Revelo CEO resigns after claiming he was robbed of personal and company funds at gunpoint

Nick Drakon, formerly the CEO of the crypto research and venture capital firm Revelo, announced on Twitter that he was resigning from the company. In the post, he claimed that he "was recently targeted, surveilled and robbed by a highly sophisticated group. This was an in person attack where my wife and 8 month old son were threatened. The group was specifically interested in crypto assets and knew the deposit addresses belonging to the crypto businesses I operate. I was forced, at gunpoint, to log into a number of crypto accounts and transfer funds out. The funds stolen comprised personal funds, Revelo Intel working capital & retained earnings, as well as Revelo Ventures (an investment syndicate) funds for deals awaiting settlement."

He went on to state that the "vast majority" of the stolen assets were his personal funds. He also alleged that "There is some evidence to suggest that someone in the Ventures syndicate is either part of the group, or passing information onto them."

The amount of funds stolen was not disclosed. Drakon resigned as CEO, and said that he had forfeited his interest in Revolo Intel "to facilitate the return of some money back to members as quickly as possible". He wrote: "To be clear, I have zero financial interest in Revelo moving forward."

He also stated that he would be "stepping away from 'public life' in this space", and warned others: "If you are someone who is known to control large sums of money, you are a target and it is not difficult at all to get to you."

Robinhood pays $3.9 million to settle commodities law violations in California

Robinhood has paid $3.9 million to settle charges from the California Department of Justice that the platform was violating commodities laws. From 2018 to 2022, the popular trading platform prohibited its customers from actually taking custody of the cryptocurrency assets they purchased on the platform. According to the California DOJ, this violated the state's commodities laws.

In addition to the fine, terms of the settlement require the platform to allow its customers to withdraw their crypto assets, and to update disclosures regarding asset custody.

The California DOJ also accused the platform of misleading its customers by claiming that the app "advertis[ed] it would connect to multiple trading venues, to ensure customers receive the most competitive prices between the venues, which was not always true". They also say that Robinhood lied about always holding all customer crypto assets purchased through the platform, when in reality, "there were instances in which it arranged for trading venues to hold customer assets for extended periods".

Trump family Twitter accounts compromised ahead of World Liberty Financial launch

The Twitter accounts belonging to Lara and Tiffany Trump were compromised and used to announce a fake launch of the (unfortunately real) World Liberty Financial project that their family has been promoting. Donald Trump's son Eric tried to warn people of the scam, but in doing so retweeted the scam tweet containing the malicious token address.

The posts were deleted and accounts were locked down very quickly by Twitter, but not before approximately 2,000 people bought around $1.8 million of the fake token.

Penpie hacked for $27.3 million

The defi protocol Penpie was exploited for 11,113.6 ETH (~$27.3 million) by an attacker who exploited a flaw allowing them to withdraw unearned "rewards". Although the protocol claimed to have been audited by two blockchain security firms, they later disclosed that the smart contracts containing the bugs had not been fully audited.

The team behind Pendle (the platform on which Pendie is built) detected the attack and paused Pendle an hour after the attack began, which they claim prevented another $105 million from being stolen.

Members of the Penpie team filed complaints with Singaporean police and the US FBI. They also attempted to negotiate a "bug bounty" via on-chain and social media messages to the attacker, but the hacker seems uninterested and has continued to transfer funds between various crypto wallets and launder funds through Tornado Cash.

SEC charges Galois Capital, Galois settles

Eighteen months after the crypto-focused algorithmic trading fund Galois Capital shut down, explaining that they had lost around $40 million in the FTX collapse, the SEC has filed a lawsuit against the firm for failing to properly custody their clients' funds. According to the SEC, instead of complying with SEC requirements that investment advisers hold assets with qualified custodians like banks, Galois was keeping assets on crypto exchanges including FTX.

The SEC also charged that Galois Capital had misled some investors into believing they needed five business days of notice to redeem assets, while other investors were allowed to redeem assets more quickly.

Galois agreed to a settlement with the SEC in which they will pay a $225,000 penalty, which will go to investors who lost money.

"Peripheral" Aave smart contract hacked for $56,000

The popular defi lending platform, Aave, suffered a smart contract exploit that allowed an attacker to steal around $56,000. A smart contract outside of the core Aave protocol, which is used to allow people to use existing collateral to repay their loans, had gradually accrued a balance of tokens leftover from slippage. These small leftover token amounts are sometimes called "dust". Altogether, these tokens amounted to around $70,000 across several blockchain networks.

An exploiter was able to take advantage of an arbitrary call error that allowed them to steal funds from these various contracts, amounting to around $56,000. Various people associated with Aave emphasized that there was no risk to user funds or flaw in the core Aave protocol, and one described the hack as "raiding the tip jar".

OpenSea receives SEC Wells notice

OpenSea has announced that they received a Wells notice from the U.S. Securities and Exchange Commission, warning them of a likely lawsuit from the agency. According to CEO Devin Finzer, "they believe NFTs on our platform are securities". Finzer did not provide any more details about the scope of the SEC's notice.

Finzer promised that the company would vigorously fight any impending lawsuit.

The lawsuit echoes previous enforcement actions by the SEC, such as a September 2023 settlement with the celebrity-backed Stoner Cats project, in which the SEC suggested that it may broadly view NFTs as securities if investors "reasonably expect to profit" from the continued efforts of those who release the NFTs.

Bitcoin mining company Rhodium Enterprises files for bankruptcy

The Texas-based Rhodium Enterprises bitcoin mining company has filed for bankruptcy, disclosing debts between $50 and $100 million and total assets between $100 and $500 million. The company had tried to begin restructuring, but was not able to reach agreement among shareholders, and so decided to enter bankruptcy.

Bitcoin mining has been an extremely challenging business in recent times, partly due to volatile crypto prices over the last few years, and due to diminishing miner rewards following the April halving event.

Rhodium Enterprises had been showing signs of trouble, including failing to make scheduled loan payments earlier this month. In December 2023, a dispute between them and a subsidiary of the Riot Platforms bitcoin mining group culminated in armed security removing Rhodium employees from a bitcoin mining facility in Rockdale, Texas, where Rhodium was leasing bitcoin miners. The case was later sent to arbitration.

Brothers charged by SEC for $60 million "crypto bot" Ponzi scheme

Brothers Jonathan and Tanner Adam were charged with violating the antifraud provisions of the federal securities laws with their GCZ Global and Triten Financial Group entities, which the SEC alleges amounted to a $61.5 million Ponzi scheme that impacted more than 80 victims. The brothers claimed to have a crypto arbitrage bot that would pull from investor funds to perform profitable trades that would earn them 8–13.5% returns. They claimed to investors that, short of a complete meltdown in global financial markets, their funds would be safe.

However, $53.9 million of investor funds were used to pay other investors, in classic Ponzi fashion. The brothers also used investor funds to build houses for themselves and their family, purchase vehicles and designer goods, and make payments on a $30 million condo in Miami for Tanner.

One of the brothers, Jonathan, had in 2004 been convicted on felony securities law violations that resulted in a four-year jail sentence and more than $300,000 in restitution.

Abra crypto lender charged with securities violations, settles

The SEC charged the Abra cryptocurrency lending platform with failing to register the offers and sales of its retail crypto asset lending product, Abra Earn, and with operating as an unregistered investment company. Abra Earn was available to US customers from July 2020 until June 2023.

Abra settled the charges from the SEC by agreeing to an obey-the-law injunction, and agreeing to pay as-yet-undetermined civil penalties.

In January 2024, Abra settled claims from the Texas State Securities Board by agreeing to refund customers. As a part of the complaint, the TSSB had alleged that Abra was "insolvent or nearly insolvent", and had been making misleading statements. In June 2024, Abra settled with 25 state regulatory agencies, agreeing to refund up to $82.1 million to its US customers. Abra had begun winding down operations in the United States in mid-2023, after facing multiple state regulatory actions.

Users suffer losses after Polygon Discord hack

Some fans of the Polygon blockchain, or those looking for help with using it, suffered losses after hackers successfully compromised the project's Discord server. Discord hacks have become a major issue in the cryptocurrency world, and although Polygon is one of the largest projects to suffer a Discord compromise, it's far from the only project to do so.

One member of the Discord described losing more than $140,000 in tokens after clicking a link shared by a person appearing to be a member of the Polygon team, which advertised a token distribution to serve as a "pre-migration celebration".

McDonald's Instagram hacked, hackers claim $700,000 haul

Instagram page for McDonald's, showing the bio: "Sorry mah nigga you have just been rug pulled by India_X_Kr3w thank you for the $700,000 in Solana 🇮🇳"Hacked McDonald's Instagram (attribution)
McDonald's Instagram account, as well as the Twitter account of a McDonald's marketing director, began promoting a memecoin called $GRIMACE (named for the restaurant chain's blobby purple mascot). The posts to McDonald's 5.1 million followers caused the token price to spike. Then, the attacker sold off their holdings, profiting around $700,000 and plunging the token price.

They then boasted about their haul on the compromised Instagram account, changing the bio to say: "Sorry mah nigga you have just been rug pulled by India_X_Kr3w thank you for the $700,000 in Solana 🇮🇳".

The token stunt by the massive company was perhaps made more believable by McDonald's previous forays into crypto, including when they launched a McRib-themed NFT project in December 2021. The company had also joked about a "Grimacecoin" back in January 2022, in a reply to a tweet from Elon Musk.

Crypto holder loses over $55 million to apparent phishing attack

Someone holding almost $55.5 million in the DAI stablecoin was apparently phished, signing a transaction to reassign ownership of their DAI stash to a phishing address. The victim appeared to realize their error several hours later, attempting to withdraw the tokens only to have the transaction fail since they were no longer the owner of the assets.

The attacker later moved the stablecoins to a new wallet, and exchanged about half of them for 10,625 ETH.

Former CEO of Heartland Tri-State Bank sentenced to more than 24 years in prison after putting bank funds into crypto scheme

Shan HanesShan Hanes (attribution)
Shan Hanes, the former CEO of the Kansas Heartland Tri-State Bank, was sentenced to 293 months (24 years, 5 months) imprisonment after pleading guilty to embezzlement by a bank officer. Hanes had fallen for a "pig butchering" scam, where he believed he could earn returns by "investing" funds under the bank's control into a cryptocurrency scheme.

Between May and July of 2023, Hanes transferred $47.1 million of the bank's funds to the fraudulent scheme. This ultimately led to the bank collapsing, with equity investors losing $9 million and the FDIC footing the bill. "There were people who lost 70, 80% of their retirement" as a result of their investment losses, stated a community member.

Hanes had also taken money from a local church, an investment club, and his daughter's college savings. These funds were reportedly used to buy cryptocurrency after those running the scheme told him they needed more money to "unlock" the returns on his investments — a common tactic with these scams.

FutureNet founder arrested for alleged crypto fraud

Roman ZiemianRoman Ziemian (attribution)
Roman Ziemian, a co-founder of the alleged crypto pyramid scheme FutureNet, was arrested in Montenegro, where he was living under a false identity. He had previously been arrested in Italy in October 2022, but fled the country after being released to home confinement. Ziemian’s co-founder, Stephan Morgenstern, had also fled authorities after being arrested and released to home confinement in Greece, but was arrested again in Albania in August 2023.

Ziemian was wanted on international warrants from Poland and South Korea. FutureNet, which was established in 2018 and purported to be a crypto trading platform, is alleged to have defrauded numerous people of a combined $21 million. Victims were encouraged to buy "participation packages", and earn rewards for referring others to the scheme. Polish authorities warned that FutureNet might be a pyramid scheme in 2019, and South Korea began an investigation into the company in 2020.

Ziemian faces fraud, money laundering, and theft charges, which could be punished by life imprisonment in South Korea.

Twitch streamer DNP3 pleads guilty to wire fraud after gambling away funds invested in crypto charity project

Still frame of streamer DNP3 speaking into a microphoneAustin "DNP3" Taylor (attribution)
In January 2023, Twitch streamer DNP3 issued a statement admitting that he had gambled away investor funds while chasing losses. "Eventually I lost everything. In addition to my own life savings, I also irresponsibly used investor funds to try and 'get my money back' from the casino," he wrote. He had founded crypto projects including CluCloin, the Gridcraft metaverse project, and the Goobers NFT project.

Now, Austin "DNP3" Taylor has pleaded guilty to wire fraud after stealing around $1.14 million in investor funds from his CluCoin project, which had claimed it would "help others in need". DNP3 himself had built up a reputation of making generous gifts while livestreaming. He transferred the stolen funds to online casinos, where he then gambled them away.

Taylor faces up to 20 years in prison. The statement from the U.S. Attorney's Office announced that authorities would be notifying identified victims via NFT, and encouraging them to submit statements to the FBI.

Crypto holder loses $100,000 to "Coinbase support" scammer, found via a Google ad

After encountering issues trading his cryptocurrency holdings on Coinbase, a man in his 60s decided to contact Coinbase support for help. He Googled "Coinbase" and clicked on a promoted result that displayed a Coinbase support phone number. After calling the number, the man was convinced to share his Coinbase password and to open his online banking account with the person on the other end, who was in fact a scammer impersonating Coinbase's customer support. By the time the man realized what was happening, thanks to a fraud alert from his bank, he had lost $100,000 in bitcoin, ether, and US dollars.

Scammers impersonating crypto company support representatives are everywhere on social media and elsewhere. Now, it seems, they are purchasing Google ads to rise to the top of Google search rankings. While Google says they attempt to remove fraudulent advertisers, some slip through the cracks.

While phishing attacks like this are prevalent both in crypto and in tradfi, crypto platforms often do not have similar safeguards as major banking platforms to try to thwart unauthorized transactions, nor do they have the same ability to reverse transactions that are made.

SEC charges promoters of NovaTech pyramid scheme

Cynthia and Eddy Petion, with a car behind them printed with the NovaTech brandingCynthia and Eddy Petion (attribution)
Following a lawsuit from the New York Attorney General in June, the SEC has filed a lawsuit against the promoters of the NovaTech crypto pyramid scheme and affinity fraud. Cynthia and Eddy Petion particularly targeted victims of Haitian descent, promoting their schemes in Creole, leveraging their victims' religion, and promising them "financial freedom" and "freedom from the plantation".

The SEC's lawsuit also targets six other promoters of the NovaTech scheme, all of whom the agency says used "religious overtones" when attracting new investors. Ultimately, the scheme was revealed to be a Ponzi scheme, with new investors' money being used to pay out previous investors, as the promoters also took money for themselves.

FTX settles complaint from the CFTC with $12.7 billion payout

FTX will pay $8.7 billion in restitution and another $4 billion in disgorgement to settle the lawsuit from the CFTC, which was filed shortly after FTX collapsed in November 2022. All $12.7 billion, or what is available of it among FTX's remaining assets, will go to creditors rather than to the agency.

Defendants Sam Bankman-Fried, Caroline Ellison, and Gary Wang, as well as the FTX and Alameda Research companies, will be prohibited from commodities trading, including trading bitcoin, ether, USDT, or other assets considered "digital asset commodities" by the CFTC. However, with Bankman-Fried already beginning a 25-year prison sentence, and Ellison and Wang due to be sentenced, this may be low on their list of worries.

North Korean developers steal $1.3 million from crypto project treasury

According to blockchain investigator zachxbt, North Korean developers using fake identities were able to steal $1.3 million from a cryptocurrency project after pushing malicious code.

zachxbt traced the payment addresses for roughly 21 developers involved in this kind of activity, which he found had been working for at least 25 different cryptocurrency projects. They had earned around $375,000 over the past month.

Ripple fined $125 million by the SEC

A judgment has been issued in the long-running case against Ripple by the SEC, and the company has been fined $125 million for violations of securities laws in its institutional sales of its XRP token. The SEC has also obtained an injunction against the company, with the judge in the case opining that there was a "likelihood that [Ripple] will eventually (if it has not already) cross the line" again with respect to securities laws.

Ripple and others in the crypto world have been celebrating the judgment as a victory, in part because it is a substantially smaller penalty than the $1 billion in disgorgement and $900 million in penalties sought by the agency.

The SEC has already signaled throughout the case that they were likely to appeal an eventual outcome, after objecting to the judge's decision that several other types of token sales were not unlawful securities offerings.

Trump-themed $DJT token rug-pulls, people blame Martin Shkreli or Barron Trump

A chart showing the sudden crash of the $DJT token price from around $0.0055 to around $0.0004$DJT chart showing the August 6 crash (attribution)
Surprising just about no one, a wallet holding around 20% of the supply of the $DJT Trump-themed memecoin suddenly dumped its holdings, crashing the token price by around 90%. The token price had briefly spiked in June, when it was falsely reported that the token was "an official Trump token". However, the token's price had already dwindled since that time, and before the sudden dump.

People were quick to blame those behind the project, primarily "Pharma Bro" Martin Shkreli (who has been accused of dumping his own token before). Shkreli was quick to shift the blame to Donald Trump's youngest son, Barron, who he has also claimed is behind the token (although this has not been independently confirmed). However, the owner of the wallet that dumped its tokens is not definitively known.

$12 million taken by whitehats from Ronin bridge

The Ronin bridge, which bridges crypto assets to the Ronin Network used by Axie Infinity and other gaming projects, has once again suffered a breach — though a considerably smaller one than the recordbreaking $625 million theft in March 2022. An update to the bridge code introduced a flaw with respect to how transactions were confirmed.

Fortunately for the Ronin team, it seems that most of the losses actually went to whitehats and MEV bots that were frontrunning transactions by would-be exploiters. ETH and USDC priced at around $12 million were taken — the maximum amount before triggering a safety feature in the code. Later that day, Ronin announced that the ETH (worth around $10 million) had been returned, and that the USDC was in the process of being returned. They also announced that they would reward the whitehats with a $500,000 bug bounty reward.

The Ronin bridge was taken offline shortly after the flaw was detected, and the team announced it would undergo an audit before being brought back online.

CFTC subpoenas former company of Ben "BitBoy" Armstrong over crypto promotion

Ben Armstrong ("Bitboy Crypto") pictured sitting in a car, midsentence. Overlaid is the text "Use crypto risk free", the Bitcoin logo, and a wallet with coinsBen "BitBoy" Armstrong in one of his video thumbnails (attribution)
The CFTC has sent a subpoena to Hit Network, the crypto media company that was previously headed up by Ben "BitBoy" Armstrong until his rather public meltdown. According to The Block, the subpoena requested information about fifteen tokens, including the BitBoy-themed $BEN token, and the videos in which figures including BitBoy talked up their potential for price appreciation. The CFTC noted that the investigation was into a person who had engaged in crypto fraud.

Kujira token tanks as team's leveraged bets melt down

The team behind the Kujira project wound up with around $2 million in bad debt after taking some of their operational funds and using it to make leveraged bets on their own platform. They blamed "a series of events over the last few months, including exploits, socially engineered attacks and fallouts within the ecosystem" for causing the positions to be liquidated. The $KUJI token price crashed by more than 60% as a result of the team's poor risk management.

The Kujira team apologized for the fiasco, and announced a plan to create a DAO to take over the project treasury.

ConvergenceFi hacked for $210,000

An attacker took advantage of a flaw in the code for the yield farming project ConvergenceFi, draining it of all the tokens that had been allocated for staking emissions. Because a function call in the smart contract did not do proper validation, an attacker was able to provide their own smart contract that set the amount of tokens to return to anything they wanted. Naturally, the attacker set it to return all 58.7 million tokens available to them, which they quickly swapped to around $210,000 and laundered through Tornado Cash.

Although ConvergenceFi described itself as audited, they admitted they had made changes to that portion of the code after the audits.

They assured their users that all user funds were safe, but recommended that users remove their staked funds from the platform.

ZKX decentralized exchange shuts down in what some VCs are describing as a rug pull

The Starknet-based decentralized exchange ZKX abruptly shuttered operations on July 30, with an announcement from founder Eduard Tur explaining that they had "been unable to find an economically viable path for the protocol."

ZKX had raised $4.5 million in seed funding from investors including the now-bankrupt Alameda Research, Starkware, HTX, Amber Group, ArkStream Capital, and HashKey Capital. The project had announced a second, $7.6 million raise only a few weeks before its shutdown.

People at Amber Group, ArkStream, and HashKey publicly criticized the lack of transparency from ZKX around its financial situation. Ye Su, a founding partner at ArkStream, explained that he felt they had been "rug pulled".

Blockchain sleuth zachxbt joined the VCs in characterizing the project as a rug, and further elaborated that he felt the retail investors who had purchased the project's token only weeks earlier had been tricked into buying a token by the project team, who "misled the community/retail ... by giving the appearance the project was healthy and strong when in reality they were in a bad position and about to shut down."

BitClout founder arrested on wire fraud charges

Nader Al-Naji, also known as "Diamondhands", was arrested on wire fraud charges relating to his BitCloud crypto social media platform. He was simultaneously charged by the SEC with selling unregistered securities.

According to the criminal charges, Al-Naji misled investors, including by taking $3 million from an investor and using it for his own personal expenses and gifts to family. Al-Naji had told investors that the sales of the platform's token would not go to him or to other employees.

The SEC complaint separately alleged that Al-Naji had tried to falsely present the BitClout project as decentralized, including by soliciting a letter of opinion from a law firm that his tokens were not likely to be deemed securities, which was based on mischaracterizations.

BitClout raised money from various prominent firms, including Andreessen Horowitz, Sequoia, Chamath Palihapitiya's Social Capital, Coinbase Ventures and Winklevoss Capital.

DraftKings abruptly shutters its Reignmakers NFT project and marketplace due to "recent legal developments"

American sports gambling behemoth DraftKings announced the shutdown of its Reignmakers NFT game and NFT marketplace, effective immediately. Reignmakers was a fantasy sports game that allowed players to purchase digital trading cards used for digital fantasy leagues.

In an announcement in the project Discord and on their website, DraftKings wrote that the shutdown was "due to recent developments". They offered holders the ability to cash out their Reignmakers cards "based on factors that include, but are not limited to, the relative size and quality of your digital game piece collection". Holders were also invited to transfer their NFTs to their own cryptocurrency wallets, although the DraftKings-run "contests" in which people used their NFTs to try to earn rewards and win prizes will no longer exist. It's also unclear whether some NFTs, built to not be transferrable off-marketplace, will be able to be retained by their holders.

Members of the DraftKings Discord reacted with chagrin to the news, and doubt that the vague promises of cash payments would amount to much. "What kind of compensation u think we get coming to us? Pennies?" wrote one. "Yeah I'm out like $20k," said another. Some blamed the shutdown on a recent lawsuit from a holder of the Reignmakers NFTs who lost $14,000 — a lawsuit which recently survived the motion to dismiss stage.

Compound DAO passes $24 million proposal in alleged governance attack

A controversial proposal in front of the Compound Finance DAO has narrowly passed, granting 499,000 COMP (~$24 million, and amounting to 5% of the project's treasury) to an outside group. A Compound Finance whale, "Humpy", proposed the vote to allocate the tokens to a protocol created by a group called the "Golden Boys", which Humpy also leads. The vote was the third attempt to allocate tokens to the Golden Boys' group, after two unsuccessful votes in May and earlier in July.

Humpy has previously been accused of governance attacks on other protocols, including Balancer and SushiSwap.

Prior to the proposal's passage, some Compound Finance DAO members raised objections. "In my personal opinion, the actions of Humpy and the Golden Boys can be considered a governance attack if they persist in their attempts to take funds from the protocol in clear opposition to the will of all other Compound DAO delegates," stated Compound Finance security adviser Michael Lewellen, who also described the proposal as "a malicious attempt to steal funds from the protocol".

Afterwards, Lewellen wrote that "OpenZeppelin is working with all active delegates and Compound contributors to assess our options for protecting the protocol. We see serious risks to the future decentralization of the DAO as a result of Proposal 289 passing and so we are exploring options to mitigate or reverse this outcome."

MonoSwap hacked for at least $1.3 million

The MonoSwap DEX announced on July 24 that it had been compromised, and urged its users to withdraw their funds to avoid losses. According to the project team, one of their developers had been lured into a call with someone pretending to be a venture capitalist, who convinced them to download what they claimed was video call software, but which instead was malware. MonoSwap claimed this gave the hackers "access to all MonoSwap-related wallets and contracts".

The malicious video chat software attack vector has been widely used in the crypto world, with a victim losing cryptocurrency to an attacker using the same technique and impersonating an Andreessen Horowitz partner last month.

So far, the MonoSwap attacker has laundered $1.3 million via the Tornado Cash cryptocurrency mixer.

dYdX v3 exchange website compromised amid sale announcement

Crypto exchange dYdX has announced that the website for their v3 exchange was compromised, and is urging people not to use it. This announcement came almost simultaneously with a report from Bloomberg that the company behind the exchange was looking to sell the software behind the v3 exchange, after they’d upgraded to what they call v4.

The affected domain was hosted on Squarespace, which could connect this compromise to similar events earlier in the month affecting domains registered there.

ETHTrustFund rug pulls for $2.2 million

The operators of a project called ETHTrustFund on Coinbase's Base layer-2 Ethereum blockchain have apparently rug-pulled the project. The ETHTrustFund project was a fork of the Olympus DAO project on Base, but there was months of inactivity on the project following its March launch. Then, on July 20, the developer deleted his Telegram and Twitter accounts and the project's website, and suddenly moved the project treasury to a new wallet. The funds were then laundered through Railgun and Tornado Cash.

RHO Markets lending protocol loses $7.6 million to apparent whitehat

An apparent misconfiguration by the RHO Markets lending protocol allowed operators of an MEV bot to take $7.6 million from the project's users across multiple chains.

In a stroke of luck for the RHO team, the MEV bot operator sent RHO an on-chain message indicating they were willing to return all of the funds, although they first demanded that RHO "admit that it was not an exploit or a hack, but a misconfiguration on your end. Also, please provide what you are going to do to prevent it from happening again."

RHO is built on the Scroll Ethereum layer-2 network. Scroll temporarily paused the chain as RHO investigated the loss.

WazirX exchange hacked for $235 million

After a $230 million "suspicious transfer", Indian cryptocurrency exchange WazirX has paused withdrawals and acknowledged that one of their multisignature wallets was compromised. The attacker began selling off the tokens, causing the price of tokens like Shiba Inu to drop around 10%.

WazirX is the largest cryptocurrency exchange in India. The company was acquired by Binance in 2019, but the two companies re-separated in 2023 after a bizarre public dispute.

WazirX's June 2024 proof-of-reserves reported around $500 million in total holdings, making the $235 million theft a substantial portion of the assets held at the exchange.

Blockchain sleuth zachxbt observed that the theft had some of the hallmarks of the Lazarus Group, a North Korean hacking group that has perpetrated other 9-figure heists including the $625 million Axie Infinity theft in March 2022, and the theft of more than $100 million from Atomic Wallet users.

Trip.com accused of "rug pull" as it shuts down its Trekki NFTs

An illustration of a bright blue cartoon dolphin, wearing a safari hat and vest, holding a cameraTrekki NFT (attribution)
Travel company Trip.com has some perturbed crypto holders on its hands, after shutting down the "Trekki" NFT project it launched in June 2023. The company's dolphin-themed NFTs had come with a roadmap that promised eventual staking features, "travel to grow" and "travel to earn" mechanisms, and other developments, which have been cancelled. However, Trip.com promised that its discount coupon functionality would remain.

"Can't believe @Trip a multibillion company is also a rugged project," wrote one person in response to the shutdown announcement.

Users of LI.FI protocol suffer losses of at least $10 million

Users of the cross-chain swapping API LI.FI Protocol, and of projects that build on top of it, suffered wallet drains amounting to at least $10 million (and counting). An attacker was able to exploit the users who had set infinite approvals. The protocol urged those who had interacted with several affected smart contracts to revoke permission, and warned: "Please do not interact with any LI.FI powered applications for now!"

Three arrests made in relation to Metamax pyramid scheme

Three people have been arrested in connection to a crypto pyramid scheme called Metamax. Those behind the scam promised that people who invested in the scam could then earn income of up to $400 a day simply by watching, sharing, liking, and reviewing videos. There was, of course, a referral component as well, where people earned commission on the "investments" of people they referred. And for people who chose to invest in one of Metamax's fixed investment plans, they were promised 1.5% daily returns.

Unsurprisingly, the project turned out to be a pyramid scheme. On June 25, the Philippines SEC issued a warning, noting that the project was not registered with them, and that it "has the characteristics of a 'Ponzi scheme'". Shortly afterwards, Metamax deleted their Twitter account, and shut down victims' online access to their accounts.

Local news estimated that the scheme affected around 15,000 victims, mainly in Cyprus and Greece. Three people have been arrested in connection to the scheme, including a retired Cypriot police officer. One of the suspects turned himself in to police, claiming that he himself was a victim of the scam, and that he believed his life was in danger as he was being threatened by Metamax victims. Days later, a bomb was detonated near a home he once rented.

Minterest hacked for $1.4 million

An attacker stole $1.4 million from the defi lending project Minterest. Using a flash loan attack, they manipulated the exchange rate calculated by the project, allowing them to withdraw more tokens than they originally loaned.

Minterest paused the supply and borrow portions of their protocol after the attack, and attempted to contact the attacker to negotiate a return of some of the funds.

Dough Finance hacked for $1.9 million

Defi platform Dough Finance was hacked for 608 ETH ($1.8 million) by a hacker using a flash loan attack funded through the Railgun privacy service.

Dough Finance sent an on-chain message to the attacker, asking them to return the "misappropriated funds", threatening that they would "pursue all criminal, legal, and administrative avenues available" in the event that the attacker did not do so.

Popular defi protocol websites replaced with wallet drainers amid mass Squarespace domain hijacking

Websites providing the frontends for some popular defi services, including Compound Finance, were compromised and replaced with wallet drainers: websites resembling the usual frontend, but which drain unsuspecting users' wallets when used.

Somewhat ironically, the "Unstoppable Domains" web3 domain service was also impacted, and their site was offline for a while before they regained control.

The hijacking appears to be thanks to an attack on Squarespace's domain registry. Crypto founder Bobby Ong has suggested that the attack is affecting domains acquired through Google Domains, which sold its business to Squarespace several months ago. "Tthe forced migration of domains to Squarespace removed 2FA causing all these domains to be vulnerable and several have been hijacked," he wrote. "Best thing to do is to not interact with crypto and rest for the next couple of days until everything is resolved."

Web2 is going just great!

OmegaPro founder arrested for allegedly running crypto Ponzi

Turkish authorities arrested Andreas Szakacs, also known as Emre Avci, for his role in the OmegaPro cryptocurrency Ponzi scheme. Victims were invited to make small investments in the "Omega Invest" application, which made quick returns. They were enticed to invest more and more, but when they attempted to withdraw funds, they discovered the money had been taken. Altogether, victims have claimed around $103 million in losses.

The OmegaPro Ponzi scheme was reportedly linked to the OneCoin crypto Ponzi, whose operators stole at least $4 billion from millions of victims since 2019. Multiple people associated with OneCoin have been arrested, including its co-founder Karl Sebastian Greenwood, but its "Cryptoqueen" co-founder Ruja Ignatova was one of Europol's most wanted fugitives and remains the subject of an Interpol red notice.

Doja Cat's Twitter account hacked to promote meme token

Tweet by Doja Cat: "buy $DOJA or else" followed by a Solana address. There's a photo of her brandishing a toy scimitar and she's wearing a chainmail hood.Tweet from Doja Cat's hacked account (attribution)
The Twitter account belonging to rapper Doja Cat was compromised on July 8, tweeting to her 5.6 million followers that they should "buy $DOJA or else", and various other messages to that effect. Doja Cat quickly posted on her Instagram account to say that the Twitter account had been compromised.

The attacker appeared to have only marginal success, as the token reached a market cap of around $500,000 before collapsing by 96%.

Hackers have compromised a string of celebrity Twitter accounts to promote memecoins recently, including those of Hulk Hogan and Metallica.

Bittensor wallets drained

Some users of the Bittensor wallet software suffered wallet drains as thieves emptied their cryptocurrency wallets of the project’s TAO token. Around 32,000 TAO, notionally worth around $8 million, was siphoned. Although blockchain sleuth zachxbt hypothesized that the attack may have been thanks to a private key leak, Bittensor later claimed that affected users had in fact been compromised by a malicious Bittensor package that had been uploaded to Python's PyPi package manager. It's not yet clear how the malicious package made it onto the package manager.

Bittensor is among the artificial intelligence-focused cryptocurrency projects that have become popular recently amid the AI hype. Although the project website boasts that "Bittensor is creating a new future for humanity, where new economies and new commodities are decentralized by design and where no single entity is a sole authority," the group unilaterally halted the chain in the wake of the attack.

Silvergate Bank pays $63 million to settle charges from multiple agencies

More than a year after the crypto-friendly Silvergate Bank collapsed, its parent company has agreed to pay $63 million in fines to the Federal Reserve and California Department of Financial Protection and the Innovation. The SEC also imposed a $50 million fine, though the terms of the settlement noted this "may be offset" by the other penalties.

According to the regulators, Silvergate "had serious deficiencies" in its anti-money laundering programs, including in its intra-customer crypto transfer product. In particular, the SEC highlighted $9 billion in suspicious transfers among FTX entities that should have been detected by compliance programs. The SEC also alleged that Silvergate misrepresented its financial state during the post-FTX collapse bank run.

Yield App declares insolvency, citing FTX losses

Yield App, a crypto investment platform, has announced that it will be entering liquidation proceedings. Citing "significant financial challenges", the project announced that the platform would be suspended pending liquidation.

In the immediate aftermath of the FTX collapse in November 2022, Yield App CEO Tim Frost had assured customers that "Yield App has no exposure to Alameda or the FTT token, and no signifiant exposure to FTX". However, Yield is now — going on two years after the FTX collapse — claiming to be suing "several hedge funds" that had lost money on FTX.

SEC sues Consensys, maker of MetaMask wallet

As expected, the SEC has filed a lawsuit against Consensys, the maker of the popular MetaMask cryptocurrency wallet. Although Consensys had recently gloated about the SEC completing an investigation into the company's offering of ETH, and determining not to pursue action over it, a Wells notice sent to the firm in April suggested that some legal action was impending. Shortly afterwards, Consensys filed a lawsuit against the SEC, alleging regulatory overreach.

The SEC's lawsuit claims that Consensys violated securities laws by acting as an unregistered securities broker, and by offering staking services that constituted unregistered securities offerings. The SEC has previously cracked down on staking offerings by other firms, including Coinbase and Kraken.

Logan Paul files defamation lawsuit over Coffeezilla's coverage of his failed CryptoZoo project

Logan PaulLogan Paul (attribution)
A year and a half after threatening to sue YouTuber Coffeezilla for his series of videos exposing influencer Logan Paul's (alleged) role in (allegedly) scamming his large following with a failed blockchain game, Paul has followed through on the threat. Although he acknowledges in the lawsuit that the project was definitely a scam, Paul says that he too was duped by several "conmen" who he'd brought on as advisers.

In the lawsuit, Paul claims that Coffeezilla knowingly falsely accused Paul of being in on the scam in hopes of getting more attention on his videos. Paul is seeking more than $75,000 in damages.

In January 2024, Paul filed suit against the advisers he's described as "conmen". He's also pointed the finger at them while defending a potential class action complaint from defrauded investors.

FBI busts group of crypto-seeking home invaders

The Department of Justice busted a group of more than a dozen people, led by a 24-year-old man named Remy St. Felix, who perpetrated a string of break-ins and violent assaults in hopes of obtaining their victims' cryptocurrency holdings. The group seems to have been far more successful with their hacking thefts than with their in-person attempts to obtain cryptocurrency, but that didn't stop them from committing a string of eleven break-ins where they assaulted, threatened, and kidnapped victims.

In one case, a victim was able to transfer $150,000 in cryptocurrency to the attackers before their cryptocurrency exchange blocked the suspicious transfers. However, in their other attempts to physically steal crypto, they were unsuccessful, with victims either refusing to hand over their crypto or successfully escaping.

In one case, St. Felix and his associates targeted a woman from whom his group had already stolen $3 million in a SIM swapping attack. When they broke in and held the woman at gunpoint to try to steal the $500,000 in crypto she had left, the woman refused to turn over her password to her cryptocurrency account, so dismayed by her earlier loss that she told the men just to shoot her.

St. Felix was convicted on nine counts by a federal jury, and faces a sentence of seven years to life in prison. Thirteen co-conspirators also pleaded guilty.

Farcana token plummets 60% amid murky explanations

The token for the Farcana blockchain shooting game plummeted in value by around 60%. First, the project team announced that one of the project wallets had been compromised. However, they later deleted that tweet, then claimed that one of their market makers had been compromised. They emphasized that their wallets had not been hacked, and that their smart contracts had not been exploited.

23.8 million FAR were taken from a wallet, and the majority were sold for around $164,000 in USDT. The exploiter still holds 3.4 million FAR, which are notionally worth $83,250 but not likely to be sellable for that amount.

Farcana raised $10 million in seed funding in November 2023 from investors including Animoca and Polygon Ventures.