The rumor has been amplified by Tron founder Justin Sun, who tweeted: "First Digital Trust (FDT) is effectively insolvent and unable to fulfill client fund redemptions. I strongly recommend that users take immediate action to secure their assets." First Digital responded by insisting they were solvent, and denounced Sun's comments as "a typical Justin Sun smear campaign to try to attack a competitor to his business".
FDUSD depegs
The stablecoin issued by First Digital, FDUSD, has lost its $1 peg and sunk as low as $0.76 before returning to around $0.97 — which, in stablecoin world, is still a substantial de-peg. The drop followed concerns about First Digital's reserves amid reports that some of the assets used to back the stablecoin were trapped in investments that couldn't be liquidated.
zkLend thief gets robbed
The zkLend lending platform was hoping they could secure the return of stolen funds from the attacker who stole 3,667 ETH (~$9.5 million at the time) from the platform in mid-February. They offered a 10% "bounty" for the return of the funds, but received no reply — that is, until now.
On March 31, the attacker sent an on-chain message to the platform, writing: "Hello I tried to move funds to tornado but I used a phishing website and all the funds have been lost. I am devastated. I am terribly sorry for all the havoc and losses caused. All the 2930 eth have been taken by that site owners. I do not have coins. Please redirect your efforts towards those site owners to see if you can recover some of the money. I am sorry."
The zkLend project instructed the thief to return any remaining funds to their wallets, though no such transfer has happened yet.
There has been substantial conversation over whether the hacker had truly been in turn scammed out of the stolen funds, had made up a fake phishing site to try to obscure the path of stolen money, or perhaps whether the whole event had been an April Fools' joke. However, zkLend noted on Twitter that the phishing website, which imitates the Tornado Cash platform, has been operational for five years and is likely not connected to the hacker.
- On-chain messages between zkLend and thief
- Tweet by zkLend [archive]
ICERAID crypto project claims to pay people to report immigrants and "terrorist" judges to law enforcement
A project called "ICERAID" has emerged, promising to reward "intelligence gathering" on "suspicious activities" by photographing supposedly criminal behavior by undocumented immigrants to law enforcement. The project has been advertised by right wing personalities including Laura Loomer and Matt Gaetz, the latter of whom promised ICERAID lets people "ping the cops faster than you can say 'sanctuary city'."
An instructional video posted to social media by the platform encourages people to "do [their] patriotic duty" by going to a District Court in a blue state, then "Secretly snap a photo of the judge. Don't let the bailiff see you." The video shows a person uploading a photograph of Judge James Boasberg, who is presiding over the Trump administration deportation flights case, and reporting him for "terrorism".
The project has been likened to Stasi programs in which citizens were paid to spy and report on their neighbors.
The founder of ICERAID, Jason Meyers, claims that he had had conversations with the White House about the project, although the website for the tool states it is not affiliated with any government agency and is not a website of the US government. Meyers has faced several enforcement actions resulting in disciplinary penalties over his involvement in security sales, and in 2014 was permanently banned by FINRA from broker-dealer activities after misappropriating investor funds. Meanwhile, multiple users have complained about not receiving their promised ICERAID tokens, and the project reportedly changed its terms after the token presale to reduce the amount of money buyers would earn for participating.
Coinbase customer loses $35 million in bitcoin theft
A Coinbase customer reportedly lost 400 BTC (~$35 million) in a scam identified by blockchain sleuth zachxbt. While investigating the massive theft from the single customer, he also observed at least $11 million in thefts from various other Coinbase customers throughout March.
zachxbt has previously accused Coinbase of not doing enough to protect customers from hundreds of millions of dollars in scams, and he noted that in these cases, Coinbase had not marked the thief wallets as malicious in various cryptocurrency compliance tools.
- Telegram post by zachxbt [archive]
Galaxy Digital agrees to $200 million settlement over alleged LUNA manipulation
While many crypto firms have escaped enforcement actions from federal regulators thanks to massive industry lobbying, state enforcers are still on the beat. Crypto investment firm Galaxy Digital, headed by Mike Novogratz, has agreed to pay $200 million to settle market manipulation charges from the New York Attorney General, which accused Novogratz and his firm of promoting the token without disclosing they had acquired discounted tokens they were selling off at substantial profit.
In addition to promoting the token through the usual means, Novogratz got a large tattoo on his shoulder representing the token. Sadly for him, although the LUNA token would later fade away after crashing in spectacular (and fraudulent) fashion, tattoos are forever.
- "Galaxy Digital Settles with NYAG for $200 Million Over Luna Ties", Wall Street Journal [archive]
HyperLiquid loses $13.5 million in alleged JELLYJELLY manipulation incident
HyperLiquid's Hyperliquidity Provider market making vault suffered a $13.5 million loss after an alleged market manipulation incident involving a memecoin called JELLYJELLY. A trader holding nearly $5 million (notional) of the token used a combination of shorts and spot purchases to force HyperLiquid to take on the short position. By forcing the token price up with large spot purchases, HLP suffered an unrealized loss of $13.5 million.
HyperLiquid validators voted to delist the JELLY token. They also evidently overrode the JELLY price provided by the market oracle in an attempt to reduce their losses, leading an unrelated crypto executive to question "Is that even legal?"
Polymarket suffers governance attack as whale manipulates Ukraine bet resolution; refuses refunds
Bets on the Polymarket platform where the outcome is not clear are resolved using an oracle system called UMA, or Universal Market Access. Holders of the UMA token participate in a vote to determine the outcome of challenged market resolutions.
Recently, $7 million was spent in a Polymarket market over whether Ukraine would agree to Trump's proposed mineral deal. Though no mutual agreement was reached, the market resolved to "yes". When it was challenged, a large holder of the UMA token cast a substantial number of yes votes to sway the outcome of the resolution, leaving the outcome in place.
Although Polymarket acknowledged that "This market resolved against the expectations of our users and our clarification" (referring to a Polymarket clarification that the resolution was too early as no mutual agreement was reached), they also refused to issue any refunds, writing that "this wasn't a market failure". "This is an unprecedented situation, and we have been in war rooms all day internally and with the UMA team to make sure this won't happen again. This is not a part of the future we want to build," the team member added.
Abracadabra loses $13 million in "Magic Internet Money"
An attacker using a flash loan attack stole $13 million in the Magic Internet Money token from the Abracadabra project. The attack was enabled by a bug in the platform's smart contracts, and the hacker ultimately made off with around 6,262 ETH.
This is the second time Abracadabra has been exploited, after suffering a $6.5 million theft in January 2024.
Binance acknowledges employee insider trading
Binance announced on Twitter that they had fired an employee after discovering that they had engaged in insider trading. The employee took a large position in a token that he knew would be engaging in a "token generation event", then quickly sold off the tokens after the project announced the event. According to Binance, this allowed him to "realize significant profits".
Binance announced that they had fired the employee, as "This behavior constitutes front-running based on non-public information obtained from his previous role and is a clear breach of company policy." The company became aware of the insider trading after they were alerted by outside parties who submitted tips to the company.
Zoth hacked for nearly $8.3 million, second theft in two weeks
RWA restaking platform Zoth suffered a $8.29 million hack after an attacker gained access to admin privileges that allowed them to modify the platform's smart contracts. The hacker "upgraded" the contract to a malicious version, then withdrew $8.45 million in USD0++, a token issued by the Usual protocol. After swapping the assets into various other tokens, they were left with 4,223 ETH (~$8.29 million).
This is the second Zoth exploit in two weeks, following a $285,000 theft on March 6 by an attacker who took advantage of a bug in one of the platform's smart contracts.
Four.Meme suffers second hack in as many months
After suffering an $183,000 loss to an attack in February, the BNB-based Four.Meme memecoin launchpad has been hacked again, this time for around $130,000. Four.Meme aims to be BNB's version of pump.fun, the popular Solana-based memecoin platform.
Four.Meme acknowledged the latest theft on Twitter, writing that they intended to reimburse users who lost money.
Zoth RWA restaking platform hacked
Zoth, a restaking platform for "real world assets" (or RWAs), was hacked for around $285,000 when an exploiter discovered a bug in the platform's collateral calculations. This allowed them to mint ZeUSD, the platform's stablecoin token, without depositing sufficient collateral.
- "Zoth Hack Analysis", SolidityScan
1inch loses $5 million to smart contract bug
An attacker exploited a smart contract belonging to the 1inch DEX aggregator, stealing $5 million in the USDC stablecoin and wETH. According to the platform, the vulnerability existed in "smart contracts using the obsolete Fusion v1 implementation", and the stolen funds belonged to resolvers (that is, entities that fulfill 1inch orders) rather than users.
Wemix Foundation bridge hacked for $6.2 million
The Wemix Foundation, which runs the blockchain gaming platform WEMIX, suffered a $6.2 million hack of their blockchain bridge. Although the hack occurred on February 28, the company did not disclose the theft until four days after the incident, leading some to accuse Wemix of attempting to cover up the hack. Wemix has denied those allegations, claiming that the delay was in hopes of preventing market panic, and to ensure they had time to patch any security vulnerabilities before publicly disclosing a breach.
Founder of the Mask Network loses more than $4 million to a wallet hack
Suji Yan, the founder of the Mask Network, suffered the loss of more than $4 million in various cryptocurrency assets to an apparent wallet hack. According to Yan, the theft happened on his birthday while he was at a party. "[E]ither the private key was leaked same day as my birthday and hacker manual[ly transferred assets] out or it might be an offline attack. I was in a private gathering with dozen friends and my phone was away for some minutes when I using the restroom etc."