SEC charges Mila Kunis-backed Stoner Cats NFT project

An illustrated beige cat, with eyes pointed in opposite directions, wearing a yellow rain hat on a rainy day. It's holding a roll of $100 bills in one hand and a baggie of marijuana in the otherStoner Cat #7605 (attribution)
In a rather amusing press release, the SEC announced they had charged "Stoner Cats 2 LLC" with conducting an unregistered securities offering when they raised $8.2 million selling NFTs that were intended to finance an animated web series called Stoner Cats.

The series was developed by Mila Kunis and her production company, and she, Ashton Kutcher, and Chris Rock all performed in the show, which ultimately aired six episodes accessible only to those who hold the NFTs. The premise, according to the SEC, is "house cats that become sentient after being exposed to their owner's medical marijuana".

The SEC determined that the project had marketed the NFTs as an investment in a web series enterprise, and had therefore violated securities laws by not registering with the SEC. Stoner Cats 2 LLC agreed to a cease-and-desist order, and will pay a $1 millon penalty.

OneCoin cofounder gets 20 years in prison

Ruja Ignatova and Karl Sebastian Greenwood photographed in front of a OneCoin branded backdropRuja Ignatova and Karl Sebastian Greenwood (attribution)
Karl Sebastian Greenwood, co-founder of the notorious OneCoin ponzi scheme, was sentenced to 20 years in prison after pleading guilty to fraud and money laundering charges. He will also forfeit $300 million, much of which he spent on real estate, luxury vacations, and a yacht.

OneCoin operated out of Bulgaria, and was founded by Greenwood and "Cryptoqueen" Ruja Ignatova, the latter of whom has been on Europol's most wanted list since May 2022. The fraud amounted to around $4 billion and affected at least 3.5 million victims.

Binance.US CEO Brian Shroder bails as the company cuts 1/3 of its employees

Brian Shroder, wearing a Binance shirt under a suit coatBrian Shroder (attribution)
Brian Shroder, the CEO of Binance's US entity, has left the crypto exchange as it faces an existential lawsuit from the U.S. SEC. Shroder is only the latest exec to leave Binance and its various regional arms in what is becoming a mass exodus in recent months. The company has also lost its general counsel, chief strategy officer, head of investigations, a senior VP of compliance, and two leaders of Binance's Russian arm.

Simultaneously, Binance.US announced it would be cutting 1/3 of its employees, or more than 100 people. This is the second staffing cut since the SEC lawsuit was filed in June — Binance.US cut around 50 positions, then around 10% of employees, shortly after the lawsuit was announced. The primary Binance entity also fired more than 1,000 people in July.

CoinEx hacked for $70 million

Various blockchain watchers noticed suspicious transfers from a hot wallet known to belong to the CoinEx cryptocurrency exchange. CoinEx later confirmed a "security incident" involving "unauthorized transactions", and disclosed that around $70 million was stolen. Outside researchers have suggested that the thieves appear to be a part of the North Korean state-sponsored hacking group, Lazarus.

CoinEx is based out of Hong Kong, and was recently forced to stop serving US customers as part of a settlement with the New York Attorney General which also required them to pay a $1.7 million fine.

Developer steals $1 million from the group behind Milady NFTs

A pixel art image of a humanoid robot holding a paint palette, with a small dog by its feet, and a desert with a cactus in the backgroundBonkler #150 (attribution)
A developer working on an NFT project spearheaded by Remilia, the DAO behind the Milady NFT project, stole around $1 million from the group by diverting fees generated by their new Bonkler "experimental finance art project". According to leader Charlotte Fang, the developer "also seized codebases and coordinated with two others on the team in an attempt to seize control of our social media, followed by demands for a significant portion of our treasury, including the NFT reserves." Fang stated that they believed they knew the thief's identity and had filed a lawsuit against them, and promised that they "will now be dealt with through the heavy hand of the law".

Remilia is a very controversial group, particularly after it was exposed that leader Charlotte Fang was a major figure in a white supremacist cult known as Kali Yuga Accelerationism (abbreviated "kaliacc"), and involved in a 4chan suicide cult.

Fang announced the theft on September 11 in a tweet accompanied by a glitch art image derived from a photo of the Twin Towers engulfed in flames and smoke shortly after the 9/11 terrorist attacks.

Banana Gun bot launches token, sparks rug pull fears as they disclose a bug

The team behind Banana Gun, a Telegram bot to help "snipe" token launches, launched a token associated with the project on September 11. Only hours later, they announced in a tweet that they'd uncovered a bug in their smart contract that meant that when people sold tokens, the 4% tax that was meant to go to the project was also kept in individuals' wallets.

The team wrote in an announcement that they had no choice but to sell the treasury wallet to drain the liquidity pool, which is locked to... well, stop the project team from draining the project and rug-pulling. At the time of announcement, the project team had around 950 ETH (~$1.5 million) in the treasury wallet.

Some pointed out that they could simply set the tax to 0% and carry on without the hefty sales tax, but that didn't seem to appeal to the project's creators. Some also speculated that the team might just take the money and run after draining the LP.

Fortress Trust hit by "security incident", bailed out by Ripple

Fortress Trust is a crypto custody and blockchain infrastructure company, founded by Scott Purcell. Purcell is also known for founding Prime Trust, which later lost over $75 million in customer funds, squandered another $8 million gambling on Terra/Luna just before its collapse, and then filed for bankruptcy in August 2023. Purcell is also embroiled in a lawsuit from former company Banq, now also bankrupt, which alleges he stole trade secrets and other valuable material to start Fortress.

On September 7, Fortress Trust disclosed that several customers had been "impacted by a third-party vendor" compromise. On September 8, Fortress Trust announced they had been acquired by Ripple. On September 11, The Block reported that Ripple had covered undisclosed losses to customers as a part of the acquisition deal. The losses were later disclosed to be around $15 million, and the third-party vendor was said to be a company called Retool, who blamed the compromise on a social engineering attack against one of their employees.

Paxos pays $500,000 fee to send $1,865

A wallet on the Bitcoin blockchain paid a 19.82 BTC ($499,171) fee to transfer 0.074 BTC ($1,865). Put another way, they spent 270x the transaction value to pay the fee. Bitcoin transaction fees are required to make any action on the Bitcoin blockchain, and people can opt to pay higher fees to incentivize their transactions being processed sooner. 19.82 BTC is far outside the realm of someone just hoping to get a speedy transaction, however — the next-highest transaction fee in that block was 0.006 BTC ($159.20).

Bitcoiner Jameson Lopp speculated that the transaction "looks like an exchange or payment processor with buggy software" based on its transaction history. "The address in question that made the fee calculation error has the characteristics of a withdraw-only hot wallet from an enterprise," he wrote.

His observations were well-founded, as it later came out that the wallet belonged to the Paxos blockchain company, who attributed the overpayment to a bug. Luckily for Paxos, the miner who snapped up the outsized fee agreed to refund it.

Vitalik Buterin's Twitter account hacked to promote crypto scam

Scam tweet from the Vitalik Buterin account, reading: "To celebrate Proto-Danksharding coming to Ethereum, @Consensys is marking the moment with a commemorative NFT.
"Proto", honors the work of the devs who made this possible. The collection is free for the next 24 hours.
Claim your piece of history:"Scam tweet by Vitalik Buterin (attribution)
The Twitter account belonging to Vitalik Buterin, inventor and effective leader of the Ethereum project, was hacked to promote a crypto scam. A tweet posted to his compromised account advertised a "commemorative NFT" to celebrate the impending release of "proto-danksharding", which is the actual name for an upcoming change to the Ethereum protocol.

However, the link was a scam, and anyone who connected their wallet risked having their wallet drained of its cryptocurrency and NFTs. Some blue-chip NFTs were stolen, including two CryptoPunks (a collection with a floor price of around 47 ETH, or $76,800). Altogether, stolen assets surpassed $650,000 in value within a few hours of the theft according to zachxbt, though this counts notoriously difficult-to-value NFTs.

The tweet was taken down within twenty minutes of being posted. All in all, posting a link to a wallet drainer was probably among the least effective things the attacker could do with the Twitter account of a person whose word can dramatically move markets.

It did seem to be something of a stark warning to some in the crypto world, however, who expressed sentiments along the lines of "if Vitalik can get hacked, anyone can."

NFT startup Glass shuts down a year after raising $5 million

The NFT startup Glass was operating under the assumption that YouTubers and others who post video content for fans online might want to mint those videos as NFTs, which their fans could then buy. Unfortunately for them, they have since "come to the conclusion that there is not sustainable demand for video NFTs".

In September 2022, the startup managed to raise $5 million from investors including TCG Crypto and 1kx. Either that money's run out, or they're cutting their losses early.

Founder of the Thodex crypto exchange sentenced to 11,196 years in prison

As of writing, the April 2021 $2 billion Thodex exit scam is the second largest exit scam recorded in the Web3 is Going Great leaderboard. Thodex was one of the largest crypto exchanges in Turkey, until its CEO, Faruk Fatih Özer, disappeared along with $2 billion in customer funds.

He was arrested in August 2022 after a year on the run. Now, he and his brother and sister have all been sentenced to 11,196 years in prison – sentences so over the top that one has to wonder if perhaps Turkish prosecutors are worried the Özers are some kind of crypto-focused vampire crime family. They will also pay a 135 million lira fine (~$5 million).

CFTC goes after three defi projects

The CFTC has announced charges and settlements against defi projects Opyn, ZeroEx, and Deidex for various commodities law violations. The projects will pay $250,000, $200,000, and $100,000, respectively, to settle the charges. They have also agreed to cease and desist the activities.

The CTFC stated: "Somewhere along the way, DeFi operators got the idea that unlawful transactions become lawful when facilitated by smart contracts. They do not."

Fourth FTX exec pleads guilty, agrees to forfeit $1.5 billion

Ryan SalameRyan Salame (attribution)
Former CEO of FTX's Bahamian entity, Ryan Salame, has pleaded guilty to two criminal charges in the ongoing case against FTX and founder Sam Bankman-Fried. Salame (pronounced "Salem") is the fourth exec to plead guilty, following pleas from Caroline Ellison and Gary Wang in December 2022, and another from Nishad Singh in February 2023.

As part of the deal, Salame has agreed to forfeit $1.5 billion. He will also pay $5.6 million restitution to FTX debtors and $6 million to the U.S. government, and will forfeit two homes in the Berkshires and a 2021 Porsche 911. According to the New York Times, he is not cooperating with the investigation.

Salame's sentencing is scheduled for March 2024.

Victim loses around $24 million in phishing scam

A crypto phisher hit it big today when they lured in a victim with a massive wallet balance. The victim wallet was drained of 4,851 rETH and 9,579 stETH, both wrapped versions of ETH used for staking. Altogether, the tokens are priced at around $24 million.

The wallet address used by the phisher has been associated with multiple crypto phishing websites which attempt to convince users to authorize transactions, often by impersonating known crypto projects or promising token airdrops.

High-profile streamers bail on MrBeast-promoted Creator League after learning there are blockchains involved

Collage of eight influencers, with a "Creator League" logo above themPromo image for the Creator League (attribution)
A group of high-profile streamers and social media influencers agreed to join eFuse's "Creator League", where they would lead community e-sports teams. The project was announced on September 2, and was promoted by mega-influencer MrBeast. Only days later, the project has been put on hold after some of those influencers balked once they learned blockchains were involved.

YouTuber CDawgVA publicly withdrew from the project on September 3, writing, "I was not told or made aware at any point that there was Blockchain technology and was only made aware of that information when the event went live. I was given assurances that it had nothing to do with NFT's. Given my vocal hatred of such tech, I would never agree to join had I known that."

The creator of the OTK Network, which had agreed to participate in the League, wrote: "We were told there was no NFT/crypto component but looks like that may not be the case."

Creator League issued a statement attempting to downplay its blockchain usage, emphasizing that people who purchased "Creator Passes" were not buying cryptocurrency or NFTs. "The Creator League is not an NFT project and we have never sold tokens," they insisted. "Those buyers who remain uncomfortable with the blockchain technology can request a refund," they continued.

Now, Creator League has been postponed. eFuse, the company behind it, has also just announced a 30% layoff amid company restructuring.

Stolen LastPass vaults possibly cracked to enable crypto thefts

In November 2022, popular password management tool LastPass disclosed that hackers had stolen "password vaults" containing data belonging to more than 25 million users. Although the vaults themselves are encrypted, some experts now believe that these vaults are being cracked to enable access to crypto credentials stored within.

A report by cybersecurity expert Brian Krebs outlines how various experts have come to this conclusion after analyzing a long string of crypto thefts perpetrated against people with otherwise strong security practices. Altogether, the thefts suspected to have been enabled by the LastPass breach amount to more than $35 million.

GMBL.COMPUTER crypto casino exploited hours after launch

The brand new Arbitrum-based defi casino GMBL.COMPUTER was exploited for around 471 ETH (~$770,000). The project, which promises to "generate yield from casino games", had officially launched only hours earlier. The GMBL team later stated that they believed the exploit was due to a flaw in the platform's referral system, where people could place bets without depositing any funds and use them to generate referral bonuses.

GMBL offered a "bug bounty" to the attacker, inviting them to return 90% of the stolen funds in exchange for a promise not to pursue legal action. The exploiter later returned 235 ETH (~$382,000), or half what they had stolen.

GMBL promised that "we are going to thoroughly test everything again before re launching".

MetaMask phishing scammers hijack government websites

Phishing scammers hoping to lure victims into visiting fake websites resembling that of the popular MetaMask crypto wallet have adopted a new approach: compromising government websites. CoinTelegraph identified websites on domains belonging to the governments of countries including India, Nigeria, Egypt, Colombia, Brazil, Vietnam that had been compromised and modified to redirect to these scam sites. Some of them included the websites of the Nigerian postal service and, ironically, of Egypt's Consumer Protection Agency.

Once victims visit the fake site, they're prompted to connect their MetaMask wallets to access various services, which would allow the scammers to steal any assets in the wallets.

Genesis to close U.S. spot trading business

Although Genesis Global Capital filed for bankruptcy in January 2023, portions of the larger business were not included in bankruptcy proceedings and continued to operate. One such portion was Genesis's U.S.-focused spot trading platform, at least until an email to clients announcing that their accounts would be closed at the end of the month.

"The decision was made voluntarily and for business reasons," the email claimed.

Genesis is a subsidiary of the Digital Currency Group (DCG) conglomerate, which has since the beginning of the year seen its Genesis platform enter bankruptcy, shuttered its TradeBlock subsidiary, and is reportedly approaching a deal to sell its CoinDesk crypto media outlet.

Nima Capital accused of rug pull

"Even VCs are rugging now", remarked someone on Twitter as Nima Capital was observed selling 9 million $SYN (priced at ~$3.7 million before the sudden sale caused the token price to drop) and removing all stablecoin liquidity from the Synapse decentralized blockchain bridge. In April 2023, Nima had entered into a deal with Synapse to lock $40 million of liquidity in the project in exchange for the $SYN tokens, with an agreement to not sell the tokens for twelve months. However, it appears they've just dumped their tokens seven months early. Not only that, Nima Capital took their website offline and made their Twitter account private in typical rug-pull fashion.

Synapse posted on Twitter that they were "investigating unusual activity" on the wallets of one of their liquidity providers, and were "working to get in touch with them".

The $SYN token plummeted almost 25% after the sell-off, later recovering somewhat.

Crypto casino Stake hacked for over $40 million

Attackers managed to make transactions from hot wallets operated by the Stake betting platform, stealing approximately $15.7 million from their Ethereum wallet and around $25.6 million from BSC and Polygon. Blockchain analysis project Cyvers attributed the theft to a private key leak, though Stake co-founder Edward Craven later denied that. Craven claimed that the attack was achieved through a "sophisticated breach" targeting a service the company uses to approve transactions.

Stake acknowledged the attack on their Twitter account, writing that "We are investigating and will get the wallets up as soon as they're completely re-secured."

Stake is an Australia-based cryptocurrency casino and sports betting platform that has enjoyed endorsements from various celebrities, and which shelled out $100 million in 2022 for an endorsement deal with Drake.

On September 6, the FBI announced that they believed the Lazarus Group was behind the theft. Lazarus is a group of North Korean state-sponsored hackers allegedly responsible for crypto hacks totaling hundreds of millions of dollars.

Gala Games co-founders sue each other over claimed hundreds of millions in losses

The two co-founders of blockchain gaming company Gala Games are suing each other. One lawsuit, filed by Gala Games CEO Eric Schiermeyer, alleges that Gala's director Wright Thurston stole $130 million in $GALA, directing it through his company and then into a "complex web of obfuscatory transactions" between September 2022 and May 2023. According to the lawsuit, at one point, Thurston explained that he was selling some of the $GALA tokens in order to purchase ammunition for firearms. The lawsuit also outlines how Gala issued the GALA v2 token in May 2023 in order to hide the alleged theft from Gala's token holders.

In a competing lawsuit, Wright Thurston alleges that Schiermeyer unilaterally misused over $600 million in company funds in wasteful actions that were "often for his own personal benefit", including to buy a private jet and hire architects and designers for personal real estate projects.

The $GALA token dropped 5% on the news of the lawsuits.

Starknet upgrade leaves $550,000 inaccessible

"The wallets that did not upgrade in time will lose their assets," a StarkWare customer support representative said on Discord to an individual inquiring why they could no longer access their cryptocurrency. The company had been urging users to upgrade their wallet software for months, but not everyone expected they might lose access to funds if they weren't carefully monitoring their wallet software's social media channels.

After user backlash over a cumulative $550,000 in funds that were inaccessible to people who hadn't heard about the breaking change, Starkware re-enabled the ability for people to upgrade their wallets – leading some to question why it was ever disabled in the first place if it could be trivially re-enabled to prevent the loss of half a million in assets.

Blockchain gaming streamer loses life savings after exposing private key on stream

Brazilian blockchain gaming streamer Fraternidade Crypto says he lost his life savings after accidentally exposing his crypto wallet seed phrase during a livestream pertaining to Bitcoin and blockchain games. Presumably not realizing it was on the same screen he was streaming, he opened a text file containing a password for a gaming account so he could log into it. However, the file also contained his MetaMask private key, which was displayed to the roughly 70 viewers of the stream.

Apparently realizing his mistake, Fraternidade Crypto ended the stream, and says he tried to relocate the crypto to a new wallet. It was too late, however, and someone watching had already taken the around 86,000 MATIC (~$50,000) and various NFTs in the wallet.

Fraternidade Crypto posted an emotional video after the fact, explaining that the stolen funds were his life savings. He said he planned to file a police report, and also offered a reward for the return of the funds.

Fortunately, he was able to recover the stolen MATIC, though he says he has not been able to recover the NFTs, which have "incalculable value as they are NFTs, estimated value of approximately 15k dollars still lost".

Impact Theory to pay $6.1 million for unregistered NFT offering in an SEC first

An Impact Theory lengendary-tier "Founder's Key" NFT, which resembles a gold metal ticket with the Impact Theory logo on itLegendary "Founder's Key" NFT (attribution)
Entertainment company Impact Theory has agreed to a $6.1 million payment to settle charges from the SEC that its sales of its "Founder's Keys" NFTs constituted an unregistered crypto asset securities offering. This is the first time the SEC has taken action against issuers of NFTs as unregistered securities offerings.

As a part of the agreement, Impact will destroy all remaining Founder's Keys NFTs, forgo royalties from future secondary sales, and publish a notice of the order on its websites and social media.

Founder's Keys in the rarest tier have recently sold for $1,500 apiece, and promised to give their holders access to Impact Theory's self-help content, which supposedly taught viewers how to "unlock their potential and pursue greatness". According to the SEC, the company encouraged holders to view the tokens as an investment into the business.

Clockwork project to shut down due to "limited commercial upside"

A year after raising $4 million in a seed round joined by Multicoin Capital, Solana Ventures, and Asymmetric, Clockwork co-founder Nick Garfield announced that the Solana-based automation platform would be shutting down. He wrote, "Ultimately the reason we are stepping away now is simple opportunity cost. We admittedly see limited commercial upside in continuing to develop the protocol, and have a growing personal interest to explore new opportunities."

A user asked what would happen to remaining seed money, if any, in a Twitter reply. Garfield answered that they "still have a meaningful portion of our seed funding" but that he hadn't decided what to do with it.

Balancer drained of over $2 million following vulnerability warning

After warning users several days prior that a critical vulnerability had been discovered in their protocol, the Balancer defi project has been drained of around more than $2.1 million in a series of exploits apparently taking advantage of the bug.

Balancer acknowledged the hack, writing on Twitter that "Balancer is aware of an exploit related to the vulnerability [disclosed on August 22]. Mitigation procedures have drastically reduced risks, but [we] are unable to pause affected pools." They reiterated that users needed to withdraw funds from affected liquidity pools to prevent further thefts.

The blockchain researcher known on Twitter as MevRefund questioned why Balancer didn't execute a whitehat attack on their own protocol to try to safeguard the vulnerable funds.

NFT collector SOL Big Brain loses around $1.5 million to phishing scam

The NFT collector SOL Big Brain lost around $1.5 million in ETH, stablecoins, and the Gearbox token after being targeted in a phishing scam. The attacker apparently compromised a Telegram account belonging to a founder of a portfolio company, then used it to message SOL Big Brain to ask him to claim his vested tokens. SOL Big Brain double checked that the sender was indeed the founder of the company, and did as he was instructed.

However, the attacker had set up a contract which used permit phishing to drain SOL Big Brain's wallet. He lost $740,000 in stablecoins, $550,000 in ETH, and another $200,000 in the GEAR token.

"Today is a bad day," wrote SOL Big Brain on Twitter.

Magnate Finance rug pulls for over $5.2 million

Magnate Finance, a lending protocol built on the new Base layer-2 blockchain, rug pulled within hours of a warning from crypto sleuth zachxbt. Zachxbt had discovered that a wallet address used by Magnate Finance was directly linked to Solfire Finance, a project that rug pulled for almost $5 million in January 2022. He warned his followers in a tweet that the project "will likely exit scam in the near future."

Sure enough, within an hour of zachxbt's tweet, the project drained $5.2 million from the protocol and deleted its website and Telegram group.

According to zachxbt, the project also shared on-chain links to the March 2023 Kokomo Finance rug pull, which saw its perpetrators profit around $4.5 million.

Members of $PEPE team allegedly dump $16.9 million worth of tokens

Holders of the $PEPE memecoin sold en masse after the PEPE multisig wallet transferred more than 16 trillion $PEPE (~$16.9 million) to crypto exchanges. Although the multisig previously required five of eight signatories to approve transactions, just before the massive transfer, the multisig was changed to require only two of eight signatures — a much lower level of security.

The transfers and change to the multisig sparked fears that the project was rug pulling, or had been hacked. This led to a massive $PEPE sell-off, with the token plunging around 17%.

A day after the transfers, a PEPE team member posted on the project's Twitter account, alleging that the transfers were indeed theft by three of the project's other team members.

U.S. Drug Enforcement Administration sends over $50,000 to a scammer

After seizing a little more than $500,000 in the Tether stablecoin from two accounts it believed were involved in illegal narcotics sales, the DEA mistakenly sent $50,000 of the seized funds to an enterprising scammer.

Someone observed the DEA wallet send a small test transaction before transferring the remaining seized funds, and quickly used a crypto wallet address with identical characters at the beginning and end to send an airdrop to the DEA source wallet. When the DEA agent went to send the remaining funds, they copied-and-pasted the address, believing it was the same one they'd sent the test transaction to. This is a common scam in the crypto world known as "address poisoning", and is successful primarily because crypto wallet addresses are very long strings of characters that people usually copy-and-paste, and only identify by the characters at the start and end.

Upon discovering that they'd been duped, the DEA contacted Tether to ask them to freeze the funds. However, by that time, the scammer had already converted the money into ETH, which couldn't be frozen. The DEA is now working with the FBI to try to trace the theft.

Former New Jersey prison guard charged by SEC over crypto pump-and-dump scheme targeted at cops

John DeSalvo, a former New Jersey corrections officer, was charged by the SEC over a pump-and-dump scheme associated with his "Blazar" token, a project he targeted at fellow law enforcement. With promises that the Blazar token would "guaranteed minimum 100X your money", DeSalvo convinced around 222 investors to pour in at least $623,888. He also made other false statements, including that the token was registered with the SEC, and that he had devised a way for people to take payroll deductions that would automatically be used to purchase the token.

Rather than "100x-ing", the token immediately plummeted when DeSalvo sold his ~41 billion Blazar tokens. DeSalvo is accused of using his profits from the scheme to speculate on other crypto tokens, pay for personal expenses, and reimburse one investor who threatened legal action.

DeSalvo is also being charged over a separate investment scheme he operated, where he solicited investments on Facebook, promising to use his claimed trading expertise to earn massive returns. The SEC alleges he lost most of the money in bad investments, and stole the rest for himself, blaming the losses on market movements.

DOJ charges two founders of Tornado Cash, arrests one

A year after the Department of Treasury added Tornado Cash to the OFAC sanctions list, the DOJ has come in to charge the service's two founders with conspiracy charges involving money laundering, sanctions violations, and operating an unlicensed money transmitter. The Feds arrested Roman Storm, a U.S. national; Russian co-founder Roman Semenov is "at large".

The Feds claim that the two founders knew Tornado Cash was widely being used to launder hundreds of millions of dollars by North Korea, but "turned a blind eye" and claimed to be complaint with sanctions laws. They also state that they refused to implement anti-money laundering and KYC programs, as is required of money transmitting services.

These charges are likely to be controversial — as has been the sanctioning of Tornado Cash — among crypto advocates and others, as they run up against thorny First Amendment questions and conflicting ideas about who, if anyone, is liable for running decentralized services.

Users pull $150 million in funds from Balancer protocol within hours after reports of a critical vulnerability

Balancer, a popular Ethereum-based defi protocol, has warned users that they should withdraw funds from vulnerable pools on the project after receiving a report of a critical vulnerability. No funds have been lost thus far, and the project has pools that could be impacted, though not all pools can be paused. Because of the nature of crypto projects, Balancer can't simply patch the vulnerability, and is now having to urge users to withdraw their liquidity as soon as possible.

Balancer had around $850 million TVL prior to the announcement. Since revealing the issue, users have removed more than $150 million in assets from the project. Balancer has stated that "only 1.4% of the total TVL is at risk", though 1.4% of $850 million would still be a sizeable $12 million windfall for any potential exploiter.

Victim loses $900,000 to Google Ad phishing

Google Ad phishing is the practice of taking out a Google advertisement to promote a malicious website impersonating a legitimate project. By taking out the ad, the result is pushed to the top of the search results page, tricking unsuspecting victims into believing it's a legitimate search result.

On August 21, an individual searched for "celer bridge" to find the website for the Celer blockchain bridge. The first result appeared legitimate, even displaying the correct URL for the actual Celer bridge. However, once they clicked the result, they were redirected to a phishing website.

Once the victim connected their crypto wallet, it was immediately drained of $900,000 in the USDC stablecoin. They wrote on Twitter that it was "most of [their] net worth".

SEC cracks down on Titan crypto investment manager for advertising 2,700% returns

Titan Global Capital Management, an investment advisory firm, has been charged by the SEC for violations of securities laws, including misrepresenting potential investment performance, making misleading disclosures pertaining to crypto custody, failing to impose limits on employees' crypto trades, and more.

Titan advertised "annualized" performance results of up to 2,700% on its Titan Crypto trading strategy, which the SEC says was misleading because it failed to include material information about how the performance was calculated. Titan had based the calculation on three weeks of performance, assuming it would continue for a full year.

Titan has agreed to a cease-and-desist order, censure, and over a million in disgorgement and penalties.

Harbor Protocol exploited

The "interchain stablecoin protocol" Harbor announced on August 19 that they had experienced an exploit that drained some of the funds in the project pools. They wrote on Twitter that they were "working hard to estimate the total losses incurred as well as investigate the exploiter(s) and trace the funds."

According to data on DefiLlama, TVL on the project dropped from around $370,000 to only $81,000. The TVL was already significantly down from the project's peak of almost $1.5 million.

Crypto founder loses over $250,000 to crypto scam

Bryan Lawrence, the leader of a crypto project called Glow Token, recently shared that he'd fallen victim to scammers impersonating employees of the Crypto.com exchange. Lawrence said that scammers promised to list Glow Token's FLARE token in exchange for more than $250,000 in "security deposits". Crypto.com later contacted Lawrence, asking him to stop falsely claiming that his token would be listed on Crypto.com, and alerting him to the apparent scam.

Lawrence is now suing Crypto.com, although this may be challenging given they apparently weren't behind the scam. Lawrence has also said that he has sold his house to pay for legal costs.

Recur NFT platform shuts down after $50 million Series A

In September 2021, the Recur NFT platform announced it had raised $50 million in a Series A funding round that saw the startup valued at $333 million.

In December 2021, the company offered $300 "Recur Passes", which promised holders early access to NFT drops and other perks. One of them resold for $88,888 in February 2022.

Now, Recur has announced they will be closing up shop, and warned users to migrate their assets away from the platform in advance of a November shutdown. The company cited "unforeseen challenges and shifts in the business landscape".

As for the Recur Passes, they're currently selling for somewhere between $7 and $11.

Terra website hijacked by phisher

Despite the catastrophic Terra/Luna collapse in May 2022, the Terra blockchain is still up and running. On August 19, the official Twitter account for the Terra project tweeted that the project's website had been hijacked, and was being used by a phisher to try to obtain access to users' wallets. When the website is opened, it prompts visitors to connect their wallets, which then allows the phishers to drain funds.

Despite a tweet on August 19 that "sites are coming back online", and a developer stating that they were "mostly back in control", the website apparently remained compromised for several days. The project reiterated via tweet on August 20 that the website was still not safe to use.

It's unclear how much was stolen as a result of the hijacking.

Exactly Protocol hacked for at least $12 million

The Exactly Protocol, an attempt to "decentralize the credit market" built on the Optimism layer-2 network, was exploited. The protocol announced a pause to investigate a security issue, after they were alerted to suspicious transactions.

An attacker has siphoned more than 7,160 ETH (~$12 million) from the project, which they've bridged back to the Ethereum main chain. The Exactly Protocol's TVL plunged from $37 million to under $12 million following the attack.

Exactly writes on their website that they had been audited by four different firms: Chainsafe, Coinspect, ABDK, and Cryptecon.

Fed issues cease and desist to FTX-connected Farmington State Bank

A small building with "BANK" written over the doorFarmington State Bank (attribution)
Farmington State Bank, also known as Moonstone Bank, is a tiny Washington state bank that drew scrutiny after the FTX collapse for receiving an outsized investment from the firm. The investment appeared to be an attempt by FTX to gain control of a US bank, and raised questions over how the purchase was approved by federal regulators.

Now, the Federal Reserve Board has issued a cease and desist to Farmington State/Moonstone, claiming they have violated the commitments they made while going through the approval process. Despite promises not to do so, the bank engaged in digital asset activity, reportedly working with stablecoin issuers.

Blockchain Capital co-founder loses $6.3 million in SIM swap hack

Blockchain Capital co-founder Bart Stephens has filed a lawsuit against as-yet-unknown individuals who he says stole $6.3 million in cryptocurrency from him. The attackers used a SIM swap attack to gain access to his crypto wallet, which they then drained of various tokens.

The attackers also tried to steal around 80 BTC and 6,500 ETH (currently worth over $12.6 million) from a cold wallet belonging to Stephens, but were thwarted by an email alert sent to Blockchain Capital employee.

$1.7 million rendered inaccessible for weeks in broken bridge to new Shibarium network

People were very excited when the Shiba Inu-focused "Shibarium" layer-2 Ethereum blockchain went live on August 16. The dog-themed network is part of a push to make Shiba Inu a "serious blockchain project" — though the network will use $BONE, $TREAT, $SHIB, and $LEASH tokens, and is still fundamentally based around a dog meme.

A bridge between Ethereum and the Shibarium network was released as the network went live, and eager users quickly transferred a combined 954 ETH (~$1.7 million) to the bridge contract so they could access it on the new chain. However, users started reporting that transactions were stalled, and they weren't able to access their tokens on the Shibarium side.

The team quickly shut down conversation on Discord as more issues were raised, and claimed in a blog post that the issues were caused by nothing more than the network being overwhelmed with traffic. The team denied the authenticity of screenshots of a Telegram chat appearing to show the lead developer writing that the funds were unrecoverable, insisting they were safe.

Finally, weeks after the botched launch, Shibarium re-enabled the bridge and told users they could once again access their funds. Though there have been some delays in transactions, the "stuck" funds appear to be retrievable.

SwirlLend rug pulls for around $460,000

Despite the fact that Coinbase's Base blockchain was only officially launched a week ago, and a relatively small amount of funds are locked on the chain, it's already racking up its own tally of scams and hacks.

SwirlLend was a lending protocol operating on both Base and the similarly newborn Linea chain. Shortly after its launch, the project drained a combined $460,000 from the two chains, then deleted its social media accounts.

Shenzhen Shikongyun Technology accused of $83 million Filecoin pyramid scheme

Shenzhen Shikongyun Technology, a company focused on mining the Filecoin token, has been accused of running a pyramid scheme. Four of the company's executives were also charged. According to Chinese law enforcement, they had been soliciting investments in what was ultimately a pyramid scheme, exaggerating the likely returns from their mining efforts.

Shenzhen Shikongyun Technology was operating in mainland China despite a ban on cryptocurrency activities in September 2021.

Prime Trust files for bankruptcy

After the Nevada Financial Institutions Division issued a cease and desist describing Prime Trust as insolvent in June, then successfully requested the company be placed into receivership days later, it's no huge surprise that Prime Trust has filed for bankruptcy.

Prime Trust is a crypto custodian that previously served companies including Binance US, Swan Bitcoin, and BitGo. Just a year ago, the company announced they had raised $100 million in a Series B funding round, and planned to add crypto retirement accounts to its list of products. It's probably a good thing that didn't pan out.

According to bankruptcy documents, Prime Trust has between $50 million and $100 million in assets, but between $100 million and $500 million in liabilities. They report having between 25,000 and 50,000 creditors.

RocketSwap exploited after key compromise

Exploiters stole around 471 ETH (~$857,000) from the RocketSwap project on the Base Ethereum layer-2 blockchain. According to RocketSwap, the project had stored private keys on a server which was then hacked via brute force. "We are very sorry for your loss," they wrote on Twitter.

RocketSwap later announced a plan to airdrop tokens to "compensate" users for the theft. They also tried to reassure projects that were migrating away from RocketSwap that there was "no need to run away, your funds are safe".

Zunami Protocol exploited for more than $2.1 million

The Zunami Protocol stablecoin-focused yield farming aggregator was exploited for more than $2.1 million when an attacker was able to perform a price manipulation attack on the project's primary pool. Zunami attracted users by promising "the highest APY on the market": around 14%. The project had been audited by Ackee and HashEx.

The attack was a "classic price manipulation" exploit, according to the Ironblocks security firm. The attacker was able to steal 1,152 ETH ($2.13 million) from the protocol. They then tumbled the stolen funds through Tornado Cash.

Uniswap developer fired over FrensTech rug pull

After pulling off a rug pull that only netted 14 ETH (~$25,900), Allen Lin (known as AzFlin) lost his day job for the company that maintains the Uniswap DEX. Hope it was worth it.

Lin had created a project called "FrensTech", which aimed to capitalize on the popularity of a product called "friends.tech", and which ultimately accumulated the 14 ETH in fees before he decided to drain liquidity. Lin had not tried to conceal his identity. After the rug pull, Uniswap founder Hayden Adams wrote on Twitter: "Wanted to let people know this person is no longer with the company. Not behavior we support or condone."

Lin was unapologetic, tweeting: "got fired from uniswap, but gained 600 new followers and [crypto Twitter] villain status. net neutral tbh".