CoinEx settles with New York for $1.7 million

The Hong Kong-based cryptocurrency exchange CoinEx has agreed to pay $1.17 million in refunds to investors and $600,000 in penalties for failing to register as a securities and commodities broker-dealer and for falsely representing itself as a crypto exchange. The lawsuit was initially filed in February, and alleged that the company "engaged in repeated and persistent fraudulent practices".

The company is also banned from operating in the state going forward. The agreement requires CoinEx to implement geoblocking to prevent people with New York IP addresses from accessing the platform, and prohibits the company from creating new accounts for US customers or allowing US customers to do anything other than withdraw their assets.

FPG halts withdrawals after $15–20 million hack

The institutional cryptocurrency broker Floating Point Group (FPG) announced to customers on June 14 that they would be suspending all activity on their platform following a "cyber security incident" that had occurred on June 11. "While the loss at this point is still being investigated and analyzed, the number as we understand it today is between $15M-$20M in cryptocurrencies lost," they wrote on Twitter.

The group announced that they were working with "the FBI, the Department of Homeland Security, our regulators and Chainalysis" to investigate the attack. The group had previously earned SOC 2 certification for its cybersecurity controls.

Texas securities regulator alleges in cease-and-desist that Abra crypto lender has been insolvent for months

In an emergency cease-and-desist issued on June 15, the Texas State Securities Board alleged that the Abra crypto lending firm was "insolvent or nearly insolvent" as of interviews conducted on March 31. The filing alleged that Abra and its founder William Barhydt had made investment offerings that were materially misleading, accusing them of securities fraud. Despite not contesting securities regulators' conclusion that Abra was insolvent, Abra repeatedly posted statements on social media such as the one on June 11, where they wrote "Abra is not bankrupt".

According to the complaint, although Abra claimed it stored customer funds with the Fireblocks crypto custodian, they had actually been "secretly transferring assets" to Binance.

The regulator also alleged that Abra had around $30 million in assets with Babel Finance, $30 million with Genesis, and $10 million with Three Arrows Capital — three companies in various stages of liquidation or bankruptcy. They also have $8.8 million with Auros, a firm that was in liquidation but has since exited the process.

Delio crypto lender suspends withdrawals

South Korean cryptocurrency lending platform Delio announced to its customers on June 14 that they would be suspending withdrawals. In a letter to customers, they wrote that the decision was taken in response to the withdrawal suspension by Korean yield platform Haru Invest the previous day, which they said had led to a "sharp increase in market volatility and increased confusion among investors". Haru's suspension had caused a "sudden surge of withdrawals on our end", said Delio CEO James Jung.

Delio, like Haru, advertised yields of more than 10%.

Banq goes banqrupt

Banq, a subsidiary of the Prime Trust crypto custodian, has filed for bankruptcy. Banq is a "crypto-friendly" payment processor based in Nevada, though according to the bankruptcy documents, former CEO Scott Purcell decided to try to pivot the company away from payments and into NFTs without approval from the board of directors. Banq's parent company, Prime Trust, has also been the subject of insolvency rumors recently.

In the bankruptcy filings, Banq alleges that $17.5 million in assets were stolen by former officers, described in the listing as "computers, trade secrets, proprietary information and technology, business records, etc." The transfer allegedly was made to Fortress NFT Group, a rival company founded by the former CEO, CTO, and CPO. A lawsuit from Banq filed against Fortress and the executives in May 2022 alleges that the executives "stole not only Banq's technology, but also significant other value of Banq's, and used the purloined property to launch Defendants Fortress NFT and Planet NFT using Banq's assets, employees, trade secrets and proprietary technology, claiming all of it to be their own." They also claim that the defendants deleted files and engaged in other fraudulent activity to try to cover up the theft.

Haru Invest suspends withdrawals

The South Korean yield platform Haru Invest abruptly suspended withdrawals and deposits on June 13. They wrote in a blog post that they were experiencing "a certain issue" with an unnamed partner, later announcing that "we have discovered through our internal inspection process that certain information provided by a consignment operator was suspected to be false."

The following day, the company named the partner as B&S Holdings (formerly Aventus), and announced that they were taking legal action against the company for filing falsified management reports.

Haru Invest advertised APR in the double digits.

On June 22, Haru laid off 100 employees. Haru explained in a blog post: "after much consideration, it comes with a heavy heart to inform you that we will be minimizing the operations of Haru Invest and its affiliated companies to prevent further damages that are likely to be incurred". Haru's CEO told local media that Haru's offices were empty because employees were working from home for their own safety. After Haru halted withdrawals, they closed their office, and CoinDesk reported that "all company officials disappeared".

BNB Chain team prepares to step in to prevent massive Venus Protocol liquidation

After the massive BNB Chain bridge hack in October 2022, the hacker was able to take out a massive position with the Venus Protocol defi lending project. They borrowed $150 million in stablecoins by putting up 900,000 BNB (~$244 million at the time).

The recent SEC lawsuit against Binance has caused the BNB token to plummet almost 25%, from $305 to ~$230. This puts the hacker's position dangerously close to the liquidation threshold of $220, which could cause substantial impact on the market via cascading liquidations.

In November, BNB Chain passed a governance proposal giving the BNB Chain core team the ability to liquidate the position if it approached the liquidation threshold, meaning they could repay the debt in a more controlled manner that wouldn't dump hundreds of thousands of BNB onto the market all at once.

On June 12 the Venus team tweeted a reminder: "BNBChain core team is ready to take over the $BNB position on Venus as planned if the BNB price hits the liquidation threshold. The liquidator address has prepared $30M already to refund the account loans with more to come if needed. No BNB will be dumped into the market and no shortfall is expected on Venus."

This is not the only bad debt on the Venus platform, which has been described as "opaque" by Protos and has been accused of trying to hide some of its liabilities.

Abandoned Atlantis Loans project exploited for $1.1 million

Although developers abandoned the Atlantis Loans defi lending project in early April due to "financial difficulties", as a self-executing defi protocol it has continued to chug along rather like a zombie. As the developers wrote when they abandoned the project, "Atlantis Loans as a protocol is fully decentralized and the only way to make changes or turn things off will have to be done through the governance."

Evidently, few people continued to pay much attention to the project, because an exploiter was able to come along and perform a governance attack targeting the users who still had active smart contract approvals with the defunct project. They published and voted on a proposal to allow them to upgrade the smart contract in such a way that they could then take advantage of the approvals to transfer the tokens to their own wallet address. Ultimately they made off with around assets notionally worth around $1.1 million.

Sturdy Finance exploited for $775,000

The Sturdy Finance defi lending protocol was exploited, with hackers taking advantage of an oracle manipulation vulnerability to make off with 442 ETH (~$775,000). They subsequently transferred the funds into Tornado Cash. The total loss to the project was somewhat higher: 504 ETH (~$884,000).

Roughly an hour after the attack, the project tweeted that they were aware of the attack, and had paused all markets. On June 19 the project sent a message to the attacker, pleading with them to return the funds and threatening: "There are criminal organizations following the same evidence trails we are. This isn't going away until you return funds. We are your best option out of this."

Minting of TrueUSD stablecoin through Prime Trust halted; TUSD deviates from peg

On June 10, TrueUSD announced on Twitter: "TUSD mints via Prime Trust are paused for further notification." They offered no further explanation. TUSD is the fifth largest stablecoin by market capitalization.

The decision may have been related to insolvency rumors surrounding Prime Trust, a US-based fintech company. On June 8, BitGo announced a non-binding letter of intent to acquire Prime Trust.

After the announcement, the TUSD stablecoin dipped as low as $0.9951. This is a seemingly small deviation from the $1 peg, but in the stablecoin world, such small variances can be serious.

Crypto.com to shut down institutional trading in the US

Singapore's Crypto.com has announced it will be imminently shutting down its institutional exchange service in the US, citing "limited demand from institutions in the U.S. in the current market landscape". The firm will continue to serve retail customers in the country, however.

CFTC awarded default judgment in case against Ooki DAO

Ooki DAO was sued in September of last year for allowing illegal trading of digital assets, engaging in activities only allowed by registered futures commission merchants, and not performing proper KYC. It was a potentially landmark case, as one of the first actions to be taken against a DAO and an opportunity to test various DAOs' claims that by decentralizing governance, they can skirt regulatory enforcement.

Now, a judge has awarded default judgment in the case, requiring the DAO to pay a more than $640,000 penalty, close down its website, and stop trading.

The court held that the Ooki DAO was a "person" under the Commodity Exchange Act and thus could be held liable for violations of the law.

Robinhood to delist Solana, Cardano, Polygon tokens after SEC describes them as securities

Robinhood announced that its crypto exchange will delist the tokens for Solana (SOL), Cardano (ADA), and Polygon (MATIC) after they were described as unregistered securities in lawsuits against Binance and Coinbase. They seem to be the first exchange serving US customers to delist tokens mentioned by the SEC in the lawsuits. On June 12, they were followed by eToro US, who delisted ALGO, MANA, DASH, and MATIC. On June 16, Bakkt delisted SOL, ADA, and MATIC.

While simply claiming in a lawsuit that a crypto token is a security does not necessarily constitute a firm decision that it is so, this has been enough in the past to lead exchanges to remove token listings. The 2020 lawsuit against Ripple and its XRP token led to the token widely being delisted from exchanges serving US customers.

Scammers capitalize on Binance lawsuit fears to pull off Discord phishing scam

Adding insult to injury in Binance's tough couple of days, someone has managed to hijack the Discord vanity URL used by BNB Chain, the blockchain project associated with Binance. The scammers created a fake Discord channel where they have posted a message: "In order to curb the reactionary market's response to patently false SEC accusations, we are hosting a $BNB airdrop on BSC to show our faith in our technology and community!" The scammers urged members to connect their crypto wallets, ostensibly to receive their share of the roughly 100,000 BNB (nearly $30 million) the scammers claimed they'd allocated to the giveaway.

After this was brought to BNB Chain's attention by crypto sleuth zachxbt, they tweeted that they "acted quickly (within 10 minutes) to ban the offending accounts and remove the posts. We've taken steps to secure the server and protect against any further abuse." However, less than an hour later they put out a new tweet announcing that the URL had been hijacked to redirect to a new server.

"This is a scam, and if you connect your wallet, you will lose your funds. Please exercise caution until we are able to confirm a resolution", they wrote.

SEC files complaint against Coinbase

The SEC has clearly been busy. The agency followed up its complaint against Binance by smacking Coinbase with charges the very next day. This isn't terribly unexpected: in late March the SEC hit Coinbase with a Wells notice, which is a formal notice saying "we're about to file a complaint against you, convince us not to." Coinbase decided that instead of any real attempt at convincing them not to, they would use the incident as a PR opportunity to try to win hearts and minds (of the public but also critically in Congress), convincing people that the SEC was being unfair to them and stifling innovation in the United States and all sorts of other things.

The SEC, apparently unconvinced by Coinbase's usual spiel, filed a complaint with five claims for relief involving operating without registering with the SEC and offering unregistered securities by way of providing a cryptocurrency staking program.

Coinbase has responded with its usual bluster, and vowed to fight the lawsuit. They don't really have much choice, given their business is almost entirely predicated on being able to continue operating in the US. A tweet by Coinbase CEO Brian Armstrong refers to "the US congress... introducing new legislation to fix the situation", suggesting he is hoping that Congress might bail him out of the mess he's in. Given the amount of lobbying Coinbase has been doing, and the apparent bought and paid for crypto advocates who sit in Congress, his hopes are not entirely misplaced, but we shall see. As with the lawsuit against Binance, this is not likely to resolve anytime soon, particularly if the companies both decide to fight in court.

SEC files complaint against Binance

The SEC has filed a complaint against Binance, various related companies, and Binance CEO Changpeng "CZ" Zhao. They allege that the company has been acting with "blatant disregard" of US securities laws through their operation of unregistered trading platforms, have performed multiple offers of unregistered securities and investment schemes, and have defrauded investors through material misstatements around supposed controls for manipulative trading activity, such as wash trading, on the Binance platforms.

The complaint echoes some of the allegations made by the CFTC in a March lawsuit, including that Binance.US was primarily a front for Binance's international platform that was used to try to distract US regulators. However, it also goes farther by adding allegations around Binance's lack of controls around market manipulation, which the SEC alleges contradict public statements by Binance that they had sophisticated programs to prevent wash trading and other manipulative actions. The SEC even claims that the CZ-owned and -operated market maker Sigma Chain was engaged in substantial wash trading on the platform.

The SEC lawsuit was also a bit of a bombshell in its naming of some major cryptocurrencies as securities: SOL, ADA, MATIC, FIL, ATOM, SAND, MANA, ALGO, AXS, and COTI. These are the crypto assets associated, respectively, with the Solana, Cardano, Polygon, Filecoin,[d] Cosmos, The Sandbox, Decentraland, Algorand, Axie Infinity, and Coti projects.

Atomic Wallet hacks total over $100 million

Multiple users of the Atomic Wallet software suffered wallet compromises totaling more than $100 million in a spate of hacks suggesting an issue with the wallet itself. Atomic Wallet is a self-custody wallet, a suggested safer alternative than storing crypto assets in accounts controlled by third party companies. In February 2022, a security firm was forced to publicly disclose issues with the Atomic Wallet software after attempting to address them with the company via traditional routes, but went ignored.

Following the thefts, Atomic Wallet tweeted that they were aware of the reports of wallet compromises, and that they were attempting to learn more about the attacks, but had not yet confirmed any method of attack. They've since taken down the wallet software download page, likely out of concern that the software itself has been compromised.

Crypto sleuth zachxbt compiled a list of reported compromised Atomic Wallets, finding that multiple individuals lost multiple millions in the attack. The largest known individual theft so far involved almost $8 million in USDT (Tether); other individuals lost $2.8 million in USDT and 1,897 ETH (~$3.5 million).

Users of Atomic Wallet have been advised to transfer their assets to other wallets.

On June 6, both zachxbt and blockchain research group Elliptic speculated that the laundering strategy by the thieves resembled that of the North Korea-linked Lazarus Group, which has been responsible for other major crypto thefts.

unshETH compromised after private key leaked to GitHub

After a developer leaked private keys to GitHub, someone used them to drain $375,000 from the unshETH defi project. The project emergency paused withdrawals of unshETH ether to prevent further damage.

The leaked key allowed the attacker to transfer ownership of project smart contracts to themselves, though they later returned ownership.

unshETH posted a message to the hacker, demanding they return 90% of the stolen funds. They threatened: "We want to be clear, and this is not a bluff: we know who you and some people connected to you (friends) are, and we will absolutely move forward with law enforcement if you have not returned the money by the deadline above. We don't want to do this to you or have to rope your friends in, and would prefer everything be settled and everyone just move forward, but if we don't get the funds back by the above-mentioned time, we will be left with no choice in order to protect our protocol."

"Sounds exactly like someone bluffing would say", wrote one commenter.

Trust Reserve employees arrested

A Chinese cryptocurrency publication has reported that the staff of Trust Reserve (formerly CNHC Group) were detained by police. A sign on the door of the company's office in Shanghai announced "judicial seizure".

Trust Reserve issues the CNH offshore yuan-pegged stablecoin and the HKDC Hong Kong dollar-pegged stablecoin. The company had received funding from sources including the KuCoin crypto exchange.

Binance delists privacycoins in various European regions, later reverses decision

Seeming to bow to regulatory pressures, Binance announced they would delist various privacycoins including Monero, ZCash, and MobileCoin for some regions. Privacycoins are tokens that aim to obscure more of the information involved in a transaction, in contrast to the very public nature of the wallet addresses and transfer amounts of most cryptocurrency transactions.

Binance did not list the jurisdictions in which it would be ending privacycoin trading, but users in France, Spain, and Poland all reported receiving alerts. This suggested it could be related to the recent passage of the MiCA crypto legislation in the European Union. The resolution states: "The operating rules of the trading platform for crypto-assets shall prevent the admission to trading of crypto-assets that have an inbuilt anonymisation function unless the holders of those crypto-assets and their transaction history can be identified by the crypto-asset service providers operating a trading platform for crypto-assets."

In late June, Binance announced that they had reversed their decision, and would continue to offer the tokens.

Binance reportedly begins layoffs

Crypto giant Binance has reportedly begun layoffs, according to independent crypto reporter Colin Wu, who cited several anonymous sources. The layoffs will amount to around 20% of Binance's 8,000-person workforce, said Wu.

Binance issued a statement that the firings were related to poor performance and "cultural fit", an unlikely explanation for such a substantial cut.

In January 2023, Binance CEO Changpeng Zhao had stated that Binance planned to grow its employee count by 15–30% in 2023, even after more than doubling its employees in 2022. In March, responding to rumors of layoffs, Binance stated that they were "not planning any layoffs" and that in fact they planned to hire more than 500 employees by mid-year.

NFL labor union is out almost $42 million thanks to crypto collapse

A report from The Athletic indicates that the National Football League Players Association, a labor union for NFL players, has been unable to collect nearly $42 million it is owed in licensing and sponsorship revenue. The Athletic cited sources suggesting the issue was directly related to the collapse of the crypto industry, and to its partners renegotiating licensing deals due to the downturn.

The amount is owed by affiliate OneTeam Partners. In April, Sportico reported that sports NFT platform Dapper Labs had discussed restructuring its deal with the NFL and NFLPA due to an extremely rocky year. So too had DraftKings, which had signed a deal with the NFLPA for its "Reignmakers" player trading card NFTs.

"Charity NFT project" by supposed cancer patient raises $117,000 with stolen art before being exposed as a fraud

Tweets by Andrew Wang: "I woke up today to see one of my friends trending on twitter, @Hopeexist1. she made a collection to help herself battle cancer and some awesome web3 people spotlighted her today, so i'd like to add to it

I'll put my rep on the line to say this is for real amidst all the scams in our space. I speak with her art teacher often when she's gone for treatment and he says she's the best student he's ever had, that her talent is too precious, that she must survive. He cares like a father"Tweets by Andrew Wang promoting the scam (attribution)
A person claiming to be battling cancer created a "charity NFT project" ostensibly to help with her treatment. She convinced some crypto influencers to promote the project, including Andrew Wang, a popular Twitter account with nearly 200,000 followers. Wang tweeted, "I'll put my rep on the line to say this is for real amidst all the scams in our space". He claimed to have spoken with the NFT project creator's art teacher, writing: "he says she's the best student he's ever had, that her talent is too precious, that she must survive."

Several hours later, the project creator deleted her Twitter account, and crypto sleuth zachxbt unearthed evidence that the pixel art she had been selling as NFTs had been stolen from various others. Altogether, the "Pixel Penguins" NFT project she promoted raised around 63.5 ETH (~$117,000).

Wang later apologized for promoting the scam, claiming that he had tried to do due diligence but had been in contact with her for over a year, and had spoken on the phone with someone claiming to be her art teacher. However, zachxbt wrote, "Seems some people called it out last year. Not sure how much he actually 'verified'".

MoonPay executives pocketed $150 million raised from Series A

According to a report from The Information, MoonPay executives including CEO Ivan Soto-Wright pocketed $150 million from their $555 million Series A funding round completed in November 2021. MoonPay is a crypto payments platform known for its NFT "concierge" service popular among celebrities, and for the various allegations of undisclosed promotion leveled against it related to some of those celebrity deals.

According to The Information, MoonPay never disclosed that $150 million of the Series A funding was used to purchase shares from insiders including Soto-Wright, and never went to the company. Several weeks after the funding round, Soto-Wright purchased a $38 million Miami mansion.

Bybit exits Canada

The cryptocurrency exchange Bybit announced that they would be exiting Canada. The company cited "recent regulatory development" in the country for their decision to stop offering services to Canadian customers.

In June 2022, Bybit settled a complaint from the Ontario Securities Commission for operating an unregistered platform and offering unregistered securities to Ontarian investors. The company disgorged CA$2.5 million (US$1.9 million) as result. At the time, the OSC stated that Bybit was working to come into compliance with the OSC's requirements.

Apparent whitehat exploits El Dorado Exchange, claiming developers built in a backdoor to steal user funds

The new Arbitrum-based El Dorado Exchange (EDE) was exploited for around $580,000. In an interesting twist, the attacker claimed to be a whitehat who was exposing that the developers had "implemented a backdoor that allowed them to force liquidate any position they desired. This activity involved intentionally signing incorrect prices to manipulate users' positions and steal their funds".

The attacker promised to return all funds, minus a 10% "white hat fee", if the developers "admit to manipulating the prices", and also offered to disclose other vulnerabilities they claimed to have found in the project.

The project founders wrote in response: "Yes we acknowledge making an ill-advised decision to manipulate the price. However our intention was to blacklist those who had previously exploited the system, fully aware that all transactions are recorded on the blockchain. We did not aim to misappropriate users funds as this would leave a traceable record. We will promptly remove the problematic bomb contract."

The exploiter began returning funds shortly afterwards.

BKEX crypto exchange halts withdrawals due to money laundering investigation

The BKEX crypto exchange announced on May 29 that they would be suspending withdrawals, claiming it was related to a police investigation. "Recently, the platform users' funds were involved in 'money laundering' and BKEX is currently cooperating with the police to collect evidence, for which we will suspend withdrawals to cooperate with the work", they wrote in an announcement on their website.

The exchange offered no estimate of when withdrawals might be re-enabled.

Jimbos Protocol exploited for $7.5 million

Three days after the launch of its v2 protocol, the Arbitrum-based Jimbos Protocol was exploited for 4,090 ETH (~$7.5 million). The project had not properly controlled for slippage, which enabled an attacker to use a flash loan to manipulate the trading pairs on the project. The attacker then bridged the stolen funds to the Ethereum chain.

After the attack, Jimbos Protocol tweeted "We are aware of the exploit regarding our protocol and are actively in contact with law enforcement and security professionals. We will release further information when possible." They also sent an on-chain message to the exploiter, offering to stop all investigations if the hacker returns 90% of the stolen funds.

Nigerian crypto trading app Patricia suffers multimillion dollar theft, freezes withdrawals

Patricia, a retail cryptocurrency trading app in Nigeria, froze withdrawals after revealing that they had suffered a ₦2 billion hack. According to the outlet TechCabal, despite announcing the hack in May 2023, the incident actually occurred in January 2022, but Patricia had managed to hide it up until that point.

The stolen ₦2 billion would have been worth around US$4.8 million based on the value of the Naira at the time of the theft.

Malfunctioning bot costs Poo Finance token hunters $440,000

Some traders hoping to snipe new tokens launched by Poo Finance (yes, really) decided to try to use a MEV bot to snag priority ordering compared to other pending blockchain transactions. They spent a combined 240 ETH (~$440,000) to be spent on the tokens and on bribes paid to the bot. However, the bot sent the tokens to the wrong Uniswap pool, ultimately obtaining only 4 ETH (~$7,300) of Poo Finance tokens.

Coinone employees "admit to facts" in case regarding token listing bribes

A lawyer for a broker and the former director of the South Korean cryptocurrency exchange Coinone have told a court that their clients "admit the facts of the prosecution". The director, "Mr. Jeon", is accused of accepting more than ₩2 billion (~$1.5 million) in bribes in exchange for listing shady tokens on the exchange. In one case, the exchange was the only platform to list a token called "Furiever Coin", which has been linked to a kidnapping and murder investigation in Seoul.

Four executives were arrested in connection to the investigation in April, under suspicion that they had received ₩2.4 billion (~$2.2 million) in bribes in exchange for listing dozens of coins.

Coinone is one of the most popular South Korean cryptocurrency exchanges. In July 2022, it was among the seven exchanges raided by Korean authorities in the wake of the Terra/Luna collapse, as the country began applying harsher scrutiny to crypto platforms.

Crypto payments firm Unbanked to shut down

The US-based crypto payments and custody platform Unbanked announced in a blog post that they will be shutting down services. The company was founded in 2018, and claimed they wanted to provide regulated, on-shore services to US-based companies hoping to engage with crypto. As is common with blockchain company shutdowns these days, they blamed US regulators. Referring to their choice to build the company in the US, they wrote: "We unfortunately learned... taking this path lead [sic] to a lot of wasted time and excessive costs. To state it bluntly, US regulators are actively trying to stop companies (banks and fintechs) from supporting crypto assets – even when the companies are trying to do it correctly and by the book. Their efforts are working and ultimately limited Unbanked’s ability to raise capital and run a self-sustaining business."

However, Unbanked also let on that their closure was more related to an investment falling through than to any regulatory issues. The company wrote that a $5 million investment was never delivered, and that the company had "exhausted all options" funding-wise.

DCG shutters TradeBlock subsidiary

Digital Currency Group, the parent company of several companies in the crypto industry including Genesis, Grayscale Investments, and CoinDesk, announced that it will be shuttering TradeBlock, its trade execution and prime brokerage services unit. The company cited the typical reasons: "crypto winter" and "the challenging regulatory environment for digital assets in the U.S."

The decision comes amidst broader troubles for DCG, which is embroiled in the bankruptcy proceedings of its Genesis subsidiary. Earlier in May, DCG missed a $630 million payment to Genesis.

Hackers steal around $170,000 after compromising Steve Aoki's Twitter account

Headshot of Steve AokiSteve Aoki (attribution)
Twitter account compromises remain a lucrative way to scam crypto enthusiasts. Someone was able to compromise the Twitter account belonging to electronic musician and crypto enthusiast Steve Aoki, posting a fake link to his NFT project that drained unsuspecting traders' wallets.

The scam was helped along by ben.eth, a Twitter personality who retweeted one of the tweets by the compromised account in which Aoki appeared to endorse a token created by ben.eth. According to crypto sleuth zachxbt, multiple followers of ben.eth were impacted by his retweet, which zachxbt characterized as "quote tweet[ing] a phishing scam posted by the compromised @steveaoki account for clout". Ben.eth ultimately promised to reimburse his fans who lost money thanks to his tweets.

Transactions stuck on Multichain blockchain bridge due to "force majeure"

The Multichain blockchain bridge, formerly known as Anyswap, encountered an apparent issue as users' funds were delayed for over 24 hours in getting to their destination. Some reported delays since as far back as May 21. The delay was blamed on a backend upgrade "taking longer than expected". Multichain later tweeted that "some of the cross-chain routes are unavailable due to force majeure, and the time for service to resume is unknown". They also announced that they would compensate affected users.

Meanwhile, rumors swirled that the Multichain team had been arrested by Chinese police, though there doesn't seem to be much corroborating evidence of this.

The issues and the rumors sparked a drop in token price of around 30%. Several large parties also appeared to distance themselves from the project and its token, including the Fantom Foundation, which withdrew 449,740 MULTI (~$2.4 million) in liquidity on SushiSwap.

On May 31, Multichain issued a statement that "we are currently unable to contact CEO Zhaojun and obtain the necessary server access for maintenance", and wrote that even more bridges were being impacted by the same issues as in the previous week.

Morgan DF Fintoch likely exit scams for around $31 million

A Ponzi scheme called Morgan DF Fintoch lured consumers by claiming to be owned by the American banking giant Morgan Stanley. Morgan Stanley themselves warned of the scheme, writing that it was an impersonator, and that any claims of affiliation were false. The government of Singapore also issued a warning about the firm in early May. The company advertised a wallet which they claimed would "pay 1% per day,36% 30 Days and 100% in 63 days".

On May 23, crypto sleuth zachxbt tweeted that the project appeared to have executed their exit scam, bridging around 31.6 million Tether to various addresses. Platform users began to report that they could not withdraw funds.

Brand new $CS token exploited for almost $700,000

An attacker exploited the brand new $CS token for almost $700,000 using a flash loan exploit. They then swapped the funds into around 383 ETH ($689,400) and laundered them through Tornado Cash.

Tornado Cash DAO suffers hostile takeover

A proposal ostensibly to penalize cheating network participants in the Tornado Cash crypto tumbler project successfully passed by DAO vote. However, the proposer had added an extra function, which they subsequently used to obtain 1.2 million votes. Now that they have more than the ~700,000 legitimate Tornado Cash votes, they have full control of the project.

The attacker has already drained locked votes and sold some of the $TORN tokens, which are governance tokens that both entitle the holder to a vote but also were being traded for $5–$7 around the time of the attack. The attacker has since tumbled 360 ETH (~$655,300) through Tornado Cash to obscure its final destination. Meanwhile, $TORN plummeted in value more than 30% as the attacker dumped the tokens.

The attacker now has full control over the DAO, which according to crypto security researcher Sam Sun grants them the ability to withdraw all of the locked votes (as they did), drain all of the tokens in the governance contract, and "brick" (make permanently non-functional) the router.

Croatian cryptocurrency investment company BitLucky reportedly collapses; more than $75 million allegedly missing

Croatian company BitLucky told its customers that it would invest their money in cryptocurrencies, promising 5–25% monthly profits. However, its director Luka Burazer wrote an email to clients on May 19, explaining: "Dear clients, with a series of bad trades and decisions, unfortunately, I have brought the state of the company into a crisis situation. We will have more information in the following days". He and the company co-founder have since gone dark, turning off their cell phones, not replying to emails, and deleting their social media presence. According to Croatian news outlet Jutarnji list, a secretary for the company reached on the phone explained, "the director went crazy and spent all the money". The losses allegedly involve crypto assets notionally worth €70 million (~$75.7 million), and affect at least 700 individuals.

Some have expressed the opinion that BitLucky was a Ponzi scheme all along, given the unreasonable promises of 5–25% monthly returns. The editor of a crypto news outlet also expressed that "there was a 'line of [red] flags'", including that Burazer never wanted to appear in the media or have his picture shown online.

WDZD Swap exploited for $1.1 million

On May 19, an attacker successfully exploited the BNB Chain-based defi project WDZD Swap, making off with 609 Binance-Pegged ETH (~$1.1 million). The attack was apparently executed by a known exploiter, who had also previously exploited a project called Swap X.

Around $110 million "stuck" in Aave protocol on Polygon due to a bug that can't be fixed for a week

Recently, the Aave protocol deployed a contract upgrade on the Polygon version of their v2 project that was not compatible with Polygon. The bug has resulted in around $110 million of funds in wETH, wBTC, USDT, and wMATIC being "stuck", meaning users can't perform any actions involving those funds.

The funds are not at risk, but it will take at least a week before the funds are unstuck because any code change requires a DAO vote. "Considering governance times, if approved, the fix will be applied in approximately 7 days from now: 1 day of delay to start voting, 3 days of voting, 1 day of timelock on Ethereum, and 2 extra days of timelock on Polygon," explained a post by Bored Ghost Developing, a contributor to Aave.

Phishing-as-a-service company "Inferno Drainer" steals assets nominally worth $5.9 million in three months

A scam-as-a-service company identified by ScamSniffer and dubbed "Inferno Drainer" has stolen assets nominally worth around $5.9 million since mid-February. The vendor sells phishing scam software that is then used by phishers to target victims, who believe that they are interacting with an established crypto project. Inferno Drainer takes 20–30% of the stolen funds as "payment" for the scam software.

One Inferno Drainer victim lost assets worth around $417,000. They later sent an on-chain message to the thief, writing: "you are ruining my life and for me this money was a lifetime's work, I won't have enough my family..." They asked the attacker to return 50% of the funds stolen from them, offering to not report the scammer to Interpol and other authorities in return, and even offering to "sign a contract allowing you to use legally the stolen crypto".

Grumpy Cat trademark owner sends cease and desist via NFT over unauthorized "Grumpy Cat Coin"

A Grumpy Cat Coin memecoin emerged in May, with a website using illustrations of the late real-life Grumpy Cat to promote the coin. Crypto influencers, including the "SlumDoge Millionaire", jumped on board to promote the token. (The "SlumDoge Millionaire" is Glauber Contessoto, a person who briefly became a paper millionaire from, as he claims, emptying his bank account, selling all his stocks, and maxing out credit cards to buy 5 million Dogecoin during the 2021 crypto frenzy. His holdings spiked to over $1 million in value, but he didn't cash out; they are now priced at around $365,000.)

However, Grumpy Cat's owner owns trademarks associated with Grumpy Cat, and it seems she has become aware of the coin. On May 18, she minted an NFT and transferred it to the Grumpy Cat Coin deployer address. The NFT image is a copy of a cease and desist letter representing Grumpy Cat Limited. The letter describes the coin offering as a "blatant and willful infringement of our client's trademark rights", and insists that the coin creators stop all activities related to the coin offering or face legal action. The letter also mentioned that the URL of the project website — grumpycat.fyi — was a violation of the Anti-Cybersquatting Consumer Protection Act. The project subsequently changed its domain to gccoin.fyi in an apparent effort to avoid this issue.

Simultaneously, a message addressed to holders of the Grumpy Cat Coin was posted to Grumpy Cat's Twitter account, describing the token as a "desperate, sad attempt to scam unwitting traders" by "SlumDoge Millionaire and their cohorts".

Coin Cafe to pay $4.3 million restitution after instituting high fees without informing customers

Cryptocurrency trading platform Coin Cafe will pay $4.3 million in restitution to customers who were charged high fees after signing up for a "free" crypto custody service. The firm instituted fees for its wallet service in September 2020, but never informed customers. They also increased the fees four times without informing their users. At one point, they charged 7.99% of the account balance or $99, whichever was greater, per month if a user did not transact that month. This resulted in some investors being charged fees equal to 96% of their holdings. One investor was charged more than $51,000 in fees in 13 months; another was charged $10,000 in a single month.

The New York Attorney General found that Coin Cafe's misleading fee structure was still in effect even after the company obtained a BitLicense from the Department of Financial Services.

Swaprum decentralized exchange rug pulls for almost $3 million

Decentralized exchange Swaprum, a project on the Arbitrum layer-2 network, suddenly disappeared with around 1,628 ETH (~$2.96 million) in an apparent rug pull. The thieves then mixed the money through Tornado Cash.

The project had been audited by blockchain security firm CertiK, and displayed the "audited by CertiK" badge on their website. This added to criticisms of CertiK, who have come under fire for auditing multiple projects that later turned out to be scams. CertiK defended themselves, writing that, "As an auditor, we cannot force projects to implement our recommendations, but we can clearly and publicly call out vulnerabilities where we find them". They argued that they had identified vulnerabilities within their audit that ultimately allowed for the exploit, including the high degree of centralization and the upgradability of the smart contracts.

Sam Altman's Worldcoin project incentivizes a black market for biometric data taken from people in developing nations

"Show me the incentive and I will show you the outcome."

Sam Altman's Worldcoin project, a dystopian effort to use chrome orbs to scan the irises of people (often in developing nations) in exchange for vague promises of crypto compensation, is encountering even more difficulties. In April 2022, BuzzFeed News and MIT Technology Review both published in-depth reporting on some of the technical and ethical issues the project has run up against.

Now, the project is facing reports that people in China, who are not allowed to sign up legitimately, have been purchasing iris scans from individuals in Africa and Southeast Asia in order to circumvent the restriction. According to the news outlet BlockBeats, Chinese individuals have been engaging in "eyeball speculation": buying biometric data scanned en masse from villagers in Cambodia, Kenya, and elsewhere by people who then sell it for $30 or less, allowing the buyer to receive the associated Worldcoin payout (currently ~$20).

Worldcoin has said they are rolling out various measures to try to discourage this activity, including changing the in-person sign-up process. However, the project acknowledged that they have not figured out how to prevent this, writing: "Despite these precautions, it is important to acknowledge that they do not entirely safeguard against collusion or other attempts to bypass the one-person-one-proof principle. To address these challenges, innovative ideas in mechanism design and the attribution of social relationships will be necessary."

Former Fabric CFO accused of siphoning $35 million into his crypto startup and losing it all

Black and white headshot of Nevin ShettyNevin Shetty (attribution)
Nevin Shetty, the former chief financial officer of the Fabric e-commerce platform, was federally indicted for wire fraud after allegedly misappropriating $35 million from Fabric to put into his cryptocurrency platform HighTower. Shetty stole the money in April 2022, shortly after being told he would be fired from Fabric for performance reasons.

According to the grand jury indictment, Shetty planned to put the funds into cryptocurrency positions that "could have yielded returns of 20 percent or more annually", and planned to return 6% to Fabric, keeping the difference. This so-called "investment" contradicted the conservative investment strategy that Shetty had helped to draft for Fabric, and he concealed both the existence of the transfer and his involvement with HighTower.

Shetty "lost virtually all of [Fabric's] money" "within a matter of weeks", at which point he fessed up to Fabric. Shetty had placed all of the funds into protocols based around the Terra stablecoin, which collapsed dramatically only a month later.

Shetty has pled not guilty, and has been released on bond.

Traders lose more than $15 million to phishing website impersonating crypto exchange HitBTC

Blockchain security firm SlowMist has reported that a phishing website appearing to be the real cryptocurrency exchange HitBTC has stolen more than $15 million worth of Bitcoin, Tether, and Ether from users believing it to be the real thing. Users who didn't notice they were accessing a site with the URL hitbt2c.lol instead of hitbtc.com approved transactions to swap their crypto assets, only to find the site drained their wallets.

South Korean legislator Kim Nam-kuk resigns over allegations of improper crypto dealings

Photograph of Kim Nam-kukKim Nam-kuk (attribution)
South Korean lawmaker Kim Nam-kuk has resigned over a cryptocurrency scandal. On May 8, 2023, The Korea Times reported that Kim cashed out around 800,000 Wemix tokens priced at around ₩6 billion (~$4.5 million) in previously unreported cryptocurrency assets shortly before Korea's March 2022 imposition of the travel rule, which requires disclosures around the identities of those involved in large crypto transactions. Kim denied the allegations, claiming he had simply moved the assets to another exchange. Other legislators and citizens expressed shock at Kim's apparent crypto wealth, as he had portrayed himself as someone who was not affluent.

Other concerns arose regarding the discovery of the assets. Some were worried about possible conflicts of interest, particularly in relation to Kim's 2021 proposal of a bill that would delay taxation of crypto profits. Others were worried about the source of the funds used by Kim for crypto trading; Kim claims he did not receive money from anyone to use for trading, and obtained the money through the sale of stocks.

On May 10, the Democratic Party recommended Kim sell his crypto holdings, and launched an investigation. Kim said later that day that he would perform the sales, and "transparently disclose data to the investigation team and undergo the inquiry faithfully".

On May 14, Kim resigned from the Democratic Party "for a while", continuing to deny the allegations but expressing wishes to not burden the party and its members over the controversy.

The subsequent day, Korean authorities raided the offices of Korean crypto exchanges Bithumb and Upbit in connection to the scandal, seeking transaction records and other information. Kim was reported to use those services for his crypto wallets.

a16z-backed Mecha Fight Club NFT robot cockfighting game put on ice as maker pivots to AI

A robotic chicken with a white and blue chassisMechaFightClub #6185 "Jacques Strap" (attribution)
A year ago, Andreessen Horowitz general partner Arianna Simpson wrote about the firm's investment into Irreverent Labs. Simpson had joined their first $5 million funding round, and Andreessen Horowitz led their $40 million Series A. The company had yet to produce any product, but successfully pitched Simpson on what she described as "some sort of chicken game".

Now, the company has announced that the project will be paused "for the indefinite future", blaming "lack of clarity" and "regulatory confusion" in the United States. The company simultaneously announced "SOL 4 Cocks", in which they will repurchase the Mecha Fight Club NFTs for 18 SOL (~$380). The NFTs had originally minted for 6.969 SOL (~$290 on mint date).

Irreverent Labs' website and social media now describe the company as an AI firm building "text to 3D and video prediction tools that facilitate the creation of AI-generated 3D content".