In the most recent hack, around $7 million was stolen as attackers discovered a vulnerability in the contracts of the DEI token. Some of the attackers were apparent whitehats, who executed the exploit to safeguard the funds until they could be returned to a secure address. As of May 8, $5.5 million of the $7 million stolen had been returned.
On September 6, Binance announced that they were working to return the frozen 1,909 ETH to the people who had purchased it in the funding rounds.
The WSB coin launched as an "official memecoin of r/wallstreetbets". The whitepaper explains the token allocation, saying that "It's the fairest launch memecoin you will find with no team allocation and no presale. Just a free airdrop and some coins for the community. 10% of the $WSB supply is reserved as a treasury for the r/wallstreetbets sub to do with as they please. I’m sure they will spend it wisely and definitely not waste it gambling or convincing each other to drink their own urine." Compelling!
The token launched, and quickly achieved a $50 million "market cap". However, on May 3 the token suddenly lost 90% of its value as one of the token creators, "zjz", dumped a massive quantity of the tokens allocated to the team, trading them for 334 ETH (~$635,000).
zjz has claimed that he only sold the tokens because another creator — "WSBMod" — was secretly draining the token by creating huge airdrops and then claiming them for himself. WSBMod, on the other hand, claims that zjz's actions were theft, and has threatened to involve the police and FBI.
Crypto sleuth zachxbt has since gotten involved in the fray, and along with another prominent crypto figure has joined a multi-sig wallet to try to help secure the funds' return without giving any of the creators involved in the dispute unilateral control.
Chastain was asked to resign by OpenSea in September 2021 after a Twitter user discovered apparent evidence that he had been engaging in insider trades. He was arrested and charged with money laundering in June 2022.
Chastain unsuccessfully argued in his defense that information about which NFTs would be prominently featured on OpenSea wasn't insider knowledge, and "nobody told Nate that he couldn't use or share that information". However, prosecutors argued that attempt to use anonymous accounts to make the trades suggested that he knew what he was doing was wrong.
This case has been described as the first NFT-related insider trading case, and could set a precedent for other similar charges.
It's not clear when precisely the change went into effect, but reports of the limitation began appearing in April 2023.
The end of FTX seems to have directly spelled the end of Storybook Brawl, which stopped announcing updates in November. However, Protos has pointed out that the game may likely be auctioned off as a part of FTX bankruptcy proceedings.
Indeed, it later turned out that Sun's team had farmed around 279,000 SUI (SUI does not yet have a reliable dollar price because it is set to launch later this month). Sun blamed the event on a TUSD market maker, writing, "Regrettably, some of our team members were not fully aware of the intended purpose for these funds and inadvertently used a portion of them to participate in exchange campaigns. Upon realizing this error, we immediately contacted the exchange team and arranged for a full refund of the funds." Those replying to his comment seemed more than a little skeptical that the incident was truly a mistake.
The attack caused the LVL token to drop substantially in price, plunging from around $9.00 to as low as $4.20 before recovering to around $7 — a loss of 22%.
Poloniex was a US-based crypto exchange founded in 2014, which in 2018 was purchased by Circle, who intended to get rid of the illegal activity for which it was known. However, when they discovered that the customers who used Poloniex no longer wanted to use it once they were subjected to scrutiny, they sold the platform to Justin Sun in late 2019, who relocated it to the Seychelles and shut down US operations. It appears that the OFAC fine will apply to the US entity most recently controlled by Circle, and not to Justin Sun's operation.
In August 2021, Poloniex also paid more than $10.3 million to settle allegations from the U.S. Securities and Exchange Commission that it had operated as an unlicensed exchange.
On March 11, ScamSniffer tweeted that they had detected 162 instances of the scam, totaling almost $4 million stolen, over the prior two days. On March 24, an individual wallet lost $4 million. Similar attacks on April 19, April 21, and April 30 saw individual wallets lose $449,000, $1.04 million, and $2.28 million, respectively.
The protocol was paused following the attack. 0VIX later tweeted that they had been collaborating with security firms to investigate the hack, and had offered to let the attacker keep $125,000 if they returned the remaining funds in a bug bounty agreement that would also involve 0VIX not pursuing legal action.
The thief's activity began shortly before the Russian invasion of Ukraine. After the invasion, the thief stopped destroying the Bitcoin and instead began transferring it to addresses identified for Ukrainian aid.
Steynberg has been ordered to pay a total of $3.4 billion — $1.7 billion in restitution and another $1.7 billion penalty. Steynberg was arrested in Brazil in December 2021 on an INTERPOL arrest warrant, where he has remained since pending extradition.
- "Federal Court Orders South African CEO to Pay Over $3.4 Billion for Forex Fraud", U.S. Commodity Futures Trading Commission
Salame was also a major donor to Republican candidates in the 2022 midterm elections, splashing out around $24 million in campaign contributions. However, court filings suggest that much of the money donated to political and other causes by FTX executives may truly have been misappropriated customer funds.
Salame is, at the moment at least, not facing charges in connection to the FTX collapse. In July 2023, the Wall Street Journal reported that the search was likely a part of an investigation into Salame and his girlfriend Michelle Bond over possible campaign finance violations pertaining to Bond's 2022 congressional campaign, and was not related to FTX.
- "F.B.I. Searches Home of Top FTX Executive", The New York Times
- "Former FTX Executive Linked to Campaign-Finance Probe of New York GOP Race", The Wall Street Journal
"To date we have no indication that the virtual currencies held on behalf of our customers with CoinLoan will not be recovered," they wrote in their announcement. Reassuring!
An anonymous source corresponding with TechCrunch claims that the total amount of cryptocurrency stolen is somewhere between $15 million and $20 million. The tipster also claimed that the hackers have the ability to gain access to any AT&T account via the AT&T employee portal; AT&T has denied this and instead claimed that "the bad actors used an API access."
The Merlin DEX had been audited by the CertiK security firm, which stated it was working with the remaining team members to try to trace the thieves. Meanwhile, they wrote that they would be working to compensate affected users.
Some didn't seem to buy the story that the theft was carried out by a few rogue developers, accusing the entire Merlin project team of rug-pulling.
Protos speculated that the suspension could be related to Vauld, an exchange that collapsed last July. Vauld is rumored to have tens of millions of assets on CoinLoan.
The same day as Vauld's collapse, CoinLoan implemented a withdrawal limit of $5,000/day.
- Notice of restraint on disposition , Ametlikud Teadaanded
- "Did Vauld drive CoinLoan into court-ordered liquidation?", Protos
- "CoinLoan halts all withdrawals, user services", CryptoSlate
Binance cited "hostile and uncertain regulatory climate" as its reason for calling off the acquisition. A recent lawsuit from the CFTC against Binance and its CEO Changpeng "CZ" Zhao likely contributed to the cancellation, as it seems clear that Binance is being increasingly scrutinized by US regulatory and law enforcement bodies.
The acquisition had been supported by a massive majority of Voyager creditors, who were looking forward to recovering 73% of their assets trapped on the platform. Now that number is uncertain, but likely to be a good deal lower. Attorneys for Voyager estimated the recovery now would likely be between 40 and 65%.
On April 24, the project developer withdrew 256 million OFI tokens and swapped them to ETH worth around $1 million. They then laundered the funds through the Tornado Cash crypto mixer. The project creator deleted the project's Twitter account and took down its website.
Not everything has gone smoothly, though. As developers rushed to release wallets to support these new tokens, the UniSat wallet claimed to be the first. However, shortly after it launched, the developers made the Chrome extension inaccessible. They later revealed that the code had contained a vulnerability that exposed it to double-spend attacks. "Currently, we have preliminary investigation results, and out of all 383 transactions, 70 transactions have been identified as affected," they wrote.
It's not yet clear how much was stolen, but the UniSat team promised to compensate affected users. They later tweeted that they had determined the identity of the thief, though the funds have not yet been returned.
The NFT buyers — er, "co-producers" — were promised credit in the film credits, voting rights on the script, and a split of 80% of the profits. "Although there is nothing guaranteed, on average, you will make six to seven times what you put in 24 months. Which is huge, when you think, you go to the Caisse d'Epargne, a traditional bank, and you make less than 1% in the year," said one promotional video.
A report from French investigative newspaper Mediapart discovered that the project was backed by a Dubai-registered company called "Illuminart", which played on confusion between its name and that of the France-based Universal Studios subsidiary Illumination. An Illuminart marketing campaign even used Illumination titles, such as The Lorax, Minions, and Despicable Me, and their box office proceeds to suggest Plush buyers were in for a 516% profit.
Meanwhile, the project has gone silent, and its Twitter account last posted in September 2022. NFTs are no longer offered for sale on the official project website, and Illuminart's business license has expired.
- "Nounours et cryptomonnaies à Dubaï : le mauvais film de Kev Adams", Mediapart (in French)
However, the Kyiv Post has recently been asking questions about the organization. Earlier in April, the newspaper published an article claiming that the group had fabricated its claims that it was supported by Ukrainian governmental bodies. Now, they've published another article claiming that at least $500,000–$700,000 of funds seem to have been misappropriated.
One point of contention has been that the organization claims that 100% of money raised is donated, but in reality the project leader Alona Shevchenko takes a $5,000/month salary. This led to a split between Shevchenko and Pussy Riot's Nadya Tolokonnikova, who had once been active in promoting Ukraine DAO.
The Kyiv Post has raised questions about other transactions from the Ukraine DAO wallet, which went to other leaders of the project, or to centralized exchanges.
Shevchenko a London-based Ukrainian, who has in the past led the FreeRossDAO — a project to raise funds to support Ross Ulbricht, the jailed creator of the crypto-powered darknet Silk Road marketplace. Shevchenko's most recent project is Iran DAO, which claims to support "Iran's women-led revolution".
Blur disabled bid acceptance functionality while investigating the bug. Amusingly, this led people to begin placing huge bids they knew couldn't be accepted in order to farm Blur points, some kinds of which are awarded based on bids rather than purchases.
It's not clear how much money was lost due to the bug, but Blur cofounder "Pacman" announced that "any losses will be refunded once the issue is resolved".
Co-founders of company best known for Bella Hadid NFTs begin $77 million court battle against each other
Although the project promised to provide ongoing access to Bella Hadid and various other perks, the project website has already dropped offline, the Twitter account hasn't posted since October 2022, and the Discord is a ghost town save for occasional questions about whether the project is dead. Hadid made $1.5 million for her involvement in the project.
Things at Rebase seem to have devolved, because now Gagacki has filed suit against Truong, alleging that he "has gone rogue". The suit alleges that Truong tried to oust Gagacki from the company, stole around $2 million from a shared wallet, and damaged Gagacki's reputation. In particular, Gagacki is concerned that Truong is attempting to launch the project on the Arbitrum network without Gagacki's involvement, and that tokens minted there "could reach many times over the Rebase app's last round valuation of $150,000,000" without being shared with Gagacki.
Altogether, Gagacki is claiming damages of no less than $77 million, representing the stolen funds, the value of the app, and the profits from the possible Arbitrum deal.
The complaint also alleges that Bittrex and Shihara had coordinated with token issuers to dodge potential SEC action by having them remove public "problematic statements" predicting price, describing an expectation of profit, or describing offerings in terms of investments.
Hundred Finance announced that they were trying to communicate with the attacker to try to convince them to return some of the funds.
This was not the first exploit to impact Hundred Finance: in March 2022, both Hundred Finance and Agave Finance were targeted with a flash loan attack by a hacker who stole a total of $12 million from the two projects.
Bitrue didn't release details on how the attack had been achieved, but explained that one of their hot wallets had been impacted. They announced that they would be pausing withdrawals for several days as they investigated the incident, and that they would be compensating affected users.
- Post by Bitrue
Franklin disclosed on Twitter that "Due to an unfortunate IRL issue, I have had to sell off a lot of BAYC apes to pay off BendDAO loans while the liquidity was available". He had recently sold 27 of the Bored Apes. He later wrote, "I got rug pulled on an investment I put almost 2000 ETH into, thinking it was credible due to who else invested (not naming anyone for privacy reasons). Someone used our $$ as a casino gambling Ponzi and flushed it down the drain. Please learn any lessons possible from this." 2,000 ETH is worth around $4.23 million at today's ETH prices.
People immediately began to speculate about what project he could be referring to. Some wondered if perhaps he was trying to cover up losses on the Rollbit crypto casino, which he was known to use, and where he could be observed on-chain depositing more than 6,000 ETH (~$12.7 million) since the beginning of the year alone. Later in the day, he wrote another tweet: "For partial transparency: My personal PnL [profit and loss] of my Rollbit gambles is about -650 ETH total. So yes I lost a lot of money myself on Rollbit, but that didn’t require me to sell off today." At today's prices, 650 ETH is around $1.375 million.
Franklinisbored expressed that he would be taking a break from NFT trading and social media following the incident: "I won't get involved in NFT trading/twitter for a while, and will just focus on my private life for the time being with my remaining apes."
The attacker began swapping tokens out for other stablecoins shortly after the exploit, moving them into lending projects like Aave and laundering them through the Tornado Cash cryptocurrency mixer. There were early concerns that Aave itself was impacted by an exploit, but it was later clarified that Aave had simply been used to swap tokens involved in the Yearn exploit, and did not appear to itself be vulnerable.
Writer, journalist, and now web3 influencer Nicole Behnam helped pump Dogecoin founder Billy Marcus' new free-to-mint "Blocky Doge 3" NFT project, writing on Twitter, "No roadmap or utility? I'm in 👀" and talking it up on large Twitter spaces. A wallet belonging to her then received 250 NFTs from Marcus early on, then dumped around 220 of the NFTs on the market all at once, tanking the secondary market price while earning her around 20 ETH (~$38,000). At the moment, the NFTs are selling for an average of 0.031 ETH apiece (~$59).
After being found out, she wrote on Twitter that "There were mistakes made in a wallet that I controlled," but claimed that she had tried to make it up by returning the profits and buying up low-priced NFTs. "How the last 24 hours went down was not cool and I’m doing my best to rectify the situation," she wrote. "Listening, learning, moving forward." Shortly afterwards, she was removed from a "NFT100" list that had published only days prior by NFT Now, for what they described as violations of their ethics policy.
Now, the Ren team has announced that they have transferred all assets on the Ren Protocol "to the FTX Debtors' cold storage wallets for safeguarding".
The announcement mentioned "possible shutdowns of infrastructure and systems," possibly referring to Ren's plans — announced shortly after the FTX collapse — to "move on from Alameda" by launching "Ren 2.0" and sunsetting the 1.0 version. However, there has been little public evidence that Ren 2.0 has been progressing.
Although NFTs are often thought to be immutable, permanent links to their associated artwork, that's often not the case in practice. Many NFTs store metadata off-chain, or otherwise enable after-the-fact changes.
Goblintown is a collection of NFTs that launched in May 2022, quickly going viral and sparking a phenomenon of Twitter spaces where members spent hours making goblin noises into their microphones. Originally free to mint, the NFTs began selling for thousands of dollars on the secondary market. Now they trade for around 0.38 ETH (~$800) apiece.
In an apparent protest against the willingness of traders and marketplaces to stop honoring royalties, Truth Labs (the group behind Goblintown) changed the artwork for Goblintown and all of their NFT collections to an illustration of a dancing middle finger, with smaller middle fingers emerging from where its arms and genitals would be. The new image reads, "Fuck royalties. Fuck supporting building and creatives. Flipping is the heart of what makes Web3 special. Honor the flipper, fuck the community. Long live the slow rug." At the bottom, the image states: "Goblintown, Illuminati, The187, and Grumpls will be migrating to new contracts before Monday the 17th of April. All holders will be airdropped identical replacement NFTs." The new NFTs will enforce royalties on-chain, preventing marketplaces from allowing users to circumvent them.
Some embraced the new NFTs, while others accused Truth Labs of "rugging". Some people were horrified by the fact that NFTs that they owned could be changed after the fact without their consent, a fact they were not previously aware of. One owner wrote, "So your telling me I spent $1,000s of dollars and have 10 goblintowns for them all to now be dudes shaking their weiners?"
The announcement seemed to come as a relief to many in the Ingress community, with commenters remarking on the "scammy" nature of NFTs. Some wrote that they liked the idea, but that the web3 factor felt like it was "shoehorned" in. "I'll miss the Trading Post, please never bring NFTs or in fact any blockchain into future projects, or if you do at the very very least make it actually matter to the thing it's being put into, but still preferably just don't," said one.
- Trading Post shutdown announcement on Ingress discussion forums
GDAC halted deposits and withdrawals shortly after the attack, and stated that they had reported the exploit to South Korean law enforcement to investigate.
Terraport Finance launched on March 31, apparently having gone live without any sort of audit. On April 10, Terraport disclosed that an attacker had apparently managed to drain all project liquidity pools, making off with assets priced at around $2 million.
Today, Sifu himself was the victim of a theft as a bug in the SushiSwap decentralized exchange allowed a hacker to make off with around 1,800 ETH (more than $3.3 million) belonging to him. According to SushiSwap leader Jared Grey, around 300 ETH (~$557,000) of Sifu's funds were subsequently recovered.
Analysts have found that almost 200 addresses on the Ethereum network have approved the vulnerable contract, and around 2,000 addresses approved the vulnerable contract on Arbitrum, Polygon, and other chains. It's not yet clear how much was stolen in total. SushiSwap leader Grey urged users via Twitter to revoke approval for the vulnerable smart contract.
Bitcoin mining firm sues business partner after they allegedly lose $500,000 in Bitcoin to fraudster
The lawsuit also alleges that Gryphon has " dutifully collected its exorbitant Management Fee while shirking its duties under the MSA and delivering abhorrent management services" and "skimm[ed] off the top (i.e., st[ole]) from Sphere's assets".
Canada has become more strict on cryptocurrency exchanges in recent months, particularly following the collapse of FTX.
The Bored Ape would likely fetch somewhere around $125,000 if resold. The other three NFTs would likely resell for somewhere around $8,700. Together with around $3,400 in stolen tokens, Bryant's total loss is around $139,000.
After some observers spotted the suspicious-looking transactions, Bryant confirmed on Twitter: "Yes my ape was stolen and I don't know how this is crazy".
.transfer()— a common function used with Ethereum projects that is not supported by zkSync.
The zkSync project evidently came to the rescue of Gemholic, announcing that they would change the protocol in a new release to add support for Solidity functions such as
.transfer(), which will ultimately free Gemoholic's locked funds.
Binance will continue to operate its spot exchange product in Australia, but customers will no longer be able to trade derivatives on the platform after April 21.
A trader apparently trying to bid $100 for one of the NFTs seems to have mistakenly entered 100 ETH, or around $190,000. The trade was of course quickly accepted by a seller who made a tidy 1666x the typical floor price.
Some have speculated the massive offer was money laundering, but the fact that the bid was an open offer that could be accepted by anyone seems to make that theory less likely.
- "NFT trader accidentally bids 100 eth on a freely minted NFT", r/CryptoCurrency
- Transaction on Etherscan
The attacker apparently took advantage of a re-entrancy vulnerability to execute the theft, then swapped the tokens and bridged them to the Ethereum main chain.
Sentiment tweeted that they were aware of the attack and investigating what had happened. They also stated that they were working with law enforcement. Later that evening, they sent a message to the hacker, offering to let them keep 10% of the stolen funds as a bounty if they returned the rest. Sentiment was audited by two crypto security firms.
On April 6, Sentiment announced that the exploiter had returned 90% of the funds, keeping $95,000 and receiving a promise from the organization that they would not try to prosecute the theft.
Youssef was vague as to the reasons for the closure, writing that "While I cannot share the full story now, I can say that we unfortunately have had some key staff departures. Also, regulatory challenges for the industry continue to grow, especially in the peer-to-peer market and most heavily in the U.S."
Youssef later elaborated in a Twitter Space, explaining that he feared for the safety of user funds because of a lawsuit from his co-founder, who he also accused of "[driving] away all of our senior level staff".
Some had trouble withdrawing funds from the platform, though this seemed to be due to the overload. Youssef tweeted, "Paxful database is a bit overloaded now as everyone is withdrawing funds. It is making transfers slow. I promise funds r safe and they will clear soon".
On May 8, Paxful came back online, though it was unclear whether or in what capacity the business would continue to operate going forward.
Cobie decided he wanted to make a record of his prediction, so he tweeted the SHA-256 hash of the string "Interpol Red Notice for CZ". Typically, this would allow him to later reveal the seed, allowing him to prove after the fact that he had indeed made a correct prediction. Why? I don't know. Bragging rights I guess?
Anyway, according to Cobie, one of Cobie's inner circle leaked the seed, and the contents of Cobie's prediction were widely circulated on Twitter. Some thought the prediction was inside knowledge of events that had already transpired. Someone else began circulating a doctored screenshot of the Interpol website, purporting to show a red notice. People began offloading their BNB tokens (the native token for Binance and Binance's blockchain), causing a sudden 3% dip in the token price. Bitcoin also fell on the news.
MEV bots are a phenomenon that became popular in recent times: bots that use various techniques to extract value by inspecting pending blockchain transactions and then sending advantageous transactions of their own. In this case, a bot was performing a "sandwich attack": sending transactions just before and just after a pending transaction, which manipulate the price of the underlying asset, allowing the bot operator to "steal" value from the victim — "steal" in quotes, because there is some debate over whether MEV bots are really stealing, or are operating within the rules laid out for them.
In order to manipulate prices in this way, they have to put a substantial amount of money at risk. A "rogue" Ethereum validator appeared to replace some of the transactions that were being executed by the bot, leading to a loss of WBTC, USDT, Dai, and WETH totaling a bit over $25 million.
First Arbitrum DAO vote spirals into disaster: DAO rejects $1 billion spending proposal, but Arbitrum already started spending
The vote, which still has a day left before completion, is currently standing at 75% against and 25% in support. However, it was discovered that Arbitrum had already begun spending those 750 million tokens, including via the movement of a substantial amount of tokens, and "conversion of some funds into stablecoins for operational purposes".
Another Arbitrum team member subsequently published a post in which they claimed that the proposal was not really a vote but rather a "ratification" of decisions that had already been made by the Arbitrum team, leading many to question what the DAO was even for in the first place. Others questioned the fact that Arbitrum was receiving so much money to use however they liked, not subject to DAO approval.
Things got even messier when the Arbitrum Twitter account "clarified" that "40M $ARB tokens have been allocated as a loan to a sophisticated actor in the financial markets space", and the rest had been sold off for "operational costs". The loan of $52 million worth of ARB to an unnamed actor and the conversion of another $13 million to stablecoins led some to accuse the Arbitrum team of "selling off", cashing in far more than would likely be required for foundation costs in a brief period of time.