuttering TradeBlock, its trade execution and prime brokerage services unit. The company cited the typical reasons: "crypto winter" and "the challenging regulatory environment for digital assets in the U.S."

The decision comes amidst broader troubles for DCG, which is embroiled in the bankruptcy proceedings of its Genesis subsidiary. Earlier in May, DCG missed a $630 million payment to Genesis.

Hackers steal around $170,000 after compromising Steve Aoki's Twitter account

Headshot of Steve AokiSteve Aoki (attribution)
Twitter account compromises remain a lucrative way to scam crypto enthusiasts. Someone was able to compromise the Twitter account belonging to electronic musician and crypto enthusiast Steve Aoki, posting a fake link to his NFT project that drained unsuspecting traders' wallets.

The scam was helped along by ben.eth, a Twitter personality who retweeted one of the tweets by the compromised account in which Aoki appeared to endorse a token created by ben.eth. According to crypto sleuth zachxbt, multiple followers of ben.eth were impacted by his retweet, which zachxbt characterized as "quote tweet[ing] a phishing scam posted by the compromised @steveaoki account for clout". Ben.eth ultimately promised to reimburse his fans who lost money thanks to his tweets.

Transactions stuck on Multichain blockchain bridge due to "force majeure"

The Multichain blockchain bridge, formerly known as Anyswap, encountered an apparent issue as users' funds were delayed for over 24 hours in getting to their destination. Some reported delays since as far back as May 21. The delay was blamed on a backend upgrade "taking longer than expected". Multichain later tweeted that "some of the cross-chain routes are unavailable due to force majeure, and the time for service to resume is unknown". They also announced that they would compensate affected users.

Meanwhile, rumors swirled that the Multichain team had been arrested by Chinese police, though there doesn't seem to be much corroborating evidence of this.

The issues and the rumors sparked a drop in token price of around 30%. Several large parties also appeared to distance themselves from the project and its token, including the Fantom Foundation, which withdrew 449,740 MULTI (~$2.4 million) in liquidity on SushiSwap.

On May 31, Multichain issued a statement that "we are currently unable to contact CEO Zhaojun and obtain the necessary server access for maintenance", and wrote that even more bridges were being impacted by the same issues as in the previous week.

Morgan DF Fintoch likely exit scams for around $31 million

A Ponzi scheme called Morgan DF Fintoch lured consumers by claiming to be owned by the American banking giant Morgan Stanley. Morgan Stanley themselves warned of the scheme, writing that it was an impersonator, and that any claims of affiliation were false. The government of Singapore also issued a warning about the firm in early May. The company advertised a wallet which they claimed would "pay 1% per day,36% 30 Days and 100% in 63 days".

On May 23, crypto sleuth zachxbt tweeted that the project appeared to have executed their exit scam, bridging around 31.6 million Tether to various addresses. Platform users began to report that they could not withdraw funds.

Brand new $CS token exploited for almost $700,000

An attacker exploited the brand new $CS token for almost $700,000 using a flash loan exploit. They then swapped the funds into around 383 ETH ($689,400) and laundered them through Tornado Cash.

Tornado Cash DAO suffers hostile takeover

A proposal ostensibly to penalize cheating network participants in the Tornado Cash crypto tumbler project successfully passed by DAO vote. However, the proposer had added an extra function, which they subsequently used to obtain 1.2 million votes. Now that they have more than the ~700,000 legitimate Tornado Cash votes, they have full control of the project.

The attacker has already drained locked votes and sold some of the $TORN tokens, which are governance tokens that both entitle the holder to a vote but also were being traded for $5–$7 around the time of the attack. The attacker has since tumbled 360 ETH (~$655,300) through Tornado Cash to obscure its final destination. Meanwhile, $TORN plummeted in value more than 30% as the attacker dumped the tokens.

The attacker now has full control over the DAO, which according to crypto security researcher Sam Sun grants them the ability to withdraw all of the locked votes (as they did), drain all of the tokens in the governance contract, and "brick" (make permanently non-functional) the router.

Croatian cryptocurrency investment company BitLucky reportedly collapses; more than $75 million allegedly missing

Croatian company BitLucky told its customers that it would invest their money in cryptocurrencies, promising 5–25% monthly profits. However, its director Luka Burazer wrote an email to clients on May 19, explaining: "Dear clients, with a series of bad trades and decisions, unfortunately, I have brought the state of the company into a crisis situation. We will have more information in the following days". He and the company co-founder have since gone dark, turning off their cell phones, not replying to emails, and deleting their social media presence. According to Croatian news outlet Jutarnji list, a secretary for the company reached on the phone explained, "the director went crazy and spent all the money". The losses allegedly involve crypto assets notionally worth €70 million (~$75.7 million), and affect at least 700 individuals.

Some have expressed the opinion that BitLucky was a Ponzi scheme all along, given the unreasonable promises of 5–25% monthly returns. The editor of a crypto news outlet also expressed that "there was a 'line of [red] flags'", including that Burazer never wanted to appear in the media or have his picture shown online.

WDZD Swap exploited for $1.1 million

On May 19, an attacker successfully exploited the BNB Chain-based defi project WDZD Swap, making off with 609 Binance-Pegged ETH (~$1.1 million). The attack was apparently executed by a known exploiter, who had also previously exploited a project called Swap X.

Around $110 million "stuck" in Aave protocol on Polygon due to a bug that can't be fixed for a week

Recently, the Aave protocol deployed a contract upgrade on the Polygon version of their v2 project that was not compatible with Polygon. The bug has resulted in around $110 million of funds in wETH, wBTC, USDT, and wMATIC being "stuck", meaning users can't perform any actions involving those funds.

The funds are not at risk, but it will take at least a week before the funds are unstuck because any code change requires a DAO vote. "Considering governance times, if approved, the fix will be applied in approximately 7 days from now: 1 day of delay to start voting, 3 days of voting, 1 day of timelock on Ethereum, and 2 extra days of timelock on Polygon," explained a post by Bored Ghost Developing, a contributor to Aave.

Phishing-as-a-service company "Inferno Drainer" steals assets nominally worth $5.9 million in three months

A scam-as-a-service company identified by ScamSniffer and dubbed "Inferno Drainer" has stolen assets nominally worth around $5.9 million since mid-February. The vendor sells phishing scam software that is then used by phishers to target victims, who believe that they are interacting with an established crypto project. Inferno Drainer takes 20–30% of the stolen funds as "payment" for the scam software.

One Inferno Drainer victim lost assets worth around $417,000. They later sent an on-chain message to the thief, writing: "you are ruining my life and for me this money was a lifetime's work, I won't have enough my family..." They asked the attacker to return 50% of the funds stolen from them, offering to not report the scammer to Interpol and other authorities in return, and even offering to "sign a contract allowing you to use legally the stolen crypto".

Grumpy Cat trademark owner sends cease and desist via NFT over unauthorized "Grumpy Cat Coin"

A Grumpy Cat Coin memecoin emerged in May, with a website using illustrations of the late real-life Grumpy Cat to promote the coin. Crypto influencers, including the "SlumDoge Millionaire", jumped on board to promote the token. (The "SlumDoge Millionaire" is Glauber Contessoto, a person who briefly became a paper millionaire from, as he claims, emptying his bank account, selling all his stocks, and maxing out credit cards to buy 5 million Dogecoin during the 2021 crypto frenzy. His holdings spiked to over $1 million in value, but he didn't cash out; they are now priced at around $365,000.)

However, Grumpy Cat's owner owns trademarks associated with Grumpy Cat, and it seems she has become aware of the coin. On May 18, she minted an NFT and transferred it to the Grumpy Cat Coin deployer address. The NFT image is a copy of a cease and desist letter representing Grumpy Cat Limited. The letter describes the coin offering as a "blatant and willful infringement of our client's trademark rights", and insists that the coin creators stop all activities related to the coin offering or face legal action. The letter also mentioned that the URL of the project website — grumpycat.fyi — was a violation of the Anti-Cybersquatting Consumer Protection Act. The project subsequently changed its domain to gccoin.fyi in an apparent effort to avoid this issue.

Simultaneously, a message addressed to holders of the Grumpy Cat Coin was posted to Grumpy Cat's Twitter account, describing the token as a "desperate, sad attempt to scam unwitting traders" by "SlumDoge Millionaire and their cohorts".

Coin Cafe to pay $4.3 million restitution after instituting high fees without informing customers

Cryptocurrency trading platform Coin Cafe will pay $4.3 million in restitution to customers who were charged high fees after signing up for a "free" crypto custody service. The firm instituted fees for its wallet service in September 2020, but never informed customers. They also increased the fees four times without informing their users. At one point, they charged 7.99% of the account balance or $99, whichever was greater, per month if a user did not transact that month. This resulted in some investors being charged fees equal to 96% of their holdings. One investor was charged more than $51,000 in fees in 13 months; another was charged $10,000 in a single month.

The New York Attorney General found that Coin Cafe's misleading fee structure was still in effect even after the company obtained a BitLicense from the Department of Financial Services.

Swaprum decentralized exchange rug pulls for almost $3 million

Decentralized exchange Swaprum, a project on the Arbitrum layer-2 network, suddenly disappeared with around 1,628 ETH (~$2.96 million) in an apparent rug pull. The thieves then mixed the money through Tornado Cash.

The project had been audited by blockchain security firm CertiK, and displayed the "audited by CertiK" badge on their website. This added to criticisms of CertiK, who have come under fire for auditing multiple projects that later turned out to be scams. CertiK defended themselves, writing that, "As an auditor, we cannot force projects to implement our recommendations, but we can clearly and publicly call out vulnerabilities where we find them". They argued that they had identified vulnerabilities within their audit that ultimately allowed for the exploit, including the high degree of centralization and the upgradability of the smart contracts.

Sam Altman's Worldcoin project incentivizes a black market for biometric data taken from people in developing nations

"Show me the incentive and I will show you the outcome."

Sam Altman's Worldcoin project, a dystopian effort to use chrome orbs to scan the irises of people (often in developing nations) in exchange for vague promises of crypto compensation, is encountering even more difficulties. In April 2022, BuzzFeed News and MIT Technology Review both published in-depth reporting on some of the technical and ethical issues the project has run up against.

Now, the project is facing reports that people in China, who are not allowed to sign up legitimately, have been purchasing iris scans from individuals in Africa and Southeast Asia in order to circumvent the restriction. According to the news outlet BlockBeats, Chinese individuals have been engaging in "eyeball speculation": buying biometric data scanned en masse from villagers in Cambodia, Kenya, and elsewhere by people who then sell it for $30 or less, allowing the buyer to receive the associated Worldcoin payout (currently ~$20).

Worldcoin has said they are rolling out various measures to try to discourage this activity, including changing the in-person sign-up process. However, the project acknowledged that they have not figured out how to prevent this, writing: "Despite these precautions, it is important to acknowledge that they do not entirely safeguard against collusion or other attempts to bypass the one-person-one-proof principle. To address these challenges, innovative ideas in mechanism design and the attribution of social relationships will be necessary."

Former Fabric CFO accused of siphoning $35 million into his crypto startup and losing it all

Black and white headshot of Nevin ShettyNevin Shetty (attribution)
Nevin Shetty, the former chief financial officer of the Fabric e-commerce platform, was federally indicted for wire fraud after allegedly misappropriating $35 million from Fabric to put into his cryptocurrency platform HighTower. Shetty stole the money in April 2022, shortly after being told he would be fired from Fabric for performance reasons.

According to the grand jury indictment, Shetty planned to put the funds into cryptocurrency positions that "could have yielded returns of 20 percent or more annually", and planned to return 6% to Fabric, keeping the difference. This so-called "investment" contradicted the conservative investment strategy that Shetty had helped to draft for Fabric, and he concealed both the existence of the transfer and his involvement with HighTower.

Shetty "lost virtually all of [Fabric's] money" "within a matter of weeks", at which point he fessed up to Fabric. Shetty had placed all of the funds into protocols based around the Terra stablecoin, which collapsed dramatically only a month later.

Shetty has pled not guilty, and has been released on bond.

Traders lose more than $15 million to phishing website impersonating crypto exchange HitBTC

Blockchain security firm SlowMist has reported that a phishing website appearing to be the real cryptocurrency exchange HitBTC has stolen more than $15 million worth of Bitcoin, Tether, and Ether from users believing it to be the real thing. Users who didn't notice they were accessing a site with the URL hitbt2c.lol instead of hitbtc.com approved transactions to swap their crypto assets, only to find the site drained their wallets.

South Korean legislator Kim Nam-kuk resigns over allegations of improper crypto dealings

Photograph of Kim Nam-kukKim Nam-kuk (attribution)
South Korean lawmaker Kim Nam-kuk has resigned over a cryptocurrency scandal. On May 8, 2023, The Korea Times reported that Kim cashed out around 800,000 Wemix tokens priced at around ₩6 billion (~$4.5 million) in previously unreported cryptocurrency assets shortly before Korea's March 2022 imposition of the travel rule, which requires disclosures around the identities of those involved in large crypto transactions. Kim denied the allegations, claiming he had simply moved the assets to another exchange. Other legislators and citizens expressed shock at Kim's apparent crypto wealth, as he had portrayed himself as someone who was not affluent.

Other concerns arose regarding the discovery of the assets. Some were worried about possible conflicts of interest, particularly in relation to Kim's 2021 proposal of a bill that would delay taxation of crypto profits. Others were worried about the source of the funds used by Kim for crypto trading; Kim claims he did not receive money from anyone to use for trading, and obtained the money through the sale of stocks.

On May 10, the Democratic Party recommended Kim sell his crypto holdings, and launched an investigation. Kim said later that day that he would perform the sales, and "transparently disclose data to the investigation team and undergo the inquiry faithfully".

On May 14, Kim resigned from the Democratic Party "for a while", continuing to deny the allegations but expressing wishes to not burden the party and its members over the controversy.

The subsequent day, Korean authorities raided the offices of Korean crypto exchanges Bithumb and Upbit in connection to the scandal, seeking transaction records and other information. Kim was reported to use those services for his crypto wallets.

a16z-backed Mecha Fight Club NFT robot cockfighting game put on ice as maker pivots to AI

A robotic chicken with a white and blue chassisMechaFightClub #6185 "Jacques Strap" (attribution)
A year ago, Andreessen Horowitz general partner Arianna Simpson wrote about the firm's investment into Irreverent Labs. Simpson had joined their first $5 million funding round, and Andreessen Horowitz led their $40 million Series A. The company had yet to produce any product, but successfully pitched Simpson on what she described as "some sort of chicken game".

Now, the company has announced that the project will be paused "for the indefinite future", blaming "lack of clarity" and "regulatory confusion" in the United States. The company simultaneously announced "SOL 4 Cocks", in which they will repurchase the Mecha Fight Club NFTs for 18 SOL (~$380). The NFTs had originally minted for 6.969 SOL (~$290 on mint date).

Irreverent Labs' website and social media now describe the company as an AI firm building "text to 3D and video prediction tools that facilitate the creation of AI-generated 3D content".

Fractional NFT ownership platform Tessera shuts down

If you've found yourself thinking "man, I wish I could buy a hundredth of an NFT", you now have one fewer options. Andy Chorlian, co-founder and CEO of fractional NFT platform Tessera — originally called Fractional — announced that it and its sibling company Escher will be winding down. In the announcement, he wrote that it was related to their "financial situation", and that "we wanted to make this decision while we're still in a financial position to do this responsibly".

The decision was announced only a few weeks after the US Department of Justice announced charges against a group of individuals including Chorlian. Chorlian was charged with conspiracy to commit securities price manipulation and wire fraud in connection to an alleged scheme to manipulate the market for the HYDRO crypto token. If convicted, Chorlian faces a maximum of five years in prison.

Citing regulatory concerns, Bakkt delists 25 of 36 crypto tokens on newly acquired Apex Crypto

The American corporation Bakkt recently acquired Apex Crypto, a Chicago-based crypto trading service. Bakkt shares a majority owner with the New York Stock Exchange. Shortly after the deal closed, Bakkt delisted 70% of the tokens on the platform, including major tokens Aave (AAVE), ApeCoin (APE), Avalanche (AVAX), Chainlink (LINK), Fantom (FTM), Filecoin (FIL),[d] Maker DAO (MKR), Stellar (XLM), and others.

A spokesperson stated that the delisting was a reaction to "the most up-to-date regulatory guidance and the latest industry developments". The decision is likely related to mounting industry pressure, and statements from SEC Chair Gary Gensler that most crypto assets are securities.

Binance exits Canada

Binance announced they would be exiting Canada, "proactively withdrawing" ahead of stablecoin regulation and crypto investment limits. As is becoming a trend in the industry, crypto exchanges and other platforms appear to be finding investor protection to be fundamentally incompatible with their business model.

This is only the latest in a string of events involving regulatory pressure on Binance. In April, Binance canceled the acquisition of the bankrupt Voyager platform by its Binance.US arm, citing a "hostile and uncertain regulatory climate in the US". This move came shortly after a March lawsuit from the US CFTC against Binance and its CEO. Elsewhere, Binance closed its derivatives arm in Australia in April, citing issues with the Australian securities regulator.

Aragon DAO faces governance crisis

As the Aragon Association took steps to "progressively decentralize" their centralized project by assigning more control to the Aragon DAO, they encountered some challenges. Aragon, somewhat ironically, is a platform for creating and running DAOs that has been "stewarded" by the Aragon Association, a non-profit run by a small committee.

In June and October 2022, the Aragon DAO — that is, all holders of the $ANT token or (later) their delegates — voted on several proposals supporting a move to place the Aragon treasury under DAO control. The treasury is a pool of crypto assets currently priced at around $174 million. However, the tokens continued to remain under control of the Aragon Association.

On May 9, 2023, the Aragon Association announced that they would not be following through with the treasury change, and instead would be "repurposing the Aragon DAO into a grants program". They attributed the decision to "coordinated social engineering and 51% attack" on the DAO that began shortly after a small portion of the treasury assets were transferred.

A week before the announcement, Aragon also banned a group of token holders from the group's Discord channel. Aragon characterized the group as appearing "coordinated" and alleged the group was "engaging in harassment". They claimed the group were members of the "Risk Free Value Raiders", which they described as "a sophisticated, well-resourced, and coordinated group of actors that target crypto projects with an imbalance between the value of their token and treasury". They also accused the group and its members of coordinating governance attacks on other DAOs, including Invictus DAO and Mango Markets. Aragon wrote that they believed the RFV Raiders were aiming to "[extract] value from Aragon for financial profit" rather than pursue the DAO's goals of supporting developers building DAO infrastructure.

One of the banned members told a different story, publishing and later taking down a statement in which he claimed that they were trying to get answers to questions about why the Aragon team was so slow to enact the DAO vote. "We find these bans, failure to empower the community with treasury transfers, and overall lack of transparency to be frustrating and against the ethos of both what DAOs are meant to be and what Aragon team members have repeatedly said they stood for. However, these actions have become a common pattern for Aragon," he wrote.

On May 11, Aragon apologized for how they handled the crisis, unbanned the banned Discord members, and announced that they would "keep following a gradual [treasury] transfer approach, making sure it aligns with the mission of the project", but continued to characterize the members as attackers and reiterated that "we won’t stand for hostile and coordinated attacks".

Blockchain-based diamond tracking firm Everledger collapses

Everledger was an Australian company that hoped to use blockchains to track provenance of diamonds, other precious gems, fine wines, and other luxury goods. Things apparently didn't pan out, though, when an investor's planned funding fell through and the company was placed into voluntary administration.

Everledger had in the past raised US$37 million in funding. AUD$3 million (~US$2 million) of that funding came from the Australian government's blockchain grants program in 2021.

Bittrex files for bankruptcy

A bit over a month after Bittrex announced it was closing US operations, and less than a month after the US SEC charged the company with operating an unregistered exchange, Bittrex has filed for Chapter 11 bankruptcy protection. According to court filings, the company has assets and liabilities both within the $500 million and $1 billion range, and has more than 100,000 creditors.

Bittrex used to be a much larger presence in the US, enjoying more than 20% of US market share in 2018. It has since dropped to below 1%.

The entity that filed for bankruptcy in the US is Bittrex, Inc., which is separate from Bittrex Global. "This announcement does not impact Bittrex Global, which will continue operations as normal for its customers outside the U.S.," said a Bittrex spokesperson.

Ethereum user pays 64 ETH ($118,000) transaction fee on 84 ETH ($155,000) swap

Value:
84 ETH
$156,107.28
Transaction Fee:
64.012561122708491262 ETH
$118,962.22
Gas Price:
418,859.102002987 Gwei (0.000418859102002987 ETH)Etherscan screenshot showing transaction fee (attribution)
A recent surge in memecoin popularity has caused Ethereum transaction fees to skyrocket. One trader paid the price, eating a 64 ETH ($118,000) transaction fee just to perform a simple swap of 84 ETH to another token. Welcome to the future of finance.

Deus Finance suffers third hack

Deus Finance suffered yet another hack as around $7 million was taken from the protocol. This was not the first time the platform had been targeted, suffering a $3 million exploit in March 2022 and a $13.4 million exploit in April 2022. Then, in May 2022, Deus Finance's algorithmic stablecoin lost its intended dollar peg in the wake of the Terra collapse and never recovered.

In the most recent hack, around $7 million was stolen as attackers discovered a vulnerability in the contracts of the DEI token. Some of the attackers were apparent whitehats, who executed the exploit to safeguard the funds until they could be returned to a secure address. As of May 8, $5.5 million of the $7 million stolen had been returned.

Xirtam rug pulls

A project called Xirtam, built on the Arbitrum blockchain, raised 1,909 ETH (~$3.2 million) in several fundraising rounds in April 2023. Then, on May 4, the project rug pulled. Founders drained the funds from the project, then deposited them into Binance. This turned out to have been a huge mistake for them, as Binance was able to freeze the stolen assets.

On September 6, Binance announced that they were working to return the frozen 1,909 ETH to the people who had purchased it in the funding rounds.

WallStreetBets coin tanks 90% after insider dumps holding

WallStreetBets is a subreddit that became popular during the pandemic-fueled everyone-should-become-a-daytrader era, and is known for its memestocks and its users who often make enormously risky gambles on the stock market. The only surprise to me in this particular incident is that it took this long for them to rally around a crypto token, because it's a match made in heaven.

The WSB coin launched as an "official memecoin of r/wallstreetbets". The whitepaper explains the token allocation, saying that "It's the fairest launch memecoin you will find with no team allocation and no presale. Just a free airdrop and some coins for the community. 10% of the $WSB supply is reserved as a treasury for the r/wallstreetbets sub to do with as they please. I’m sure they will spend it wisely and definitely not waste it gambling or convincing each other to drink their own urine." Compelling!

The token launched, and quickly achieved a $50 million "market cap". However, on May 3 the token suddenly lost 90% of its value as one of the token creators, "zjz", dumped a massive quantity of the tokens allocated to the team, trading them for 334 ETH (~$635,000).

zjz has claimed that he only sold the tokens because another creator — "WSBMod" — was secretly draining the token by creating huge airdrops and then claiming them for himself. WSBMod, on the other hand, claims that zjz's actions were theft, and has threatened to involve the police and FBI.

Crypto sleuth zachxbt has since gotten involved in the fray, and along with another prominent crypto figure has joined a multi-sig wallet to try to help secure the funds' return without giving any of the creators involved in the dispute unilateral control.

Former OpenSea executive convicted of fraud and money laundering in NFT insider trading case

Nate Chastain, the former Head of Product for the popular OpenSea NFT marketplace, was convicted by a jury of fraud and money laundering for illegally profiting from his insider knowledge of which NFTs would be featured on the site. The two charges each carry a maximum sentence of twenty years in prison.

Chastain was asked to resign by OpenSea in September 2021 after a Twitter user discovered apparent evidence that he had been engaging in insider trades. He was arrested and charged with money laundering in June 2022.

Chastain unsuccessfully argued in his defense that information about which NFTs would be prominently featured on OpenSea wasn't insider knowledge, and "nobody told Nate that he couldn't use or share that information". However, prosecutors argued that attempt to use anonymous accounts to make the trades suggested that he knew what he was doing was wrong.

This case has been described as the first NFT-related insider trading case, and could set a precedent for other similar charges.

OKX suddenly drastically limits withdrawals for users who haven't completed KYC

As regulatory groups have started to pay more attention to crypto platforms, it hasn't been terribly unusual to see them tighten their identification requirements — particularly for customers engaging in high-value transactions. However, the Seychelles-based OKX exchange suddenly and without warning implemented a $5,000 total withdrawal limit for users of its crypto exchange that hadn't provided detailed identification (KYC), leaving some users who were unwilling to provide such identification with large sums of crypto assets trapped on the exchange. Previously, users who had submitted only the base level of identification were able to deposit or withdraw $50,000 per day. These users weren't notified of the change, even when they deposited funds, and only discovered the new limit when they went to withdraw or heard about it on social media.

It's not clear when precisely the change went into effect, but reports of the limitation began appearing in April 2023.

Crypto is the end of Storybook Brawl

Storybook Brawl, a card based autobattler game that was beloved by Sam Bankman-Fried, took its servers offline on May 1. The game had no connection to the crypto industry until its studio was acquired by FTX Ventures in March 2022. This was not taken well by its existing playerbase, who left a flood of negative reviews on Steam based on the developers' intentions to incorporate cryptocurrencies and NFTs. According to SBF, Storybook Brawl was going to be "the vanguard for the ethical integration of gaming and crypto transactions."

The end of FTX seems to have directly spelled the end of Storybook Brawl, which stopped announcing updates in November. However, Protos has pointed out that the game may likely be auctioned off as a part of FTX bankruptcy proceedings.

CZ smacks down Justin Sun for trying to game SUI airdrop

Justin Sun stands with his arms crossed in front of a green and blue background with the Tron logoJustin Sun (attribution)
"Binance LaunchPool are meant as air drops for our retail users, not just for a few whales," tweeted Changpeng "CZ" Zhao, the CEO of Binance, after seeing an alert showing that Justin Sun had transferred $56 million to Binance. "LaunchPool" is a process in which Binance users can farm various tokens — now including SUI — and receive rewards. "Our team told Justin, if he uses any of these to grab the LaunchPool Sui token, we will 'take action against it'. SMH." wrote CZ.

Indeed, it later turned out that Sun's team had farmed around 279,000 SUI (SUI does not yet have a reliable dollar price because it is set to launch later this month). Sun blamed the event on a TUSD market maker, writing, "Regrettably, some of our team members were not fully aware of the intended purpose for these funds and inadvertently used a portion of them to participate in exchange campaigns. Upon realizing this error, we immediately contacted the exchange team and arranged for a full refund of the funds." Those replying to his comment seemed more than a little skeptical that the incident was truly a mistake.

Level Finance exploited for ~$1.1 million

The Level Finance decentralized perpetual exchange was exploited after an attacker discovered a vulnerability in one of the project's smart contracts. They were able to drain 214,000 LVL tokens, which they swapped to 3,345 BNB ($1.1 million). The contract had been audited by Obelisk and Quantstamp, but neither firm apparently discovered the vulnerability.

The attack caused the LVL token to drop substantially in price, plunging from around $9.00 to as low as $4.20 before recovering to around $7 — a loss of 22%.

Poloniex pays $7.6 million settlement for sanctions violations

A US entity that previously controlled the Poloniex crypto exchange has agreed to pay a $7.6 million fine to settle allegations that it violated US sanctions against Crimea, Cuba, Iran, Sudan, and Syria. The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) alleges that between January 2014 and November 2019, Poloniex allowed citizens in those jurisdictions to use the platform, despite knowing their locations thanks to KYC and IP address information. OFAC alleges that there were nearly 66,000 apparent sanctions violations, which amounted to more than $15 million in transactions.

Poloniex was a US-based crypto exchange founded in 2014, which in 2018 was purchased by Circle, who intended to get rid of the illegal activity for which it was known. However, when they discovered that the customers who used Poloniex no longer wanted to use it once they were subjected to scrutiny, they sold the platform to Justin Sun in late 2019, who relocated it to the Seychelles and shut down US operations. It appears that the OFAC fine will apply to the US entity most recently controlled by Circle, and not to Justin Sun's operation.

In August 2021, Poloniex also paid more than $10.3 million to settle allegations from the U.S. Securities and Exchange Commission that it had operated as an unlicensed exchange.

Individuals lose millions in "permit phishing" scams

Between March and April 2023, the Scam Sniffer organization has identified at least $7.7 million stolen by so-called "permit phishers". These attackers convince their victims to sign malicious crypto transactions that use the "permit" functionality, which allows the attackers to siphon funds from the crypto wallets. This type of attack has existed for over a year, but there have been some high-value instances of the attack lately.

On March 11, ScamSniffer tweeted that they had detected 162 instances of the scam, totaling almost $4 million stolen, over the prior two days. On March 24, an individual wallet lost $4 million. Similar attacks on April 19, April 21, and April 30 saw individual wallets lose $449,000, $1.04 million, and $2.28 million, respectively.

0VIX Protocol exploited for $2 million

The 0VIX defi protocol on the Polygon blockchain was exploited for around $2 million. This was a substantial portion of the project's roughly $6.4 million TVL around the time of the hack. The attack was perpetrated by an attacker who manipulated an oracle, which then allowed them to execute a flash loan attack on the project.

The protocol was paused following the attack. 0VIX later tweeted that they had been collaborating with security firms to investigate the hack, and had offered to let the attacker keep $125,000 if they returned the remaining funds in a bug bounty agreement that would also involve 0VIX not pursuing legal action.

Hacker steals Bitcoins from Russia, destroys them or donates them to Ukraine

A thief has identified nearly 1,000 Bitcoin addresses they believe to have been used in connection with Russian hacking activity. This is partly backed by analysis from the blockchain research group Chainalysis, which has linked some of the wallets to Russian Solarwinds attackers and those pushing election disinformation. The thief took control of some of the wallets, destroying $300,000 worth of Bitcoin as they left messages in the transactions to make their allegations.

The thief's activity began shortly before the Russian invasion of Ukraine. After the invasion, the thief stopped destroying the Bitcoin and instead began transferring it to addresses identified for Ukrainian aid.

CFTC imposes record $3.4 billion fine on Bitcoin scammer

After finding that the South African businessman Cornelius Johannes Steynberg had run Mirror Trading International as a multi-level marketing scheme, in which he accepted 29,421 Bitcoin from at least 23,000 Americans, the CFTC has imposed a record fine. Those 29,421 BTC were priced at $1.7 billion in March 2021 — around the end of Steynberg's multi-year scam. Today they're priced at around $863 million, but unfortunately for Steynberg, the CFTC isn't using today's prices to calculate their penalties.

Steynberg has been ordered to pay a total of $3.4 billion — $1.7 billion in restitution and another $1.7 billion penalty. Steynberg was arrested in Brazil in December 2021 on an INTERPOL arrest warrant, where he has remained since pending extradition.

FBI raids home of FTX exec Ryan Salame

Headshot of Ryan SalameRyan Salame (attribution)
The FBI raided the home of Ryan Salame, the former co-CEO of FTX Digital Markets (FTX's Bahamian subsidiary). Salame was close with Sam Bankman-Fried, although it came out in bankruptcy proceedings that Salame had contacted Bahamian securities regulators during the FTX collapse to tip them off to the improper transfer of FTX client funds to Alameda Research.

Salame was also a major donor to Republican candidates in the 2022 midterm elections, splashing out around $24 million in campaign contributions. However, court filings suggest that much of the money donated to political and other causes by FTX executives may truly have been misappropriated customer funds.

Salame is, at the moment at least, not facing charges in connection to the FTX collapse. In July 2023, the Wall Street Journal reported that the search was likely a part of an investigation into Salame and his girlfriend Michelle Bond over possible campaign finance violations pertaining to Bond's 2022 congressional campaign, and was not related to FTX.

Belgian crypto lender Bit4You suspends activities

The only Belgian crypto platform, the Bit4You crypto lender, announced they would be suspending activities after the CoinLoan crypto exchange was ordered to suspend activities after being declared insolvent.

"To date we have no indication that the virtual currencies held on behalf of our customers with CoinLoan will not be recovered," they wrote in their announcement. Reassuring!

AT&T customers suffer crypto wallet compromises reportedly totaling $15–$20 million

TechCrunch reported that attackers were able to gain access to AT&T email accounts which they then used to gain access to customers' cryptocurrency accounts. Various customers reported their accounts at exchanges including Coinbase and Gemini had been drained. One individual victim lost $134,000 from their Coinbase account.

An anonymous source corresponding with TechCrunch claims that the total amount of cryptocurrency stolen is somewhere between $15 million and $20 million. The tipster also claimed that the hackers have the ability to gain access to any AT&T account via the AT&T employee portal; AT&T has denied this and instead claimed that "the bad actors used an API access."