Concentric Finance exploited for $1.8 million

The Concentric Finance yield aggregator project issued a statement that the protocol had been exploited after a social engineering attack on a team member that had access to the project's deployer wallet.

Tokens priced at around $1.8 million were drained from the project vaults. In a tweet, Concentric urged users to revoke contract approvals to avoid further losses.

The wallet addresses used by the exploiter appeared to connect the attacker to the $2.7 million OKX DEX theft in December 2023.

Terraform Labs files for bankruptcy

Terraform Labs, the company behind the Terra blockchain, has filed for bankruptcy. Its flagship product, the Terra stablecoin and associated LUNA token, failed spectacularly in May 2022. Its CEO, Do Kwon, was arrested in March 2023, and remains in custody awaiting a decision on whether he will be extradited to the United States or South Korea — both of which are looking to charge him over his role in the scheme.

Despite all of that, Terraform Labs had continued to operate. However, it is now in dire financial straits, and has now filed for Chapter 11 bankruptcy in an attempt to sort out its financial obligations amid costly legal cases. Terraform Labs is currently a defendant in a complaint by the SEC, as well as several class-action lawsuits.

According to the company's bankruptcy filing, it has between $100 million and $500 million in assets, and liabilities in the same range.

Dwight Howard's NFT project flops

An illustration of Dwight Howard in 3/4 profile, wearing shades with "Ballers" across the front in LEDs, and a tank top with the Avalanche logo pinned on a strapBallers NFT project artwork (attribution)
NBA star Dwight Howard is clearly at least a year (probably two) late to the time when celebrities and star athletes could drop some low-effort NFTs and sell out the whole batch immediately. After announcing his "Ballers" project on January 20, offering 3,000 NFTs for a mint price of 2 AVAX (~$60) apiece, he only managed to sell about 300 of them within a day or so.

After the dismal launch, Howard tried a few somewhat desperate-seeming moves to try to attract interest in the project: promising to send free crypto to some holders, redoing all the art after criticism of its quality, and slashing the NFT supply to 1,500. Despite all that, only 465 NFTs have sold (15% of the original supply, netting Howard 930 AVAX — around $28,400).

The flop was so bad that a member of the team behind the Avalanche blockchain put out a tweet distancing themselves from the project, stating that they didn't even know about the project until he announced it. "Gone are the days that individuals/Brands with large followings can just drop IP related NFTs out of nowhere and expect it to do well," they wrote, seemingly criticizing Howard's approach by writing that NFT creators must "mak[e] sure to do it in an organic way with proper intentions."

CFTC files complaint against Debiex platform for using "romance scam tactics" to steal $2.3 million

The CFTC has filed a complaint against Debiex, a shadowy cryptocurrency platform whose precise location and executives are unknown. The company's employees primarily targeted Chinese Americans, and used common romance scam techniques: first striking up a friendship or romantic relationship with the victim, then convincing them that they could earn huge profits by putting money on Debiex.

Debiex, however, only resembled a cryptocurrency trading platform. In reality, the website merely mimicked a trading platform, and the funds supposedly deposited there for trading purposes were taken by Debiex.

The CFTC identified five victims who were allegedly defrauded of a combined $2.3 million.

Colorado pastor charged for cryptocurrency scam he says he perpetrated at God's command

A still frame from a video of a man speaking to a camera, with the subtitles: "So the charges are that Kaitlyn and I pocketed $1.3 million and I just want to come out and say that those uh charges are true."Eli Regalado (attribution)
A Colorado-based pastor for an online ministry sold INDXcoin to his followers and others in the Christian faith. However, there was no way for buyers to cash out the tokens. Meanwhile, Regalado and his wife spent the money on a Rolls Royce, jewelry, and designer handbags — and, according to Regalado, "a home renovation the Lord told us to do."

Regalado posted a video to his supporters explaining that he had been sued by the Colorado state securities regulator. "So the charges are that Kaitlyn and I pocketed $1.3 million, and I just want to come out and say that those uh charges are true," said Regalado in the video, presumably causing a cold chill to run down the spine of his defense attorney in the middle of whatever he was doing.

According to Regalado, God told them to first invest in a separate coin, which turned out to be a scam. Then, says Regalado, God told him to make his own currency, which Regalado called INDXcoin, "but also give them a 10x". Who knew God was a degen! Regalado had told investors that the funds would be going to "widows and orphans", but spent most of it on himself and his wife.

Luis Rubiales' NFT launch condemns "radicalism and feminist extremism" and describes alleged assault as "a small mistake"

Luis RubialesLuis Rubiales (attribution)
Apparently, former president of the Royal Spanish Football Federation Luis Rubiales has decided the way to rehabilitate his reputation after forcibly kissing a soccer player and being banned from football is to... release an NFT project.

In an announcement posted on Rubiales' Twitter account, the South Korean Moon Labs wrote: "Yes, we agree that Mr. Luis Rubiales made a small mistake in women world cup." The statement went on to condemn "extremism and radical feminism", and downplay Rubiales' actions as not "really" sexual assault. "Yes, Luis did small mistake but probably the biggest mistake was losing Luis Rubiales in football part [sic]."

$2.7 million disappears from funds meant to compensate Hector Network investors

In July 2023, angry investors in the Hector Network project opted to "rage quit" — an option reserved by some defi projects that allows investors to vote to liquidate a project's remaining treasury and distribute it to token holders. The successful rage-quit vote in Hector's case came after the protocol lost $8 million in the Multichain disaster, although investors say that was only the final straw in a series of poor management choices and inflated salaries that saw the project treasury dwindle from over $100 million to around $16 million.

Now, another $2.7 million is gone after an apparent thief was able to exploit a smart contract that was intended to distribute payouts to Hector's token holders. They then swapped the tokens from the USDC stablecoin to ETH.

Investors in the project are furious, especially because various parties had warned Hector Network about apparently insecure practices. Hector Network's team, meanwhile, have not acknowledged the theft, although a law firm involved in the project liquidation promised a statement would be forthcoming.

TrueUSD loses peg (again) as traders sell due to fears over its stability

TrueUSD, a stablecoin connected to Justin Sun, deviated from its intended $1 peg to around $0.983 as traders sold off more than $100 million of the token seeking safer options. The fears seemed to be sparked by the rapidfire and massive hacks of the Justin Sun-connected HTX (hacked for $115 million) and Poloniex (hacked for $120 million) in November.

Adding to those is the fact that TrueUSD recently paused its real-time reserves attestations, due to systems reporting liabilities that exceeded assets, though TrueUSD (obviously) claimed this was just an error.

Socket service and its Bungee bridge suffer $3.3 million theft

The Socket cross-chain infrastructure protocol was hacked for around $3.3 million in an attack that exploited its Bungee bridge. The thieves were able to exploit a bug that allowed them to take assets from those who had granted approval to a portion of the system called SocketGateway.

A little over 700 victims were affected, and the highest loss from a single wallet was around $657,000. 121 wallets lost assets priced at more than $10,000.

On January 23, the protocol announced they had recovered 1,032 ETH (~$2.23 million) of the stolen funds.

Gamestop is shutting down its NFT marketplace

Just as the NFT marketplace was entering collapse in May 2022, GameStop decided it would be a great time to launch an NFT marketplace. The marketplace launched in July, and made headlines for a rather unfortunate reason.

Evidently the platform has still been running since then, though it rarely enjoys much mention alongside its many competitors.

Now, rolling out the classic "regulatory uncertainty" line, GameStop has announced it will be shutting down the marketplace. After shutting down a crypto wallet project in November, the company seems to have fully exited the crypto world.

Harmony blockchain encounters "infinite mint" bug; accusations of wrongdoing fly

On December 7, the Harmony blockchain began encountering a bug that ultimately caused around 150 million of the project's $ONE token (priced at around $2.2 million) to be erroneously minted and distributed to 79 wallets. Most of the recipients, who were anonymous, quickly sold their unexpected windfall.

The bug was fixed about a week later. There has been a dispute since then between Harmony employees and a consultant who was involved in identifying the bug, and the consultant has been accused of delaying action to profit from the excess tokens. The consultant also balked at destroying some of the tokens he mistakenly received.

The consultant claims that he didn't profit from the bug, and objected to a Harmony employee coming after him to destroy the excess tokens when he'd done little towards others who profited from the error. He did, however, say later that he had destroyed the tokens.

According to the consultant, a Harmony employee claimed that he had filed reports to the FBI and IRS about the consultant's behavior, and had the consultant banned from the annual ETH Denver event.

Genesis to settle with New York for $8 million

After the New York Department of Financial Services accused the Genesis cryptocurrency platform of cybersecurity failures that made it vulnerable to criminal activity and hacking threats, Genesis has reached an $8 million settlement with the agency.

The failures included poor anti-money laundering programs, deficiencies around filing suspicious activity reports, and poor cybersecurity.

The NYDFS action is only one of Genesis' many worries these days, as it undergoes bankruptcy proceedings and is facing various other legal woes.

Euler Finance cofounder loses private key and, with it, $3.8 million

As Euler Finance tried to recover from a massive hack in March 2023, and as founder co-founder Michael Bentley was dealing with matters in his personal life, he "made an error and it turns out that one of the private keys [to his personal crypto wallet] is no longer recoverable". The private key would have allowed him to recover assets from his hardware wallet, which had made his assets inaccessible after a malfunction.

With the malfunctioning hardware wallet and no recovery key, Bentley has lost access to assets including 1.2 million EUL tokens — over 4% of the total EUL token supply. These tokens are priced at about $3.8 million today, though at other times the tokens would have been worth up to about $15 million.

"I've now lost a substantial percentage of the crypto assets I held in cold storage, accumulated over more than seven years, including the majority of the EUL allocated to me for participating in Euler governance," said Bentley.

Trader loses $5.7 million to slippage in memecoin trade

A shiba inu dog wearing a chunky light pink knit hat with a brimDogwifhat's namesake (attribution)
A trader looking to buy $9 million of a recently popular Solana memecoin, dogwifhat (WIF), lost $5.7 million of their funds to slippage as they placed a massive order in a pool with relatively low liquidity. $5.7 million of their funds were lost to "slippage" — the discrepancy in price that can occur when a trade is so large or a market is so illiquid that the trade itself impacts the asset price.

Some have speculated that the trade might be an expensive marketing stunt to increase attention to WIF, which was losing some steam.

I'll give it to them: the token's namesake is pretty cute. But not $9 million cute.

So long, hexagon: Twitter removes NFT profile picture support

Just about two years after launching a feature in which NFT owners could show off their NFTs with special, hexagonal profile pictures, Twitter has apparently removed support for adding NFT avatars.

It's unclear if the move is spurred by the massively waning interest in NFTs, or if it's part of Twitter's broad slashing of functionality in the wake of Elon Musk's disastrous takeover and cost-cutting attempts.

Those who already had the hexagonal profile pictures now seem to have had them restored to their usual circular shape, and there's no longer any mention of the feature in Twitter's support documentation, and new NFT profile photos can't be uploaded. People can, of course, still right-click and save the images and upload them that way.

SEC Twitter account compromised, used to falsely announce approval of bitcoin spot ETFs

As the crypto industry collectively turns blue holding its breath for a decision on a raft of bitcoin spot ETFs currently in front of the SEC, the SEC Twitter account was hacked. The hacker posted an announcement stating that the Commission had approved bitcoin ETFs, even including a graphic with a fake quote from Chairman Gary Gensler.

Bitcoin briefly spiked by about $1,000 before dipping around $1,000 below its previous price, as traders excitedly reacted to the news, and then the news that the news was fake.

"Bitcoin Rodney" arrested in relation to Hyperverse scam

A man wearing a denim bucket hat and vest with the Gucci logo, a white button-down shirt, large black glasses, a massive gold and diamond chain, and two watches, poses in front of a backgroundBitcoin Rodney (attribution)
A crypto influencer known as "Bitcoin Rodney" was arrested by US authorities for his involvement in the HyperVerse crypto scam, which fleeced victims out of over $1 billion. In addition to promoting the scam, Bitcoin Rodney allegedly received more than $7.8 million directly from victims, which he exchanged for HyperVerse's $HU token. $5.8 million of this money was received after HyperVerse had disabled converting $HU to cryptocurrency, meaning that the victims never even had the opportunity to cash out their "investments".

Bitcoin Rodney has been charged with operating an unlicensed money transmitting business and conspiracy to operate an unlicensed money transmitting business.

"Undead Apes Society" creator charged over rug pull

A grey ape skull on a blue background with clouds. The skull has a pink and green mohawk, a laser module for eyes, and teeth resembling piano keys. It's wearing a shredded white dress shirt with a tie.Undead Ape #1 (attribution)
The creator of a Solana-based NFT project called Undead Apes Society has been charged with money laundering conspiracy and making false statements to investigators after rug-pulling fans of his NFT project. Devin Rhoden, an active duty Senior Airman in the US Air Force, had created the project and minted two collections: UndeadApes and Undead Lady Apes. They promised to then mint a third collection, "Undead Tombstones", which was highly anticipated. However, the project turned out to be a rug pull, and the prices of the two previous collections also plummeted as a result of their connection to a scam project. The Undead Tombstones project raised 1,250 SOL in April 2022, which was at the time priced at around $128,000.

When investigators subpoenaed Discord for Rhoden's chat logs, they found messages celebrating the rug pull. "good shit on us making a fuck ton of money," he wrote to his co-conspirator.

MangoFarmSOL rug pulls for $2 million

A Solana yield farming project called MangoFarmSOL encouraged people to deposit Solana tokens into the protocol to earn airdrops by January 10. However, on January 6, the project appeared to make off with all the tokens — around $2 million worth. They subsequently deleted their website and Twitter account, and closed their Telegram channel to new members.

MangoFarmSOL is unrelated to the other Solana-based mango-themed project, Mango Markets, which was exploited in October 2022 for more than $100 million.

Narwhal likely exit scams for $1.5 million

A cryptocurrency project called Narwhal appears to have rug-pulled, claiming that they were hacked. In a post on their Twitter account, they claimed that a "hacker attack" caused "significant losses to [their] community members", but urged followers to "maintain trust in the platform".

However, investigation by the CertiK blockchain security firm suggests that the "hack" may have been an inside job, with much of the $1.5 million that was "stolen" going to wallets with links to the Narwhal team.

The Narwhal project had launched in mid-December.

xKingdom rug pulls for $1.25 million

The xKingdom project promised users a way to "build your kingdom" on Twitter, earning tokens by interacting with tweets and doing "quests". Users had to borrow XKING tokens in order to participate.

On January 6, the project's creators drained the tokens that had been put into the project, then deleted their website and social media accounts. Altogether, they withdrew 558.3 ETH (~$1.25 million).

CoinsPaid hacked again

The crypto payments platform CoinsPaid was hacked for the second time in six months. This time, around $7.5 million in various tokens was stolen.

In July 2023, an attacker stole $37.3 million from the CoinsPaid platform. CoinsPaid said at the time that they suspected the attacker was the North Korean Lazarus hacking group, which has been a prolific perpetrator of cryptocurrency thefts.

Blockchain security firm CertiK suffers compromise of their own

The Twitter account of the blockchain security company CertiK was hacked, then used to post tweets ostensibly warning of a massive crypto vulnerability and urging users to click a link to protect their wallets, but which instead linked the account's some 340,000+ followers to a site that would drain their wallets if connected.

CertiK quickly regained control of the account and deleted the tweets, later explaining that an employee had been contacted by a "verified account, associated with well-known media". The journalist's account, apparently compromised, successfully phished the CertiK employee by sending what looked like a Calendly meeting scheduling link, but what was in fact a malicious link used to take over the CertiK Twitter account.

Blockchain sleuth zachxbt criticized CertiK, which describes itself as a leading blockchain security firm, for not protecting against the attack, and asked if they would be reimbursing phishing victims.

Gamma Strategies exploited for $6.2 million

The Gamma Strategies defi protocol suffered an exploit when an attacker targeted their vaults on several projects across the Arbitrum layer-2 network. The attacker successfully stole almost $6.2 million from these vaults by manipulating the price of some of the assets involved.

Gamma has contacted the hacker to try to negotiate a return of some of the assets, and also says they have engaged law enforcement. Although they have promised to try to repay some of the stolen assets, they are estimating between 25% and 40% recoveries for various categories of users.

Radiant Capital lending protocol hacked for $4.5 million

Radiant Capital, a cross-chain lending protocol built on the Arbitrum layer-2 network, was hacked for 1,900 ETH (~$4.5 million). The exploit relied on a flaw in the underlying code, which was forked from Compound and Aave. The original code has a known rounding issue, which makes new projects vulnerable to attack shortly after they are deployed if they are not specifically configured to avoid the issue. In this case, the attacker had observed the contract being deployed and performed the exploit only six seconds after the project was activated.

Radiant Capital sent an on-chain message to the attacker, offering to negotiate a bounty.

Wallet security startup founder scammed out of $125,000

Bill Lou, the co-founder of a cryptocurrency wallet that claims to "revolutionize wallet security", was scammed out of 52 stETH (~$125,000) when he clicked a link promising an airdrop for a project. However, he had fallen for a phishing link that was prominently placed in Google search results, mimicking a real project but draining users' wallets when they authorized the transaction.

"I just got scammed out of $125k of stEth while trying to claim the $LFG airdrop. And I'm a fking founder of a wallet startup that's trying to improve wallet security..." wrote Lou on Twitter. "This is the first time I've been scammed. I always read about others but you never think it could happen to you..." he wrote.

If the founder of a wallet security project can't avoid scams in the crypto world, what hope do the rest of us have?

Orbit Bridge hacked for $81 million

The Orbit Bridge project, a cross-chain bridge for the Orbit Chain project, was exploited on December 31 for around $81 million. The attacker made off with around 26,742 ETH (~$64 million) and $18 million in the DAI stablecoin. Orbit Chain's total value locked plummeted from $152 million to $71 million as over half the funds were drained.

Orbit began sending the attacker on-chain messages, writing that "we will track you down and restore the damage you incurred to the ecosystem. And we will not stop." Orbit also wrote on Twitter that they were working with various law enforcement agencies.

Wallet gets phished for $4.4 million

Someone had a not so fun end to the year when they fell victim to a phishing attack and had around 275,700 LINK drained from their crypto wallet. Those tokens are priced at around $4.4 million.

The attack was perpetrated by the Pink Drainer group, which had recently compromised the Twitter account of Compound Finance to try to lure its more than 250,000 followers into authorizing the malicious drainer. It's not clear if that's how this wallet was drained, however, as Pink Drainer uses numerous strategies to attract victims.

UST and LUNA deemed securities in court

The federal judge overseeing the SEC v. Terraform Labs case has determined that Terra's UST stablecoin, LUNA token, and related tokens were securities. "There is no genuine dispute that UST, LUNA, wLUNA, and MIR are securities because they are investment contracts," wrote Judge Jed Rakoff.

This is a major decision in the crypto world, which recently celebrated a decision in the SEC v. Ripple case, which found that some sales of Ripple's XRP token did not constitute unregistered securities offerings.

The SEC has maintained a position that the majority of crypto asset offerings are securities offerings, which has been an unpopular opinion among those in the cryptocurrency industry — which broadly does not wish to be regulated by the SEC.

Levana Protocol loses over $1.1 million in slow motion

An attacker successfully manipulated an oracle to drain around 10% of the liquidity pool for the Levana Protocol, an Osmosis-based perpetual futures project. This amounted to $1.146 million.

The attack was unusual in that it lasted almost two weeks, going unnoticed because it was draining pools slowly enough that the Levana team assumed it was organic activity. However, when the network became congested, the attack suddenly became more profitable — and more noticeable.

Barry Silbert resigns from Grayscale board

New SEC filings have revealed that Digital Currency Group CEO Barry Silbert and president Mark Murphy have resigned from the board of Grayscale Investments, the organization behind the Grayscale Bitcoin Trust and a subsidiary of DCG.

Grayscale is in the midst of an application process with the SEC for approval to convert the trust into a spot bitcoin ETF. This has been an ongoing effort by Grayscale, and has been denied before.

DCG, meanwhile, is in the middle of financial difficulties and ongoing legal battles, including a lawsuit from the New York Attorney General alleging a $1 billion fraud by DCG and its Genesis subsidiary. The lawsuit from the NYAG also names Silbert personally.

Telcoin exploited for $1.25 million

$TEL, the token associated with the Telcoin remittances project, plunged 40% as an exploiter was able to steal around $1.25 million from the project. The company later disclosed that the issue had to do with how the project had been implemented on the Polygon network. The app was taken offline as the company investigated the hack.

Telcoin later announced that they "plan[ned] to restore all wallets to their previous balances", though did not say whether or how they would be making up the $1.25 million deficit.

Telcoin had been audited by CertiK, though CertiK tweeted to say that "this contract was not in the scope of the audit conducted by CertiK".

Tether mints itself a $1 billion Christmas present

I wish I could give myself a billion dollars for Christmas, too.

On December 25, Tether minted 1 billion of its USDT dollar-pegged stablecoin. CEO Paolo Ardoino announced on Twitter that the mint was an "authorized but not issued transaction, meaning that this amount will be used as inventory for next period issuance requests and chain swaps". This seems to be a recent trend for Tether, as similar language was used for a $1 billion mint in September.

The activity has raised more questions around where the real money backing Tether is coming from, and if it even exists at all. Some have argued that these recent Tether mints are being used to artificially inflate the price of Bitcoin, which has been on an upward trend since mid-October.

Tether, which boasts a market cap of more than $90 billion, has never been audited, and has lied about its backing in the past.

Megabot exit scams for almost $750,000

The Megabot project rug pulled, stealing $742,000 from those who bought in to the project's presale. The majority of the money — around $692,000 — was stolen on the Solana network.

Megabot had advertised itself as an AI trading bot that would earn users "up to 30% monthly". The team had promised that the bot would perform trades while "sidestepping potential risks such as honeypots, rugs, and slow rugs".

"No one will be able to rug you anymore", their website boasted. Ah, well.

Defunct BarnBridge reaches $1.7 million settlement with SEC

About six months after the SEC filed a complaint against the BarnBridge DAO, the group has agreed to disgorge almost $1.5 million in proceeds from their "SMART Yield bonds" — which the SEC also says attracted more than $509 million in investments. The two co-founders will also pay $125,000 each in civil penalties.

The SEC charged that the group had not registered their sale of the bonds as was required under US securities laws. BarnBridge shut down very shortly after the complaint was filed, without any input from its community, despite ostensibly being community governed.

Catalyx exchange ordered to freeze trading after theft

The Canadian Catalyx cryptocurrency exchange has frozen trading and halted withdrawals after an emergency order by the Alberta Securities Commission on December 21. Catalyx consented to the order.

Catalyx announced in a press release on December 28 that they had "recently discovered a security breach on the Platform in connection with the holding of crypto assets on behalf of clients. Management suspects that this security breach, which may involve an employee, has resulted in the loss of a portion of the crypto assets held by the Company on behalf of its clients".

Catalyx did not state how much had been stolen.

Qredo dumps CEO, raises emergency financing after burning through funding

Despite raising $80 million in February 2022 in a Series A round that saw the company valued at $460 million, the Qredo crypto custody platform just had to secure debt financing to keep the company afloat. Its lead investor also pushed to oust the company's CEO and COO, and shake up the board.

Qredo had already been forced to perform layoffs in September and then November, and in November was searching for a rescue after saying their user "activity ha[d] fallen" in the "prolonged cryptowinter".

On December 15, Qredo had also announced that they would be shutting down their Ankex trading platform, which was previously led by Michael Moro, who was previously booted as CEO from Genesis Trading.

New wallet drainer steals almost $60 million in 9 months

A new wallet drainer tool has stolen $58.98 million in cryptocurrency assets from more than 63,000 victims in the past nine months. People using the drainer software have pulled in victims by running ads on Twitter and through Google ads, employing various tricks to thwart ad reviewers trying to thwart malicious ads on their platforms.

Aurory bridge hacked for over $1 million

The Aurory gaming platform uses a bridge called SyncSpace to move assets between the blockchain and the game's off-chain network. On December 17, the bridge was targeted on Arbitrum's Camelot DEX, and an attacker successfully siphoned around 600,000 $AURY tokens from the liquidity pool. As a result, the pool went from around $1.5 million in liquidity to around $312,000, and the price of the $AURY token dropped 11% as the attacker sold it off in bulk.

The Aurory team posted on Twitter to acknowledge the hack, writing that they'd disabled SyncSpace as they investigated. They also wrote that SyncSpace had been audited months ago, but that the audit had failed to detect the vulnerability.

"Top tier" NFTs stolen in NFT Trader hack

A collage of Bored Apes, Mutant Apes, and World of Women NFTs stolen in the NFT Trader hackSome of the stolen NFTs (attribution)
Attackers exploited old smart contracts from the NFT Trader peer-to-peer NFT trading application to steal pricey NFTs, including at least 37 Bored Apes, 13 Mutant Apes, and NFTs from the VeeFriends and World of Women collections. Some ETH and APE tokens were also stolen. Altogether, the stolen NFTs are priced at around $3 million, though the hacker may not be able to liquidate them for that ammount.

One attacker claimed in on-chain messages that the original attack had been perpetrated by someone else, but that they were one of the many copycat attackers, describing themselves as someone who had "[come] here to pick up residual garbage". They requested victims send additional ETH to get their NFTs back. "If you want the monkey nft back, then you need to pay me a bouty, which is what I deserve", they wrote, asking for NFT holders to send them 10% of the Ape floor price.

Meanwhile, NFT holders were urged to revoke access to NFT Trader, since the platform seemed aware of the attack but unable to stop it. NFT Trader was ultimately able to thwart the attacker to stem additional bleeding, likely thanks to help from community members who pointed out a way the contract could be shut down.

Later, the "residual garbage" attacker returned 36 Bored Apes and 18 Mutant Apes after a Yuga Labs co-founder paid the 120 ETH (~$260,000) ransom.

SafeMoon files for bankruptcy

The company behind the SafeMoon cryptocurrency scam has filed for Chapter 7 bankruptcy. Screenshots circulated on Twitter of a letter to employees citing "a number of operational and financial challenges", likely referring to — oh, I don't know — maybe the whole criminal indictment against SafeMoon's founders and executives and simultaneous civil lawsuit from the SEC.

Although SafeMoon claimed to have created a token that would "safely go to the moon", executives allegedly siphoned millions of dollars of investor funds to spend on personal expenses including luxury cars and real estate.

In the bankruptcy filing, SafeMoon has claimed to have 50–99 creditors, between $10 and $50 million in estimated assets, and $100,000 to $500,000 in estimated liabilities.

Supply chain attack on Ledger puts much of defi at risk

A supply chain attack on the Ledger connector application has rippled throughout the world of decentralized apps, which widely use the software to enable people to connect their popular Ledger hardware wallets to perform transactions. Although hardware wallets are meant to be among the most secure ways to store crypto, they too are vulnerable to attacks when they are connected to perform transactions.

A hacker was able to obtain access to Ledger's source code management tool and push out a new release that contained code that would drain wallets as users connect them. Because the library is so widely used, many crypto applications were vulnerable — including Revoke.cash, a security-focused project intended to help people guard against attacks on their wallets.

CTO of the Sushi crypto project issued a broad warning: "Do not interact with ANY dApps until further notice." At least $600,000 has been drained from multiple users so far.

CoinList reaches $1.2 million settlement with OFAC over Russian sanction violations

The Californian cryptocurrency exchange CoinList has settled a lawsuit from the Treasury Departments Office of Foreign Assets Control (OFAC) for $1.2 million. OFAC charged CoinList for processing almost 1,000 transactions between April 2020 and May 2022 on behalf of residents of Crimea, a Ukrainian territory occupied by Russia in 2014 and sanctioned by the United States shortly after.

CoinList reportedly allowed 89 users to sign up for accounts on the platform, most of whom had stated that they were residents of Russia but provided addresses in Crimea.

Money launderers charged over $80 million crypto romance scam

Four individuals who helped launder money through shell companies and various bank accounts have been charged in connection to an $80 million "pig butchering" cryptocurrency scam. The scam reportedly involved at least 284 transactions, though it's not clear how many victims were involved.

Australian victims lose estimated $1.3 billion to prolific scammers' HyperVerse project

Many investors have reported losses thanks to a cryptocurrency investment scheme called HyperVerse, which operated in Australia from around 2018 to mid-2023. Several financial watchdogs issued warnings about the company, including the UK, Canada, Germany, and New Zealand. The Hungarian central bank warned in August 2022 that the HyperVerse project was a "suspected pyramid scheme... behind which there is no real economic activity... There is a significant chance that investors may permanently lose part or all of their invested capital."

Estimates by Chainalysis suggest that victims have lost a combined $1.3 billion (with a B) to the scam thus far.

The scheme's operators Sam Lee and Zijing "Ryan" Xu were also behind Blockchain Global, a collapsed company that operated the Australian ACX crypto exchange that collapsed in 2019. The company is in liquidation, and creditor claims are expected to surpass $50 million. Although Lee and Xu were reported for investigation to the Australian Securities & Investments Commission, ASIC did not take any action.

Lee has also been involved in other investment platforms, including two that are currently active: StableDao and We Are All Satoshi. Both platforms were the target of cease and desist letters from the Californian Department of Financial Protection and Innovation in September 2023, who described them both as "fraudulent pyramid and Ponzi scheme[s]".

Crypto scammer suddenly pleads guilty in trial surrounding EXW fraud

There was surprise in an Austrian courtroom when a defendant suddenly gave up any pretense of innocence, proclaiming, "I've run out of steam, I've finished driving... I plead guilty in full and ask for a lenient and speedy sentence". The judge then had to back up and understand what exactly he was pleading guilty to. The same defendant had earlier admitted to some guilt, but denied the fraud had been planned from the start. Later, he said that he had indeed planned from the beginning to steal the funds.

The scam in question was a Ponzi scheme called EXW, in which the eight defendants stole at least €17.6 million (~$19.3 million) from at least 40,000 victims in late 2019 and 2020. The fraud later resurfaced under a different name. However, in court, the ex-girlfriend of the main defendant testified that the scam had actually brought in €80–100 million ($88—$110 million).

One of the defendants, who from reports seems to be the same one who just admitted his guilt in court, reportedly feigned being autistic when he was arrested by police, somehow earning himself enough time to erase the contents of his phone.

He and seven other defendants have been charged with fraud, money laundering, running a pyramid scheme, and operating a criminal organization.

Blockchain chess platform Immortal Game ditches token after "heavy cheating"

After raising $12 million from crypto-focused venture funds, the Immortal Game blockchain chess platform has announced that they would be nixing most of the blockchain part by shutting down support for their "Checkmate" token and stopping development on play-to-earn and NFT projects. Although they began as a blockchain chess company, they seem to be pivoting to just being a chess company.

"We found that by offering large amounts of cash with no limit barrier to entry, we encouraged heavy cheating on the platform and degraded the user experience for our legitimate player base who want a fair and safe place to play chess online," they wrote. Who could have guessed.

Somewhat ironically, they suggested that they may still intended to look into using web3 technology for "anti-cheat measures".

Grifter-in-chief Donald Trump hawks mugshot NFTs

Trading card style illustration featuring the Trump mugshot, with an arrow showing that a scrap of the suit will come with some of the purchasesPromotional image for the Trump NFTs (attribution)
The collapse of the NFT bubble hasn't stopped Donald Trump from trying to cash out. Following in the footsteps of his wife, who timed things much better as far as interest in NFTs goes, the former president launched his first NFT collection in December 2022. He was later accused of using stolen artwork in the collection.

Now, Trump is hawking a new set of $99 NFTs, featuring the August 2023 mugshot taken in connection to his ongoing racketeering lawsuit. Those who purchase 47 of the NFTs — amounting to $4,653 plus fees — are promised a scrap of the suit Trump wore in the mugshot and a dinner with the president-turned-fulltime criminal defendant.

The fine print, however, reserves the possibility that neither promise will come through.

Fraudsters steal more than $25 million in "AI-powered" crypto ponzi

Two fraudsters capitalized on the hype around both cryptocurrency and artificial intelligence, advertising an "artificial intelligence automated trading bot" that they promised would earn large returns for their investors. Instead, however, the fraudsters spent the money on themselves, paying for private chartered jet flights, luxury hotel accommodations, private mansion rentals, a personal chef, and private security guards.

In addition to pulling off the original scam, the fraudsters also came up with a fake investigative agency called the "Federal Crypto Reserve", where they directed victims who were seeking to recover their losses.

The scammers were charged with wire fraud, money laundering, and obstruction of justice, which carry hefty maximum prison terms.

OKX DEX suffers $2.7 million hack

OKX DEX is a service by OKX that aggregates decentralized exchanges (or DEXes) to help users access features and prices across multiple projects. On December 12, an attacker appeared to gain administrative control of the DEX's smart contract. They upgraded the contract such that they could transfer tokens to themselves, then proceeded to do exactly that until they had stolen around $2.7 million in various cryptocurrencies.

It appears the attacker was able to gain access to the smart contract admin key, which gave them the ability to upgrade the contracts to enable malicious functionality.

OKX announced that they would reimburse the losses, and pursue legal action against the exploiter.