Once victims visit the fake site, they're prompted to connect their MetaMask wallets to access various services, which would allow the scammers to steal any assets in the wallets.
MetaMask phishing scammers hijack government websites
Genesis to close U.S. spot trading business
"The decision was made voluntarily and for business reasons," the email claimed.
Genesis is a subsidiary of the Digital Currency Group (DCG) conglomerate, which has since the beginning of the year seen its Genesis platform enter bankruptcy, shuttered its TradeBlock subsidiary, and is reportedly approaching a deal to sell its CoinDesk crypto media outlet.
Nima Capital accused of rug pull
Synapse posted on Twitter that they were "investigating unusual activity" on the wallets of one of their liquidity providers, and were "working to get in touch with them".
The $SYN token plummeted almost 25% after the sell-off, later recovering somewhat.
Crypto casino Stake hacked for over $40 million
Stake acknowledged the attack on their Twitter account, writing that "We are investigating and will get the wallets up as soon as they're completely re-secured."
Stake is an Australia-based cryptocurrency casino and sports betting platform that has enjoyed endorsements from various celebrities, and which shelled out $100 million in 2022 for an endorsement deal with Drake.
On September 6, the FBI announced that they believed the Lazarus Group was behind the theft. Lazarus is a group of North Korean state-sponsored hackers allegedly responsible for crypto hacks totaling hundreds of millions of dollars.
Gala Games co-founders sue each other over claimed hundreds of millions in losses
In a competing lawsuit, Wright Thurston alleges that Schiermeyer unilaterally misused over $600 million in company funds in wasteful actions that were "often for his own personal benefit", including to buy a private jet and hire architects and designers for personal real estate projects.
The $GALA token dropped 5% on the news of the lawsuits.
Starknet upgrade leaves $550,000 inaccessible
After user backlash over a cumulative $550,000 in funds that were inaccessible to people who hadn't heard about the breaking change, Starkware re-enabled the ability for people to upgrade their wallets – leading some to question why it was ever disabled in the first place if it could be trivially re-enabled to prevent the loss of half a million in assets.
Blockchain gaming streamer loses life savings after exposing private key on stream
Apparently realizing his mistake, Fraternidade Crypto ended the stream, and says he tried to relocate the crypto to a new wallet. It was too late, however, and someone watching had already taken the around 86,000 MATIC (~$50,000) and various NFTs in the wallet.
Fraternidade Crypto posted an emotional video after the fact, explaining that the stolen funds were his life savings. He said he planned to file a police report, and also offered a reward for the return of the funds.
Fortunately, he was able to recover the stolen MATIC, though he says he has not been able to recover the NFTs, which have "incalculable value as they are NFTs, estimated value of approximately 15k dollars still lost".
Impact Theory to pay $6.1 million for unregistered NFT offering in an SEC first
As a part of the agreement, Impact will destroy all remaining Founder's Keys NFTs, forgo royalties from future secondary sales, and publish a notice of the order on its websites and social media.
Founder's Keys in the rarest tier have recently sold for $1,500 apiece, and promised to give their holders access to Impact Theory's self-help content, which supposedly taught viewers how to "unlock their potential and pursue greatness". According to the SEC, the company encouraged holders to view the tokens as an investment into the business.
Clockwork project to shut down due to "limited commercial upside"
A user asked what would happen to remaining seed money, if any, in a Twitter reply. Garfield answered that they "still have a meaningful portion of our seed funding" but that he hadn't decided what to do with it.
Balancer drained of over $2 million following vulnerability warning
Balancer acknowledged the hack, writing on Twitter that "Balancer is aware of an exploit related to the vulnerability [disclosed on August 22]. Mitigation procedures have drastically reduced risks, but [we] are unable to pause affected pools." They reiterated that users needed to withdraw funds from affected liquidity pools to prevent further thefts.
The blockchain researcher known on Twitter as MevRefund questioned why Balancer didn't execute a whitehat attack on their own protocol to try to safeguard the vulnerable funds.
NFT collector SOL Big Brain loses around $1.5 million to phishing scam
However, the attacker had set up a contract which used permit phishing to drain SOL Big Brain's wallet. He lost $740,000 in stablecoins, $550,000 in ETH, and another $200,000 in the GEAR token.
"Today is a bad day," wrote SOL Big Brain on Twitter.
Magnate Finance rug pulls for over $5.2 million
Sure enough, within an hour of zachxbt's tweet, the project drained $5.2 million from the protocol and deleted its website and Telegram group.
According to zachxbt, the project also shared on-chain links to the March 2023 Kokomo Finance rug pull, which saw its perpetrators profit around $4.5 million.
Members of $PEPE team allegedly dump $16.9 million worth of tokens
The transfers and change to the multisig sparked fears that the project was rug pulling, or had been hacked. This led to a massive $PEPE sell-off, with the token plunging around 17%.
A day after the transfers, a PEPE team member posted on the project's Twitter account, alleging that the transfers were indeed theft by three of the project's other team members.
U.S. Drug Enforcement Administration sends over $50,000 to a scammer
Someone observed the DEA wallet send a small test transaction before transferring the remaining seized funds, and quickly used a crypto wallet address with identical characters at the beginning and end to send an airdrop to the DEA source wallet. When the DEA agent went to send the remaining funds, they copied-and-pasted the address, believing it was the same one they'd sent the test transaction to. This is a common scam in the crypto world known as "address poisoning", and is successful primarily because crypto wallet addresses are very long strings of characters that people usually copy-and-paste, and only identify by the characters at the start and end.
Upon discovering that they'd been duped, the DEA contacted Tether to ask them to freeze the funds. However, by that time, the scammer had already converted the money into ETH, which couldn't be frozen. The DEA is now working with the FBI to try to trace the theft.
Former New Jersey prison guard charged by SEC over crypto pump-and-dump scheme targeted at cops
Rather than "100x-ing", the token immediately plummeted when DeSalvo sold his ~41 billion Blazar tokens. DeSalvo is accused of using his profits from the scheme to speculate on other crypto tokens, pay for personal expenses, and reimburse one investor who threatened legal action.
DeSalvo is also being charged over a separate investment scheme he operated, where he solicited investments on Facebook, promising to use his claimed trading expertise to earn massive returns. The SEC alleges he lost most of the money in bad investments, and stole the rest for himself, blaming the losses on market movements.
DOJ charges two founders of Tornado Cash, arrests one
The Feds claim that the two founders knew Tornado Cash was widely being used to launder hundreds of millions of dollars by North Korea, but "turned a blind eye" and claimed to be complaint with sanctions laws. They also state that they refused to implement anti-money laundering and KYC programs, as is required of money transmitting services.
These charges are likely to be controversial — as has been the sanctioning of Tornado Cash — among crypto advocates and others, as they run up against thorny First Amendment questions and conflicting ideas about who, if anyone, is liable for running decentralized services.
Users pull $150 million in funds from Balancer protocol within hours after reports of a critical vulnerability
Balancer had around $850 million TVL prior to the announcement. Since revealing the issue, users have removed more than $150 million in assets from the project. Balancer has stated that "only 1.4% of the total TVL is at risk", though 1.4% of $850 million would still be a sizeable $12 million windfall for any potential exploiter.
Victim loses $900,000 to Google Ad phishing
On August 21, an individual searched for "celer bridge" to find the website for the Celer blockchain bridge. The first result appeared legitimate, even displaying the correct URL for the actual Celer bridge. However, once they clicked the result, they were redirected to a phishing website.
Once the victim connected their crypto wallet, it was immediately drained of $900,000 in the USDC stablecoin. They wrote on Twitter that it was "most of [their] net worth".
SEC cracks down on Titan crypto investment manager for advertising 2,700% returns
Titan advertised "annualized" performance results of up to 2,700% on its Titan Crypto trading strategy, which the SEC says was misleading because it failed to include material information about how the performance was calculated. Titan had based the calculation on three weeks of performance, assuming it would continue for a full year.
Titan has agreed to a cease-and-desist order, censure, and over a million in disgorgement and penalties.
Harbor Protocol exploited
According to data on DefiLlama, TVL on the project dropped from around $370,000 to only $81,000. The TVL was already significantly down from the project's peak of almost $1.5 million.
Crypto founder loses over $250,000 to crypto scam
Lawrence is now suing Crypto.com, although this may be challenging given they apparently weren't behind the scam. Lawrence has also said that he has sold his house to pay for legal costs.
Recur NFT platform shuts down after $50 million Series A
In December 2021, the company offered $300 "Recur Passes", which promised holders early access to NFT drops and other perks. One of them resold for $88,888 in February 2022.
Now, Recur has announced they will be closing up shop, and warned users to migrate their assets away from the platform in advance of a November shutdown. The company cited "unforeseen challenges and shifts in the business landscape".
As for the Recur Passes, they're currently selling for somewhere between $7 and $11.
Terra website hijacked by phisher
Despite a tweet on August 19 that "sites are coming back online", and a developer stating that they were "mostly back in control", the website apparently remained compromised for several days. The project reiterated via tweet on August 20 that the website was still not safe to use.
It's unclear how much was stolen as a result of the hijacking.
Exactly Protocol hacked for at least $12 million
An attacker has siphoned more than 7,160 ETH (~$12 million) from the project, which they've bridged back to the Ethereum main chain. The Exactly Protocol's TVL plunged from $37 million to under $12 million following the attack.
Exactly writes on their website that they had been audited by four different firms: Chainsafe, Coinspect, ABDK, and Cryptecon.
Fed issues cease and desist to FTX-connected Farmington State Bank
Now, the Federal Reserve Board has issued a cease and desist to Farmington State/Moonstone, claiming they have violated the commitments they made while going through the approval process. Despite promises not to do so, the bank engaged in digital asset activity, reportedly working with stablecoin issuers.
- "Crypto Firm FTX’s Ownership of a U.S. Bank Raises Questions", New York Times
- "Alameda-funded bank Farmington State gets cease and desist from Fed", Protos
- Cease and desist from the Board of Governors of the Federal Reserve System
Blockchain Capital co-founder loses $6.3 million in SIM swap hack
The attackers also tried to steal around 80 BTC and 6,500 ETH (currently worth over $12.6 million) from a cold wallet belonging to Stephens, but were thwarted by an email alert sent to Blockchain Capital employee.
$1.7 million rendered inaccessible for weeks in broken bridge to new Shibarium network
A bridge between Ethereum and the Shibarium network was released as the network went live, and eager users quickly transferred a combined 954 ETH (~$1.7 million) to the bridge contract so they could access it on the new chain. However, users started reporting that transactions were stalled, and they weren't able to access their tokens on the Shibarium side.
The team quickly shut down conversation on Discord as more issues were raised, and claimed in a blog post that the issues were caused by nothing more than the network being overwhelmed with traffic. The team denied the authenticity of screenshots of a Telegram chat appearing to show the lead developer writing that the funds were unrecoverable, insisting they were safe.
Finally, weeks after the botched launch, Shibarium re-enabled the bridge and told users they could once again access their funds. Though there have been some delays in transactions, the "stuck" funds appear to be retrievable.
SwirlLend rug pulls for around $460,000
SwirlLend was a lending protocol operating on both Base and the similarly newborn Linea chain. Shortly after its launch, the project drained a combined $460,000 from the two chains, then deleted its social media accounts.
Shenzhen Shikongyun Technology accused of $83 million Filecoin pyramid scheme
Shenzhen Shikongyun Technology was operating in mainland China despite a ban on cryptocurrency activities in September 2021.
Prime Trust files for bankruptcy
Prime Trust is a crypto custodian that previously served companies including Binance US, Swan Bitcoin, and BitGo. Just a year ago, the company announced they had raised $100 million in a Series B funding round, and planned to add crypto retirement accounts to its list of products. It's probably a good thing that didn't pan out.
According to bankruptcy documents, Prime Trust has between $50 million and $100 million in assets, but between $100 million and $500 million in liabilities. They report having between 25,000 and 50,000 creditors.
- "Crypto custodian Prime Trust files for Chapter 11 bankruptcy", CoinTelegraph [archive]
- Form 201 in Prime Core Technologies Inc. bankruptcy [archive]
- Tweet thread by Cryptadamist [archive]
RocketSwap exploited after key compromise
RocketSwap later announced a plan to airdrop tokens to "compensate" users for the theft. They also tried to reassure projects that were migrating away from RocketSwap that there was "no need to run away, your funds are safe".
Zunami Protocol exploited for more than $2.1 million
The attack was a "classic price manipulation" exploit, according to the Ironblocks security firm. The attacker was able to steal 1,152 ETH ($2.13 million) from the protocol. They then tumbled the stolen funds through Tornado Cash.
Uniswap developer fired over FrensTech rug pull
Lin had created a project called "FrensTech", which aimed to capitalize on the popularity of a product called "friends.tech", and which ultimately accumulated the 14 ETH in fees before he decided to drain liquidity. Lin had not tried to conceal his identity. After the rug pull, Uniswap founder Hayden Adams wrote on Twitter: "Wanted to let people know this person is no longer with the company. Not behavior we support or condone."
Lin was unapologetic, tweeting: "got fired from uniswap, but gained 600 new followers and [crypto Twitter] villain status. net neutral tbh".
Bittrex settles with SEC for $24 million
SpiritSwap to shut down after Multichain collapse
SpiritSwap was previously one of the most popular DEXes on Fantom, boasting an all-time-high of $374 million in January. It now has less than $3 million TVL, thanks in part to the Multichain collapse and to the broader cryptocurrency bear market.
SpiritSwap is only the most recent project to announce its closure as a result of the Multichain fiasco. In July, Geist Finance and Hector Network also announced they would be shutting down due to Multichain contagion.
Multiple wallets compromised due to irresponsible encryption in Libbitcoin project
Nevertheless, when Distrust disclosed this to Libbitcoin, the team replied first that they were too busy, then twice that "they do not feel this is a bug".
The research team has not yet disclosed which wallets were affected by the vulnerability, but they have estimated that around $900,000 were stolen as a result.
Hundred Finance shuts down after hacks
The project undertook a vote to shut down the lending service, and use remaining funds in the project treasury to try to compensate those who lost funds in the attack. The project also aims to distribute to victims of the hack claims on any funds that might be returned or otherwise recovered in the future.
The vote passed with 99% of votes in support, effectively sunsetting the project.
- "April 2023 Exploit Response Vote", Snapshot
Disney exits the metaverse
Scammers target victims via web3 job search boards
"Jobless and a bit poorer, thanks guys!" he wrote. "You're passionate about its technology, you wanna be part of it. You DCA. You hodl. You do everything you can to do things right... you're passionate, love the space, the tech. The people. Your willingness to get a job in Web3 is enormous! I stand for on-chain values, and I wanna be a part of the wave!" he wrote in frustration, trying to explain how he'd gotten scammed. "The apparent legitimacy of these [web3 job listing] sites made me remove the 'watch out filter', and boom."
Bitsonic CEO arrested for allegedly stealing $7.5 million
Bitsonic halted its services in August 2021, claiming "internal and external issues". However, even after halting withdrawals, Shin continued to offer cryptocurrency to new clients.
Cypher protocol exploited for around $1 million
The project attempted to contact the hacker to negotiate the return of some of the funds. Meanwhile, various community members sent NFTs to the attacker wallet, requesting the return of the funds. One of them tried to convince the hacker, writing that they believed the attacker's identity could be discovered because they used centralized exchanges with KYC to try to withdraw funds. Another simply said "give it back you shitlord".
Steadefi exploited for over $1 million
Rumors swirl that Huobi executives have been arrested, exchange is insolvent
Huobi and related people have been busy refuting the rumors, with Huobi's social media head dismissing them as "baseless malicious attacks". Huobi "advisor" Justin Sun tweeted "4".
Worldcoin warehouse in Nairobi raided by authorities
Kenya's Office of the Data Protection Commissioner has said that Worldcoin failed to accurately disclose its intentions with the project when corresponding with regulators.
Copytrader asks for "stolen" funds back after someone tricks their bot
The apparent operator of the bot tweeted at Chang, accusing him of theft: "We would like to discuss a bounty with you. We are offering a 10% bounty of any funds stolen from our bot, which are yours to keep if you return the remaining 90%." In other tweets they suggested they might try to take legal action against Chang for the "theft".
Revolut shuts down crypto business in the US
Revolut had previously been one of the crypto platforms to limit US trading in Solana, Cardano, and Polygon tokens after the SEC identified those tokens as securities in lawsuits against Binance and Coinbase.
Web3 platform Nifty's shuts down
The platform later partnered with other companies to produce NFT collections for franchises including The Matrix and Game of Thrones, the latter of which featured hilariously bad artwork. The company then pivoted to a broader web3 focus as the NFT bubble collapse led the broader crypto downturn.
However, their promised web3 platform never materialized, and now the project has reached "the end of [its] runway".
Nifty's is not to be confused with Nifty Gateway, a separate NFT platform run by the embattled Gemini crypto platform.
Uwerx crypto-based freelancer platform exploited
The project was audited by SolidProof and InterFi. The project announced that they intended to relaunch the token, and asked the exploiter to consider returning 80% of the funds, keeping 20% as a "bug bounty".
LeetSwap exploited on Base
One such service is LeetSwap, which describes itself as the "The #1 DEX ecosystem for elite degens built on the leetest blockchains", and which recently launched its service on Base. On August 1, LeetSwap was exploited after an attacker discovered a function that allowed them to manipulate token prices on the project for a profit of around 342 ETH (~$624,000).
LeetSwap attempted to contact the hacker via social media, asking them to return all but 50 ETH (~$92,000, or around 15% of the stolen funds).
Phisher briefly snags $20 million before it's frozen by Tether
Someone intending to transfer Tether stablecoins amounting to $20 million apparently didn't think it was important to double-check the address, and fell for such an attack.
However, only 51 minutes after the theft, the victim had managed to get Tether to add the thief's address to its blacklist, freezing the assets and thwarting the attack. The rapidity of the freeze led various people to question who the victim might be who could get Tether to intervene so quickly.
- "Tether Freezes $20 Million Linked To Phishing Scammer", CryptoPotato