Although Kraken argued against the order, describing it as an "unjustified treasure hunt", the judge determined that the IRS was justified in its request, and ordered Kraken to cough up the records. The IRS alleged that although the exchange has more than 4 million users, and has processed $140 billion in trades since its inception in 2011, only 288,330 of those users have filed tax returns.
According to Phillips, it took months before he was able to get in touch with Huobi and convince them to act on the leak. Phillips first notified Huobi of the leak in June 2022, and after repeated efforts to contact the company, the credentials were only revoked in June 2023.
Huobi has tried to downplay the hack, first stating that the user data leak was "on a small scale (4,960 individuals)" and "does not involve sensitive information and does not affect user accounts and fund security". They also claimed the leaked OTC data was test data. "The log shows that only [Phillips] has downloaded, and [Phillips] has also stated that he has deleted. Therefore no leakage is actually caused," they wrote.
According to CoinGecko, Huobi is the seventeenth-largest cryptocurrency exchange by volume.
"Product market fit continues to be difficult to find, and the reality is that members of our team are feeling the itch to explore other pursuits," they wrote. "We’d hoped that by now the rest of the world’s industries would have begun adopting blockchain tech at a larger scale, but that still feels a ways away."
The mint itself was plagued with issues, with many collectors complaining they weren't able to buy NFTs due to technical difficulties. A team member apologized for the issues, writing that they were "gutted over what happened" but that "we have an amazing reveal experienced planned that will kick off soon".
When the reveal happened, people were disappointed to say the least. They expected a unique look that would not "dilute" the value of the original Azuki collection, and were met with what many feel is a low-effort clone of the original Azukis. Some observed NFTs in the Elementals collection that appeared to be direct duplicates of ones in the original collection, which Azuki later wrote was a "technical glitch" that was quickly corrected. The floor price of the Elemental NFTs, as well as those of other Azuki projects, immediately suffered. While people paid 2 ETH for the NFTs, they're now going for 1.5 ETH (~$2,825) at floor, a 0.5 ETH (~$925) loss. The floor price of the original Azuki collection tanked from ~15 ETH (~$28,200) to ~9 ETH (~$16,920), a 6 ETH ($11,280) loss.
Azuki wrote an apologetic thread on Twitter, writing that they had "missed the mark... the mint process was hectic, the PFPs feel similar and, even worse, dilutive to Azuki." Perhaps they will wipe their tears with some of the 20,000 ETH they're sitting on.
Only eleven days later, on June 27, the team boasted that the project "has grown to over $1m TVL in 2 working days". An hour after that, they announced that they would be suspending the protocol and beginning an immediate investigation into an apparent theft. Themis boasts in its documentation that "security is the highest priority" of the project, and lists multiple audits from PeckShield.
An attacker was apparently able to exploit the project, draining around 220 Themis-wrapped ETH (nominally worth ~$417,000). Due to liquidity issues, they could only swap these for around 94 ETH (~$178,000) and almost $190,000 in stablecoins, for a total haul of around $368,000.
On June 27, the developers set the governance role to a malicious smart contract, which used a "panic" function to withdraw funds from the Chibi project. They then quickly swapped the funds to 555 wETH (~$1.05 million), bridged them to the Ethereum main chain, and laundered them through Tornado Cash.
Chibi Finance has since deleted its website and Twitter profile. Meanwhile, some crypto influencers who had promoted the project caught heat for doing so.
In the filing, NFID alleges that Prime Trust discovered in December 2021 that it couldn't access some customer wallets, and so "purchased additional digital currency using customer money from its omnibus customer accounts" in order to satisfy withdrawals from said wallets.
Prime Trust reportedly has liabilities of around $82.8 million in fiat currency, plus another $860,000 of digital asset-denominated liabilities. "[Prime Trust] is in an unsafe financial condition and/or is insolvent. Additionally, [Prime Trust's] condition will only progressively worsen as customers continue to withdraw," wrote the regulator.
Now, a report from the New Zealand Herald suggests that the company's director Colin Salisbury took more than NZ$3.24 million (~US$2 million) in customer funds, put it into multiple cryptocurrency platforms over a period of almost two years, and lost it all. Another ~US$800,000 was lost in at least four fraudulent crypto platforms which just "ceased to exist".
We Are Bamboo tried to blame the collapse of their business on the COVID-19 pandemic and on a group of customers whose "actions and online influence have broken us". "Our intentions here are not to play the victim but simply share with you the levels to which this group has gone to ensure our downfall, and made it their sole purpose to attack us, our families, our staff, and our customers with the intent to destroy Bamboo," they wrote. However, a liquidator in the We Are Bamboo bankruptcy says they discovered the cryptocurrency transactions, which explained the true demise of the company.
Salisbury reportedly engaged in the crypto trading because he was concerned that the US dollar might lose value. Guess he found out the hard way what crypto could do for the value of his customers' funds.
Former NRL star and convict Jarryd Hayne reportedly loses more than $500,000 to a Bitcoin scam run by fellow inmate
Jarryd Hayne is a convicted rapist once known for his careers in rugby league and, briefly, American football. He's serving several years in jail, after being convicted of rape, winning an appeal, being retried, and once again being found guilty.
Hayne is one of several inmates apparently convinced by the Ponzi schemer inmate, Ishan Seenar Sappidee, that he could make them massive returns. Hayne provided around AU$780,000 (~US$521,000) in Bitcoin to the enterprising inmate, who apparently amassed more than AU$2 million (~US$1.3 million)from at least seven inmates.
SpireBit claimed to be partnered with established companies within and outside of the crypto ecosystem, and took on the name of a real company as its supposed "parent" firm. Its online footprint was convincing at a glance, but a little digging revealed LinkedIn profiles using stock photos as portraits.
After NPR began poking around, the UK's Financial Conduct Authority issued a warning that SpireBit "is an unauthorised firm that uses the details of a genuine FCA-regulated firm when offering products and services. This makes the unauthorised firm appear as if it is regulated."
NPR could not determine how many people had fallen for the scheme, or how much money had been lost in total.
The regulator also demanded Binance return all crypto assets to customers, or transfer them to a company authorized in Belgium. They also noted that "The Crown Prosecutor of Brussels has been informed of the acts that are liable to constitute a criminal offence."
Around $1.25 million in various assets have been stolen thus far, with the largest single loss exceeding $150,000.
The project was real, and they had in fact brought on Bryan as an advisor and investor. Bryan later stated in a YouTube video that he had "[taken] the majority of my Bitcoin and rolled it into this technology". However, the firm scrapped its plans for an initial coin offering in 2019. Despite this, Bryan continued pitching the ICO to friends and family with the promise of big returns. One investor, a college student, he reeled in after matching with her on the dating app Bumble. Various sources told The Hollywood Reporter they'd lost between $5,000 and $25,000, for a total of almost $50,000.
In October 2020, Producers Market cut ties with Bryan. This coincided with Bryan being arrested for felony strangulation and other charges in regards to a drunken assault on a girlfriend, which he later pled down to misdemeanor menacing and fourth-degree assault.
Ponzi scheme promising a blockchain app to identify dogs by their nose-prints scams investors out of $127 million
As for the noseprint reader, well, it was found to be a fake product that (shockingly) didn't use a blockchain at all. The company had also promised to build "theme parks for pets", but had not leased any of the sites it had identified.
Now, the cease and desist, filed June 21, has become public. It alleges that "the overall financial condition of [Prime Trust] has considerably deteriorated to a critically deficient level" and that "On or about June 21, 2023, Respondent was unable to honor customer withdrawals due to a shortfall of customer funds". The NFID alleged that Prime Trust "has materially and willfully breached its fiduciary duties to its customers by failing to safeguard assets under its custody and is unable to meet all customer disbursement requests."
Prime Trust had been a partner of the TrueUSD stablecoin, which halted minting on June 10 for undisclosed reasons.
- Order to cease and desist, State of Nevada Department of Business and Industry Financial Institutions Division
Shortly after BitGo's announcement, Prime Trust client Stably announced that they had received a letter from Prime Trust announcing that deposits and withdrawals would be halted. Prime Trust stated that the halt was by order of the Nevada Financial Institution Division, which had been issued the previous day.
As it turned out, Elena had actually directly copied the pixel art from various sources. When accused of copying it, she published a screen capture video claiming to show that she had created the artwork "pixel by pixel", but people were quickly able to find the true sources of the artwork.
Eventually, she came as close to an admission as she is apparently going to get in an announcement that she would be pausing the sale: "I have heard your concerns about the art and I will be working to fix the file quality and any images that might be seen as 'copied' as they were only retraces and I never had any ill intent whatsoever."
Binance had applied for registration after being warned by the FCA in July 2021 to seek registration before launching its business in the region.
Sources cited by the FT allege that Crypto.com made "absolutely dramatic sworn statements that Crypto.com was in no way involved in trading" to other trading houses, and claim that employees were asked to lie about the existence of internal market makers. Crypto.com has refuted these allegations, and acknowledged that they run a market maker.
"This is not a controversial practice," Crypto.com said about the controversial practice.
- "Trading teams at Crypto.com exchange raise conflict questions", Financial Times
Huang is also annoyed at zachxbt's observations about the multiple hacks of C.R.E.A.M. Finance, which zachxbt wrote had been exploited three times "due to negligence". "Putting aside that Cream Finance was exploited two, not three times", Huang hilariously writes in the lawsuit, taking issue with the fact that zachxbt supposedly intentionally omitted that some funds were returned and that Huang claims to have been no longer involved with the project by that point. It's not made clear in the lawsuit which of the three hacks recorded on Web3 is Going Just Great — to the tune of $37.5 million (February 2021), $25–30 million (August 2021), and $130 million (October 27, 2021) — supposedly didn't happen.
Wyre had been a partner of Binance US, through which Binance was able to accept USD deposits. However, Binance US is now the target of SEC regulatory action, and has suspended US dollar deposits. Wyre wrote in their announcement that the closure "is not due to any regulatory agency direction". Sure thing.
Sadly for them, they were unable to obtain a VASP registration in the country, and their "many alternative avenues to service Dutch residents in compliance with Dutch regulations" didn't pan out either. They announced that, effective immediately, they would no longer be accepting new customers from the region. Existing customers in the country will soon be only able to withdraw assets, and will not be able to purchase assets or trade on the platform.
The company is also banned from operating in the state going forward. The agreement requires CoinEx to implement geoblocking to prevent people with New York IP addresses from accessing the platform, and prohibits the company from creating new accounts for US customers or allowing US customers to do anything other than withdraw their assets.
- "Banned In New York, CoinEx Returns $1.7 Million to Settle Lawsuit", Decrypt
- "Attorney General James Recovers $1.7 Million from Cryptocurrency Platform for Operating Illegally", press release by New York Attorney General Letitia James
The group announced that they were working with "the FBI, the Department of Homeland Security, our regulators and Chainalysis" to investigate the attack. The group had previously earned SOC 2 certification for its cybersecurity controls.
Texas securities regulator alleges in cease-and-desist that Abra crypto lender has been insolvent for months
According to the complaint, although Abra claimed it stored customer funds with the Fireblocks crypto custodian, they had actually been "secretly transferring assets" to Binance.
The regulator also alleged that Abra had around $30 million in assets with Babel Finance, $30 million with Genesis, and $10 million with Three Arrows Capital — three companies in various stages of liquidation or bankruptcy. They also have $8.8 million with Auros, a firm that was in liquidation but has since exited the process.
Delio, like Haru, advertised yields of more than 10%.
- "출금 중지 조치 안내", Delio (in Korean)
- "Two Crypto Platforms Halt Withdrawals in an Echo of the Sector’s 2022 Woes", Bloomberg
In the bankruptcy filings, Banq alleges that $17.5 million in assets were stolen by former officers, described in the listing as "computers, trade secrets, proprietary information and technology, business records, etc." The transfer allegedly was made to Fortress NFT Group, a rival company founded by the former CEO, CTO, and CPO. A lawsuit from Banq filed against Fortress and the executives in May 2022 alleges that the executives "stole not only Banq's technology, but also significant other value of Banq's, and used the purloined property to launch Defendants Fortress NFT and Planet NFT using Banq's assets, employees, trade secrets and proprietary technology, claiming all of it to be their own." They also claim that the defendants deleted files and engaged in other fraudulent activity to try to cover up the theft.
The following day, the company named the partner as B&S Holdings (formerly Aventus), and announced that they were taking legal action against the company for filing falsified management reports.
Haru Invest advertised APR in the double digits.
On June 22, Haru laid off 100 employees. Haru explained in a blog post: "after much consideration, it comes with a heavy heart to inform you that we will be minimizing the operations of Haru Invest and its affiliated companies to prevent further damages that are likely to be incurred". Haru's CEO told local media that Haru's offices were empty because employees were working from home for their own safety. After Haru halted withdrawals, they closed their office, and CoinDesk reported that "all company officials disappeared".
The recent SEC lawsuit against Binance has caused the BNB token to plummet almost 25%, from $305 to ~$230. This puts the hacker's position dangerously close to the liquidation threshold of $220, which could cause substantial impact on the market via cascading liquidations.
In November, BNB Chain passed a governance proposal giving the BNB Chain core team the ability to liquidate the position if it approached the liquidation threshold, meaning they could repay the debt in a more controlled manner that wouldn't dump hundreds of thousands of BNB onto the market all at once.
On June 12 the Venus team tweeted a reminder: "BNBChain core team is ready to take over the $BNB position on Venus as planned if the BNB price hits the liquidation threshold. The liquidator address has prepared $30M already to refund the account loans with more to come if needed. No BNB will be dumped into the market and no shortfall is expected on Venus."
Evidently, few people continued to pay much attention to the project, because an exploiter was able to come along and perform a governance attack targeting the users who still had active smart contract approvals with the defunct project. They published and voted on a proposal to allow them to upgrade the smart contract in such a way that they could then take advantage of the approvals to transfer the tokens to their own wallet address. Ultimately they made off with around assets notionally worth around $1.1 million.
Roughly an hour after the attack, the project tweeted that they were aware of the attack, and had paused all markets. On June 19 the project sent a message to the attacker, pleading with them to return the funds and threatening: "There are criminal organizations following the same evidence trails we are. This isn't going away until you return funds. We are your best option out of this."
The decision may have been related to insolvency rumors surrounding Prime Trust, a US-based fintech company. On June 8, BitGo announced a non-binding letter of intent to acquire Prime Trust.
After the announcement, the TUSD stablecoin dipped as low as $0.9951. This is a seemingly small deviation from the $1 peg, but in the stablecoin world, such small variances can be serious.
- "TrueUSD stops minting via Prime Trust, loses dollar peg", CoinTelegraph
Now, a judge has awarded default judgment in the case, requiring the DAO to pay a more than $640,000 penalty, close down its website, and stop trading.
The court held that the Ooki DAO was a "person" under the Commodity Exchange Act and thus could be held liable for violations of the law.
- Order on Motion for Default Judgment, Commodity Futures Trading Commission v. Ooki DAO
While simply claiming in a lawsuit that a crypto token is a security does not necessarily constitute a firm decision that it is so, this has been enough in the past to lead exchanges to remove token listings. The 2020 lawsuit against Ripple and its XRP token led to the token widely being delisted from exchanges serving US customers.
After this was brought to BNB Chain's attention by crypto sleuth zachxbt, they tweeted that they "acted quickly (within 10 minutes) to ban the offending accounts and remove the posts. We've taken steps to secure the server and protect against any further abuse." However, less than an hour later they put out a new tweet announcing that the URL had been hijacked to redirect to a new server.
"This is a scam, and if you connect your wallet, you will lose your funds. Please exercise caution until we are able to confirm a resolution", they wrote.
The SEC, apparently unconvinced by Coinbase's usual spiel, filed a complaint with five claims for relief involving operating without registering with the SEC and offering unregistered securities by way of providing a cryptocurrency staking program.
Coinbase has responded with its usual bluster, and vowed to fight the lawsuit. They don't really have much choice, given their business is almost entirely predicated on being able to continue operating in the US. A tweet by Coinbase CEO Brian Armstrong refers to "the US congress... introducing new legislation to fix the situation", suggesting he is hoping that Congress might bail him out of the mess he's in. Given the amount of lobbying Coinbase has been doing, and the apparent bought and paid for crypto advocates who sit in Congress, his hopes are not entirely misplaced, but we shall see. As with the lawsuit against Binance, this is not likely to resolve anytime soon, particularly if the companies both decide to fight in court.
- "SEC Charges Coinbase for Operating as an Unregistered Securities Exchange, Broker, and Clearing Agency", U.S. Securities and Exchange Commission
- SEC v. Coinbase
- Tweet by Brian Armstrong
The complaint echoes some of the allegations made by the CFTC in a March lawsuit, including that Binance.US was primarily a front for Binance's international platform that was used to try to distract US regulators. However, it also goes farther by adding allegations around Binance's lack of controls around market manipulation, which the SEC alleges contradict public statements by Binance that they had sophisticated programs to prevent wash trading and other manipulative actions. The SEC even claims that the CZ-owned and -operated market maker Sigma Chain was engaged in substantial wash trading on the platform.
The SEC lawsuit was also a bit of a bombshell in its naming of some major cryptocurrencies as securities: SOL, ADA, MATIC, FIL, ATOM, SAND, MANA, ALGO, AXS, and COTI. These are the crypto assets associated, respectively, with the Solana, Cardano, Polygon, Filecoin,[d] Cosmos, The Sandbox, Decentraland, Algorand, Axie Infinity, and Coti projects.
Following the thefts, Atomic Wallet tweeted that they were aware of the reports of wallet compromises, and that they were attempting to learn more about the attacks, but had not yet confirmed any method of attack. They've since taken down the wallet software download page, likely out of concern that the software itself has been compromised.
Crypto sleuth zachxbt compiled a list of reported compromised Atomic Wallets, finding that multiple individuals lost multiple millions in the attack. The largest known individual theft so far involved almost $8 million in USDT (Tether); other individuals lost $2.8 million in USDT and 1,897 ETH (~$3.5 million).
Users of Atomic Wallet have been advised to transfer their assets to other wallets.
On June 6, both zachxbt and blockchain research group Elliptic speculated that the laundering strategy by the thieves resembled that of the North Korea-linked Lazarus Group, which has been responsible for other major crypto thefts.
The leaked key allowed the attacker to transfer ownership of project smart contracts to themselves, though they later returned ownership.
unshETH posted a message to the hacker, demanding they return 90% of the stolen funds. They threatened: "We want to be clear, and this is not a bluff: we know who you and some people connected to you (friends) are, and we will absolutely move forward with law enforcement if you have not returned the money by the deadline above. We don't want to do this to you or have to rope your friends in, and would prefer everything be settled and everyone just move forward, but if we don't get the funds back by the above-mentioned time, we will be left with no choice in order to protect our protocol."
"Sounds exactly like someone bluffing would say", wrote one commenter.
- "Team Behind Offshore Yuan, Hong Kong Dollar Stablecoins Detained by Chinese Police: Report", CoinDesk
- "独家：离岸人民币稳定币CNHC发行团队失联，或因涉案被司法部门带走", PA News (in Chinese)
Binance did not list the jurisdictions in which it would be ending privacycoin trading, but users in France, Spain, and Poland all reported receiving alerts. This suggested it could be related to the recent passage of the MiCA crypto legislation in the European Union. The resolution states: "The operating rules of the trading platform for crypto-assets shall prevent the admission to trading of crypto-assets that have an inbuilt anonymisation function unless the holders of those crypto-assets and their transaction history can be identified by the crypto-asset service providers operating a trading platform for crypto-assets."
In late June, Binance announced that they had reversed their decision, and would continue to offer the tokens.
Binance issued a statement that the firings were related to poor performance and "cultural fit", an unlikely explanation for such a substantial cut.
In January 2023, Binance CEO Changpeng Zhao had stated that Binance planned to grow its employee count by 15–30% in 2023, even after more than doubling its employees in 2022. In March, responding to rumors of layoffs, Binance stated that they were "not planning any layoffs" and that in fact they planned to hire more than 500 employees by mid-year.
The amount is owed by affiliate OneTeam Partners. In April, Sportico reported that sports NFT platform Dapper Labs had discussed restructuring its deal with the NFL and NFLPA due to an extremely rocky year. So too had DraftKings, which had signed a deal with the NFLPA for its "Reignmakers" player trading card NFTs.
"Charity NFT project" by supposed cancer patient raises $117,000 with stolen art before being exposed as a fraud
Several hours later, the project creator deleted her Twitter account, and crypto sleuth zachxbt unearthed evidence that the pixel art she had been selling as NFTs had been stolen from various others. Altogether, the "Pixel Penguins" NFT project she promoted raised around 63.5 ETH (~$117,000).
Wang later apologized for promoting the scam, claiming that he had tried to do due diligence but had been in contact with her for over a year, and had spoken on the phone with someone claiming to be her art teacher. However, zachxbt wrote, "Seems some people called it out last year. Not sure how much he actually 'verified'".
According to The Information, MoonPay never disclosed that $150 million of the Series A funding was used to purchase shares from insiders including Soto-Wright, and never went to the company. Several weeks after the funding round, Soto-Wright purchased a $38 million Miami mansion.
In June 2022, Bybit settled a complaint from the Ontario Securities Commission for operating an unregistered platform and offering unregistered securities to Ontarian investors. The company disgorged CA$2.5 million (US$1.9 million) as result. At the time, the OSC stated that Bybit was working to come into compliance with the OSC's requirements.
Apparent whitehat exploits El Dorado Exchange, claiming developers built in a backdoor to steal user funds
The attacker promised to return all funds, minus a 10% "white hat fee", if the developers "admit to manipulating the prices", and also offered to disclose other vulnerabilities they claimed to have found in the project.
The project founders wrote in response: "Yes we acknowledge making an ill-advised decision to manipulate the price. However our intention was to blacklist those who had previously exploited the system, fully aware that all transactions are recorded on the blockchain. We did not aim to misappropriate users funds as this would leave a traceable record. We will promptly remove the problematic bomb contract."
The exploiter began returning funds shortly afterwards.