Huang is also annoyed at zachxbt's observations about the multiple hacks of C.R.E.A.M. Finance, which zachxbt wrote had been exploited three times "due to negligence". "Putting aside that Cream Finance was exploited two, not three times", Huang hilariously writes in the lawsuit, taking issue with the fact that zachxbt supposedly intentionally omitted that some funds were returned and that Huang claims to have been no longer involved with the project by that point. It's not made clear in the lawsuit which of the three hacks recorded on Web3 is Going Just Great — to the tune of $37.5 million (February 2021), $25–30 million (August 2021), and $130 million (October 27, 2021) — supposedly didn't happen.
Machi Big Brother sues zachxbt
Wyre finally shuts down
Wyre had been a partner of Binance US, through which Binance was able to accept USD deposits. However, Binance US is now the target of SEC regulatory action, and has suspended US dollar deposits. Wyre wrote in their announcement that the closure "is not due to any regulatory agency direction". Sure thing.
Binance to leave the Netherlands after failing to obtain license
Sadly for them, they were unable to obtain a VASP registration in the country, and their "many alternative avenues to service Dutch residents in compliance with Dutch regulations" didn't pan out either. They announced that, effective immediately, they would no longer be accepting new customers from the region. Existing customers in the country will soon be only able to withdraw assets, and will not be able to purchase assets or trade on the platform.
Binance US cuts staff following SEC lawsuit
Shroder is, of course, referring to the recent lawsuit from the SEC as well as a lawsuit from the CFTC that was filed in March.
Binance looks to exit Cyprus
CoinEx settles with New York for $1.7 million
The company is also banned from operating in the state going forward. The agreement requires CoinEx to implement geoblocking to prevent people with New York IP addresses from accessing the platform, and prohibits the company from creating new accounts for US customers or allowing US customers to do anything other than withdraw their assets.
- "Banned In New York, CoinEx Returns $1.7 Million to Settle Lawsuit", Decrypt
- "Attorney General James Recovers $1.7 Million from Cryptocurrency Platform for Operating Illegally", press release by New York Attorney General Letitia James
FPG halts withdrawals after $15–20 million hack
The group announced that they were working with "the FBI, the Department of Homeland Security, our regulators and Chainalysis" to investigate the attack. The group had previously earned SOC 2 certification for its cybersecurity controls.
Texas securities regulator alleges in cease-and-desist that Abra crypto lender has been insolvent for months
According to the complaint, although Abra claimed it stored customer funds with the Fireblocks crypto custodian, they had actually been "secretly transferring assets" to Binance.
The regulator also alleged that Abra had around $30 million in assets with Babel Finance, $30 million with Genesis, and $10 million with Three Arrows Capital — three companies in various stages of liquidation or bankruptcy. They also have $8.8 million with Auros, a firm that was in liquidation but has since exited the process.
Delio crypto lender suspends withdrawals
Delio, like Haru, advertised yields of more than 10%.
- "출금 중지 조치 안내", Delio (in Korean)
- "Two Crypto Platforms Halt Withdrawals in an Echo of the Sector’s 2022 Woes", Bloomberg
Banq goes banqrupt
In the bankruptcy filings, Banq alleges that $17.5 million in assets were stolen by former officers, described in the listing as "computers, trade secrets, proprietary information and technology, business records, etc." The transfer allegedly was made to Fortress NFT Group, a rival company founded by the former CEO, CTO, and CPO. A lawsuit from Banq filed against Fortress and the executives in May 2022 alleges that the executives "stole not only Banq's technology, but also significant other value of Banq's, and used the purloined property to launch Defendants Fortress NFT and Planet NFT using Banq's assets, employees, trade secrets and proprietary technology, claiming all of it to be their own." They also claim that the defendants deleted files and engaged in other fraudulent activity to try to cover up the theft.
Haru Invest suspends withdrawals
The following day, the company named the partner as B&S Holdings (formerly Aventus), and announced that they were taking legal action against the company for filing falsified management reports.
Haru Invest advertised APR in the double digits.
On June 22, Haru laid off 100 employees. Haru explained in a blog post: "after much consideration, it comes with a heavy heart to inform you that we will be minimizing the operations of Haru Invest and its affiliated companies to prevent further damages that are likely to be incurred". Haru's CEO told local media that Haru's offices were empty because employees were working from home for their own safety. After Haru halted withdrawals, they closed their office, and CoinDesk reported that "all company officials disappeared".
BNB Chain team prepares to step in to prevent massive Venus Protocol liquidation
The recent SEC lawsuit against Binance has caused the BNB token to plummet almost 25%, from $305 to ~$230. This puts the hacker's position dangerously close to the liquidation threshold of $220, which could cause substantial impact on the market via cascading liquidations.
In November, BNB Chain passed a governance proposal giving the BNB Chain core team the ability to liquidate the position if it approached the liquidation threshold, meaning they could repay the debt in a more controlled manner that wouldn't dump hundreds of thousands of BNB onto the market all at once.
On June 12 the Venus team tweeted a reminder: "BNBChain core team is ready to take over the $BNB position on Venus as planned if the BNB price hits the liquidation threshold. The liquidator address has prepared $30M already to refund the account loans with more to come if needed. No BNB will be dumped into the market and no shortfall is expected on Venus."
This is not the only bad debt on the Venus platform, which has been described as "opaque" by Protos and has been accused of trying to hide some of its liabilities.
Abandoned Atlantis Loans project exploited for $1.1 million
Evidently, few people continued to pay much attention to the project, because an exploiter was able to come along and perform a governance attack targeting the users who still had active smart contract approvals with the defunct project. They published and voted on a proposal to allow them to upgrade the smart contract in such a way that they could then take advantage of the approvals to transfer the tokens to their own wallet address. Ultimately they made off with around assets notionally worth around $1.1 million.
Sturdy Finance exploited for $775,000
Roughly an hour after the attack, the project tweeted that they were aware of the attack, and had paused all markets. On June 19 the project sent a message to the attacker, pleading with them to return the funds and threatening: "There are criminal organizations following the same evidence trails we are. This isn't going away until you return funds. We are your best option out of this."
Minting of TrueUSD stablecoin through Prime Trust halted; TUSD deviates from peg
The decision may have been related to insolvency rumors surrounding Prime Trust, a US-based fintech company. On June 8, BitGo announced a non-binding letter of intent to acquire Prime Trust.
After the announcement, the TUSD stablecoin dipped as low as $0.9951. This is a seemingly small deviation from the $1 peg, but in the stablecoin world, such small variances can be serious.
- "TrueUSD stops minting via Prime Trust, loses dollar peg", CoinTelegraph
Crypto.com to shut down institutional trading in the US
CFTC awarded default judgment in case against Ooki DAO
Now, a judge has awarded default judgment in the case, requiring the DAO to pay a more than $640,000 penalty, close down its website, and stop trading.
The court held that the Ooki DAO was a "person" under the Commodity Exchange Act and thus could be held liable for violations of the law.
- Order on Motion for Default Judgment, Commodity Futures Trading Commission v. Ooki DAO
Robinhood to delist Solana, Cardano, Polygon tokens after SEC describes them as securities
While simply claiming in a lawsuit that a crypto token is a security does not necessarily constitute a firm decision that it is so, this has been enough in the past to lead exchanges to remove token listings. The 2020 lawsuit against Ripple and its XRP token led to the token widely being delisted from exchanges serving US customers.
Scammers capitalize on Binance lawsuit fears to pull off Discord phishing scam
After this was brought to BNB Chain's attention by crypto sleuth zachxbt, they tweeted that they "acted quickly (within 10 minutes) to ban the offending accounts and remove the posts. We've taken steps to secure the server and protect against any further abuse." However, less than an hour later they put out a new tweet announcing that the URL had been hijacked to redirect to a new server.
"This is a scam, and if you connect your wallet, you will lose your funds. Please exercise caution until we are able to confirm a resolution", they wrote.
SEC files complaint against Coinbase
The SEC, apparently unconvinced by Coinbase's usual spiel, filed a complaint with five claims for relief involving operating without registering with the SEC and offering unregistered securities by way of providing a cryptocurrency staking program.
Coinbase has responded with its usual bluster, and vowed to fight the lawsuit. They don't really have much choice, given their business is almost entirely predicated on being able to continue operating in the US. A tweet by Coinbase CEO Brian Armstrong refers to "the US congress... introducing new legislation to fix the situation", suggesting he is hoping that Congress might bail him out of the mess he's in. Given the amount of lobbying Coinbase has been doing, and the apparent bought and paid for crypto advocates who sit in Congress, his hopes are not entirely misplaced, but we shall see. As with the lawsuit against Binance, this is not likely to resolve anytime soon, particularly if the companies both decide to fight in court.
- "SEC Charges Coinbase for Operating as an Unregistered Securities Exchange, Broker, and Clearing Agency", U.S. Securities and Exchange Commission
- SEC v. Coinbase
- Tweet by Brian Armstrong
SEC files complaint against Binance
The complaint echoes some of the allegations made by the CFTC in a March lawsuit, including that Binance.US was primarily a front for Binance's international platform that was used to try to distract US regulators. However, it also goes farther by adding allegations around Binance's lack of controls around market manipulation, which the SEC alleges contradict public statements by Binance that they had sophisticated programs to prevent wash trading and other manipulative actions. The SEC even claims that the CZ-owned and -operated market maker Sigma Chain was engaged in substantial wash trading on the platform.
The SEC lawsuit was also a bit of a bombshell in its naming of some major cryptocurrencies as securities: SOL, ADA, MATIC, FIL, ATOM, SAND, MANA, ALGO, AXS, and COTI. These are the crypto assets associated, respectively, with the Solana, Cardano, Polygon, Filecoin,[d] Cosmos, The Sandbox, Decentraland, Algorand, Axie Infinity, and Coti projects.
Atomic Wallet hacks total over $100 million
Following the thefts, Atomic Wallet tweeted that they were aware of the reports of wallet compromises, and that they were attempting to learn more about the attacks, but had not yet confirmed any method of attack. They've since taken down the wallet software download page, likely out of concern that the software itself has been compromised.
Crypto sleuth zachxbt compiled a list of reported compromised Atomic Wallets, finding that multiple individuals lost multiple millions in the attack. The largest known individual theft so far involved almost $8 million in USDT (Tether); other individuals lost $2.8 million in USDT and 1,897 ETH (~$3.5 million).
Users of Atomic Wallet have been advised to transfer their assets to other wallets.
On June 6, both zachxbt and blockchain research group Elliptic speculated that the laundering strategy by the thieves resembled that of the North Korea-linked Lazarus Group, which has been responsible for other major crypto thefts.
unshETH compromised after private key leaked to GitHub
The leaked key allowed the attacker to transfer ownership of project smart contracts to themselves, though they later returned ownership.
unshETH posted a message to the hacker, demanding they return 90% of the stolen funds. They threatened: "We want to be clear, and this is not a bluff: we know who you and some people connected to you (friends) are, and we will absolutely move forward with law enforcement if you have not returned the money by the deadline above. We don't want to do this to you or have to rope your friends in, and would prefer everything be settled and everyone just move forward, but if we don't get the funds back by the above-mentioned time, we will be left with no choice in order to protect our protocol."
"Sounds exactly like someone bluffing would say", wrote one commenter.
Trust Reserve employees arrested
Trust Reserve issues the CNH offshore yuan-pegged stablecoin and the HKDC Hong Kong dollar-pegged stablecoin. The company had received funding from sources including the KuCoin crypto exchange.
- "Team Behind Offshore Yuan, Hong Kong Dollar Stablecoins Detained by Chinese Police: Report", CoinDesk
- "独家:离岸人民币稳定币CNHC发行团队失联,或因涉案被司法部门带走", PA News (in Chinese)
Binance delists privacycoins in various European regions, later reverses decision
Binance did not list the jurisdictions in which it would be ending privacycoin trading, but users in France, Spain, and Poland all reported receiving alerts. This suggested it could be related to the recent passage of the MiCA crypto legislation in the European Union. The resolution states: "The operating rules of the trading platform for crypto-assets shall prevent the admission to trading of crypto-assets that have an inbuilt anonymisation function unless the holders of those crypto-assets and their transaction history can be identified by the crypto-asset service providers operating a trading platform for crypto-assets."
In late June, Binance announced that they had reversed their decision, and would continue to offer the tokens.
Binance reportedly begins layoffs
Binance issued a statement that the firings were related to poor performance and "cultural fit", an unlikely explanation for such a substantial cut.
In January 2023, Binance CEO Changpeng Zhao had stated that Binance planned to grow its employee count by 15–30% in 2023, even after more than doubling its employees in 2022. In March, responding to rumors of layoffs, Binance stated that they were "not planning any layoffs" and that in fact they planned to hire more than 500 employees by mid-year.
NFL labor union is out almost $42 million thanks to crypto collapse
The amount is owed by affiliate OneTeam Partners. In April, Sportico reported that sports NFT platform Dapper Labs had discussed restructuring its deal with the NFL and NFLPA due to an extremely rocky year. So too had DraftKings, which had signed a deal with the NFLPA for its "Reignmakers" player trading card NFTs.
"Charity NFT project" by supposed cancer patient raises $117,000 with stolen art before being exposed as a fraud
Several hours later, the project creator deleted her Twitter account, and crypto sleuth zachxbt unearthed evidence that the pixel art she had been selling as NFTs had been stolen from various others. Altogether, the "Pixel Penguins" NFT project she promoted raised around 63.5 ETH (~$117,000).
Wang later apologized for promoting the scam, claiming that he had tried to do due diligence but had been in contact with her for over a year, and had spoken on the phone with someone claiming to be her art teacher. However, zachxbt wrote, "Seems some people called it out last year. Not sure how much he actually 'verified'".
MoonPay executives pocketed $150 million raised from Series A
According to The Information, MoonPay never disclosed that $150 million of the Series A funding was used to purchase shares from insiders including Soto-Wright, and never went to the company. Several weeks after the funding round, Soto-Wright purchased a $38 million Miami mansion.
Bybit exits Canada
In June 2022, Bybit settled a complaint from the Ontario Securities Commission for operating an unregistered platform and offering unregistered securities to Ontarian investors. The company disgorged CA$2.5 million (US$1.9 million) as result. At the time, the OSC stated that Bybit was working to come into compliance with the OSC's requirements.
Apparent whitehat exploits El Dorado Exchange, claiming developers built in a backdoor to steal user funds
The attacker promised to return all funds, minus a 10% "white hat fee", if the developers "admit to manipulating the prices", and also offered to disclose other vulnerabilities they claimed to have found in the project.
The project founders wrote in response: "Yes we acknowledge making an ill-advised decision to manipulate the price. However our intention was to blacklist those who had previously exploited the system, fully aware that all transactions are recorded on the blockchain. We did not aim to misappropriate users funds as this would leave a traceable record. We will promptly remove the problematic bomb contract."
The exploiter began returning funds shortly afterwards.
BKEX crypto exchange halts withdrawals due to money laundering investigation
The exchange offered no estimate of when withdrawals might be re-enabled.
Jimbos Protocol exploited for $7.5 million
After the attack, Jimbos Protocol tweeted "We are aware of the exploit regarding our protocol and are actively in contact with law enforcement and security professionals. We will release further information when possible." They also sent an on-chain message to the exploiter, offering to stop all investigations if the hacker returns 90% of the stolen funds.
Nigerian crypto trading app Patricia suffers multimillion dollar theft, freezes withdrawals
The stolen ₦2 billion would have been worth around US$4.8 million based on the value of the Naira at the time of the theft.
Malfunctioning bot costs Poo Finance token hunters $440,000
Coinone employees "admit to facts" in case regarding token listing bribes
Four executives were arrested in connection to the investigation in April, under suspicion that they had received ₩2.4 billion (~$2.2 million) in bribes in exchange for listing dozens of coins.
Coinone is one of the most popular South Korean cryptocurrency exchanges. In July 2022, it was among the seven exchanges raided by Korean authorities in the wake of the Terra/Luna collapse, as the country began applying harsher scrutiny to crypto platforms.
Crypto payments firm Unbanked to shut down
However, Unbanked also let on that their closure was more related to an investment falling through than to any regulatory issues. The company wrote that a $5 million investment was never delivered, and that the company had "exhausted all options" funding-wise.
- "Unbanked will be winding down", Unbanked
DCG shutters TradeBlock subsidiary
The decision comes amidst broader troubles for DCG, which is embroiled in the bankruptcy proceedings of its Genesis subsidiary. Earlier in May, DCG missed a $630 million payment to Genesis.
Hackers steal around $170,000 after compromising Steve Aoki's Twitter account
The scam was helped along by ben.eth, a Twitter personality who retweeted one of the tweets by the compromised account in which Aoki appeared to endorse a token created by ben.eth. According to crypto sleuth zachxbt, multiple followers of ben.eth were impacted by his retweet, which zachxbt characterized as "quote tweet[ing] a phishing scam posted by the compromised @steveaoki account for clout". Ben.eth ultimately promised to reimburse his fans who lost money thanks to his tweets.
Transactions stuck on Multichain blockchain bridge due to "force majeure"
Meanwhile, rumors swirled that the Multichain team had been arrested by Chinese police, though there doesn't seem to be much corroborating evidence of this.
The issues and the rumors sparked a drop in token price of around 30%. Several large parties also appeared to distance themselves from the project and its token, including the Fantom Foundation, which withdrew 449,740 MULTI (~$2.4 million) in liquidity on SushiSwap.
On May 31, Multichain issued a statement that "we are currently unable to contact CEO Zhaojun and obtain the necessary server access for maintenance", and wrote that even more bridges were being impacted by the same issues as in the previous week.
Morgan DF Fintoch likely exit scams for around $31 million
On May 23, crypto sleuth zachxbt tweeted that the project appeared to have executed their exit scam, bridging around 31.6 million Tether to various addresses. Platform users began to report that they could not withdraw funds.
Brand new $CS token exploited for almost $700,000
Tornado Cash DAO suffers hostile takeover
The attacker has already drained locked votes and sold some of the $TORN tokens, which are governance tokens that both entitle the holder to a vote but also were being traded for $5–$7 around the time of the attack. The attacker has since tumbled 360 ETH (~$655,300) through Tornado Cash to obscure its final destination. Meanwhile, $TORN plummeted in value more than 30% as the attacker dumped the tokens.
The attacker now has full control over the DAO, which according to crypto security researcher Sam Sun grants them the ability to withdraw all of the locked votes (as they did), drain all of the tokens in the governance contract, and "brick" (make permanently non-functional) the router.
Croatian cryptocurrency investment company BitLucky reportedly collapses; more than $75 million allegedly missing
Some have expressed the opinion that BitLucky was a Ponzi scheme all along, given the unreasonable promises of 5–25% monthly returns. The editor of a crypto news outlet also expressed that "there was a 'line of [red] flags'", including that Burazer never wanted to appear in the media or have his picture shown online.
- "Najveća domaća kripto prevara? Riječanin klijentima uzeo 70 milijuna €. Upravo je u bijegu", Jutarnji list (in Croatian)
WDZD Swap exploited for $1.1 million
- "DeFi protocol WDZD Swap exploited for $1.1M: CertiK", CoinTelegraph
Around $110 million "stuck" in Aave protocol on Polygon due to a bug that can't be fixed for a week
The funds are not at risk, but it will take at least a week before the funds are unstuck because any code change requires a DAO vote. "Considering governance times, if approved, the fix will be applied in approximately 7 days from now: 1 day of delay to start voting, 3 days of voting, 1 day of timelock on Ethereum, and 2 extra days of timelock on Polygon," explained a post by Bored Ghost Developing, a contributor to Aave.
Phishing-as-a-service company "Inferno Drainer" steals assets nominally worth $5.9 million in three months
One Inferno Drainer victim lost assets worth around $417,000. They later sent an on-chain message to the thief, writing: "you are ruining my life and for me this money was a lifetime's work, I won't have enough my family..." They asked the attacker to return 50% of the funds stolen from them, offering to not report the scammer to Interpol and other authorities in return, and even offering to "sign a contract allowing you to use legally the stolen crypto".
Grumpy Cat trademark owner sends cease and desist via NFT over unauthorized "Grumpy Cat Coin"
However, Grumpy Cat's owner owns trademarks associated with Grumpy Cat, and it seems she has become aware of the coin. On May 18, she minted an NFT and transferred it to the Grumpy Cat Coin deployer address. The NFT image is a copy of a cease and desist letter representing Grumpy Cat Limited. The letter describes the coin offering as a "blatant and willful infringement of our client's trademark rights", and insists that the coin creators stop all activities related to the coin offering or face legal action. The letter also mentioned that the URL of the project website — grumpycat.fyi
— was a violation of the Anti-Cybersquatting Consumer Protection Act. The project subsequently changed its domain to gccoin.fyi
in an apparent effort to avoid this issue.
Simultaneously, a message addressed to holders of the Grumpy Cat Coin was posted to Grumpy Cat's Twitter account, describing the token as a "desperate, sad attempt to scam unwitting traders" by "SlumDoge Millionaire and their cohorts".
Coin Cafe to pay $4.3 million restitution after instituting high fees without informing customers
The New York Attorney General found that Coin Cafe's misleading fee structure was still in effect even after the company obtained a BitLicense from the Department of Financial Services.
Swaprum decentralized exchange rug pulls for almost $3 million
The project had been audited by blockchain security firm CertiK, and displayed the "audited by CertiK" badge on their website. This added to criticisms of CertiK, who have come under fire for auditing multiple projects that later turned out to be scams. CertiK defended themselves, writing that, "As an auditor, we cannot force projects to implement our recommendations, but we can clearly and publicly call out vulnerabilities where we find them". They argued that they had identified vulnerabilities within their audit that ultimately allowed for the exploit, including the high degree of centralization and the upgradability of the smart contracts.