Posted on

$6.4 Million Lost In Latest Base-Native DeFi Protocol Rug Pull

Magnate Finance, a DeFi lending protocol on the Ethereum layer-2 network Base, is reported to have conducted a rug pull, robbing its users of $6.4 million worth of assets. This event represents the latest troubling incident on the Base network in merely a month of its official mainnet launch.

3 Rug Pulls, $16.7 Million Lost – Who’s Responsible? 

On Friday, August 25, blockchain security intelligence Peckshield confirmed Magnate Finance’s rug pull, stating that the project developers manipulated the provider of the price oracle, allowing them to withdraw all assets of the platform.

Peckshield also provided more information on the scammers’ movement, stating that they had transferred $1.34 worth of DAI to a new address while also bridging $1 million of the loot to the BNB chain. 

The majority of the stolen funds have been transferred to other Ethereum layer 2 solutions such as Optimism and Arbitrum. Meanwhile, the $1.3 million DAI and an additional 295 ETH, valued at around $486,000, remain on the Base Network. 

Interestingly, a few hours before the Magnate Finance rug pull occurred, an X user and on-chain investigator, ZachXBT, posted a community alert stating the possibility of such an event. 

ZachXBT’s suspicion was based on the fact that the deployer address of Magnate Finance received some funds from the Solifire’s $4.8 million rug pull that occurred in January 2022. 

In addition, the deployer address of Magnate Finance is also linked to the Kokomo Finance $5.5 million exit scam in March 2023. In total, the developers of the Base DeFi lending protocol have been involved in three rug pulls that have resulted in the loss of $16.7 million of user funds.

At the time of writing, Magnate Finance has deleted its Telegram group, as well as disabled its official website. In addition, the project’s X account has also been deactivated, wiping all of its online and social media presence in what has been a “classic rug pull.”

Another Setback For Base?

The early days of the Base Network in the crypto space have been anything but smooth sailing. Prior to the network’s public launch on August 9, BALD, a memecoin project on the Coinbase native network, was exposed as a rug pull after developers withdrew $25.6 million of the project’s liquidity. 

Since then, there have been more negative occurrences within the Base ecosystem, with the Rocketswap DEX losing over $450,000 via “brute force hack,” while 342 ETH, valued at $626,000, has also been stolen from LeetSwap, another Base-native DEX.

However, it is worth stating that the Base Network has also recorded some positives in its short time of operation. According to data from L2Beat data, Base ranks as the fourth most active layer two solution with a daily transaction per second value of 7.73.

In addition, where the general total DeFi ecosystem has taken a dive below the $40 billion mark, Base has shown much resilience. Using data from DefiiLama, the project’s TVL gained by 11.02%  in the last week and is now valued at $185.81 million. 

Base

Posted on

The Other Side Of The Do Kwon Story: Fat Man Terra Visits Laura Shin

It’s time to listen to the other side. Fat Man Terra used to be a cog in the Terra machine, but nowadays he’s the protocol’s biggest critic. He’s also a researcher, and his investigation lead him to believe that Terra was a scam from the very beginning. Of course, Laura Shin’s Do Kwon interview rubbed Fat Man Terra the wrong way. So, exercising his right to reply, he went to the same platform and told his side of the story.

If what Fat Man Terra says is true, the Terra/ Luna story is a horror film. 

A court will probably decide if he’s right or wrong, though. Let’s explore his allegations, taking into account that this is just the investigator’s interpretation of the facts. He might know more about the Terra/ Luna case than everyone on Earth, though.

This is the introduction to the episode titled “Fat Man Terra Speaks: Do Kwon Is a ‘Sociopath’ and a ‘Charismatic Manipulator”:

“Fat Man Terra, the anonymous Twitter account dedicated to bringing Do Kwon to justice, reacts to my recent interview with Do Kwon and says what he thinks it revealed about his personality.”

This is the video:

Fat Man Terra Presents The Case

  • According to the pseudonymous investigator, the Terra creators were “unfairly enriching themselves” and failed to disclose critical information to investors. On purpose.
  • Regarding his interview with Shin, Fat Man Terra thinks Do Kwon was “dancing around questions” and didn’t answer directly several of them. 
  • He thinks Do Kwon was “intentionally lying” about Terra’s breakup with Chai. Both when it happened and during the interview. At best, the situation was “heavily mishandled.”
  • Fat Man Terra claims that on-chain data shows that TerraForm Labs cashed out billions of dollars. They cashed out throughout Terra’s whole existence.
  • He also thinks there’s proof that the organization has “hundreds of millions stashed away.”
  •  According to the pseudonymous investigator, at the time Terra claimed that the protocol was attacked, but could not find “proof of fraud.”

The investigator also thinks that Do Kwon is “not able to stick to one story.” That’s a characteristic that fraudsters often exhibit. And he claims there’s a reason that regulators all over the world are looking at Terra specifically. Some things don’t add up, and this case is far from over. 

LUNA price chart on Eightcap | Source: LUNA/USD on TradingView.com
Opinions About Do Kwon’s Character

Respectfully, Fat Man Terra goes for the throat. He’s been studying Do Kwon and his diagnosis is that the man is:

  • A “sociopath with little regard for people’s feelings.”
  • “Avoiding law enforcement” and “definitely on the run.”
  • An idiot. Apparently, Do Kwon held all of the company’s bitcoin reserves in a single wallet. 
  • A liar. He knew that his involvement in the failed algorithmic stablecoin Basis Cash was relevant and should have disclosed it. 
  • A thief. Do Kwon was pretending to believe in Terra over everything and promoting it as such to retail. In reality, he was “simultaneously pulling out” hundreds of millions. 

According to Fat Man Terra, it all comes down to that. “If you really believe in UST, why did you cash out so much,” he asks Do Kwon. Also, why did he made up statistics and inflated the network’s numbers? 

The investigator will “start to believe he’s sorry” when Do Kwon starts making affected Terra investors whole from his own pocket. 

Fat Man Terra Is Still Optimistic

The parasites will always be there, surrounding the crypto space. According to Fat Man Terra, if the industry wants to survive we have to start “calling out scammers” and “pushing for justice.” He believes the industry will develop “failsafe mechanisms” to filter out bad actors and, in general, he’s “optimistic about the future of the space.” Make no mistake, though. Despite the optimism, the investigator claims that “Terra was a scam at every level.”

According to Laura Shin, Do Kwon will be back to answer the allegations in the future.

Featured Image: Laura Shin screenshot from the interview | Charts by TradingView

Posted on

Bitcoin.org Hacked By Scammers For A Few Minutes. Someone Sent Them 0.4 BTC

Hackers took over the Bitcoin.org website and displayed the classic double your money scam for a few minutes today. Apparently, it was a DNS hack. Luckily, the Bitcoin community took notice and alerted Cobra, the pseudonymous website owner, as well as the company that hosted the domain. A few minutes later, Bitcoin.org was down. Sadly, a credulous person was faster than them and sent 0.4 BTC to the displayed address… or did he?

Someone sent half a bitcoin🤦‍♂️ pic.twitter.com/pnyJIHJZIN

— Harrison Bergeron (@coinableS) September 23, 2021

The transaction exists, but there’s a rumor that it might’ve been the scammers themselves, trying to make the operation look reputable. Just like a busker who put some change in his hat to encourage others to contribute. However, that’s just a rumor. Someone might’ve been scammed.

Related Reading | Old Bitcoin Miner Proves Craig Wright has No Access to 145 Tulip Trust Addresses

In any case, everybody else should thank Matt Corallo, a Bitcoin Core contributor who took it upon himself to contact the domain name registrars and managed to convince them to temporarily take down the site before some catastrophe happened. 

Namecheap to the rescue, thanks y'all https://t.co/HfmQVvUDt9

— Matt Corallo (@TheBlueMatt) September 23, 2021

What Does The Bitcoin.org Owner Think About All Of This?

When Cobra announced the Bitcoin.org hack, he or she said, “Currently looking into how the hackers put up the scam modal on the site.” So far, there’s no information on that. Cobra also said that Bitcoin.org “May be down for a few days,” but luckily that wasn’t necessary.

https://t.co/OsFgRFRRZb has been compromised. Currently looking into how the hackers put up the scam modal on the site. May be down for a few days.

— Cøbra (@CobraBitcoin) September 23, 2021

Earlier in the day, Cobra contacted via Twitter their new hosting company Cloudflare and told them that the website has never been hacked, and now that he moved to their servers, this happened. The company responded, and eventually, the original tweet disappeared.  

BTC price chart for 09/23/2021 on Bittrex | Source: BTC/USD on TradingView.com
Does This Have Anything To Do With Craig Wright AKA Faketoshi Nakamoto?

A few months ago, both Cobra and Bitcoin.org made worldwide news. Craig Wright, Australian entrepreneur and Satoshi Nakamoto cosplay artist, got a UK court to order the website to remove the Bitcoin Whitepaper from its servers. At the time, Yahoo! finance informed:

“Cobra, the pseudonymous creator of the Bitcoin.org website, has been ordered by London’s High Court to discontinue hosting its copy of the Bitcoin white paper.

Citing copyright infringement brought forward by nChain Chief Scientist Craig Wright, the judge had no option but to rule a default judgment because Cobra chose not to make an appearance.”

https://t.co/yc0aKbZcer is Hacked by Scam. pic.twitter.com/2qmRMS2lJh

— Wu Blockchain (@WuBlockchain) September 23, 2021

Does the hack have anything to do with Craig Wright? There’s not a single clue to indicate that, but, rumors are flying. He’s the only one incentivized to attack Bitcoin.org, they say. However, 0.4 BTC is a pretty great incentive. Maybe the scammers were just interested in scamming.

Related Reading | Craig Wright Wins Lawsuit On Bitcoin.org Hosting Bitcoin Whitepaper

In any case, to close all the loops, Yahoo quotes Cobra explaining why he chose not to make an appearance in court:

“Unfortunately the court rules allowed for me to be sued pseudonymously, however, I couldn’t defend myself pseudonymously. So I was put in an impossible situation of losing my privacy or losing the case in a default judgment.”

So, to sum it all up, Bitcoin.org is back up again and no one scammed you. All is well that ends well. 

Featured Image: Screenshoot from the hacked website | Charts by TradingView

Posted on

Ledger Scam: Scammers Mail Hacked Ledger Devices To Steal Crypto

Scammers are now mailing hacked ledger devices to Ledger users in a bid to steal crypto from unsuspecting users.

An alarmed user made a post on Reddit that they had gotten a Ledger device that they hadn’t purchased. In the package was a poorly worded letter riddled with grammatical errors that explained that due to a cyberattack, Ledger was replacing all old devices with new ones for the purpose of safety.

Ledger scam letter sent to the user explaining the reason for the replacement

Letter explaining the reason the device was sent

In further pictures posted by the accounts was a sealed and authentic looking Ledger device.

Sealed box ledger device sent to the user

Device sent in a sealed box

The user then went on to open the device which contained instructions for connecting the device to a computer and installing the application from the device. Asking to choose seed phrase length and inputting your seed phrase into the device.

Instruction manual in the device to input seed phrase

Instructions contained in the device asking to input seed phrases

Growing more suspicious, instead of plugging the device to their computer, the user went on to dismantle the Ledger device itself.

Ledger devices look like flash drives with a small screen on them. The screen is to make sure that your seed phrase is yours alone.

This proved to be the right move as upon dismantling the device and looking at the circuit board, there were obvious differences between the new device and the original Ledger device.

Side by side comparison of original and scam Ledger devices

Side by side comparison of the device sent and an original Ledger device. Fake device on the left and original device on the right.

The scam is obviously a phishing scam meant to send the attackers the seed phrases once they are entered on the compromised device.

In the Reddit post, they issued a warning to other users. A bold new way of attacking with the poster referring to it as “some next level of scam attempt.”

Ledger Hack

Late last year, Ledger had announced that there had been a data breach and the attackers had gotten access to their databases. The names, phone numbers, and mailing addresses of 272,000 customers were stolen and subsequently posted on Raidforums. Raidforums is a platform where hackers go to post the information of hacked databases.

Related Reading | Why Bitcoin Is Actually “Bad For Crime” Contrary To Belief

Ledger had come forward after the breach to assure customers that there was no need to worry. The hack had no way of affecting the hardware wallets of users. As the private keys to the wallets were only held by users and there was no way for the hackers to actually get their hands on them.

This seemed like it was under control and users could rest easy. Ledger was very clear that the data breach only affected information that had to do with e-commerce purposes. No crypto balances were in jeopardy.

The company further posted on Twitter that they were working with law enforcement to stop any breach-related scams. Stating that they had, with the help of law enforcement, taken down over 170 phishing scam websites since the breach happened.

Crypto and Hacks/Scams

The crypto space isn’t new to hacks and scams. There are countless successful and unsuccessful attempts carried out yearly on investors. Some attackers set their sights on smaller scams, going after individual crypto investors in a bid to trick them out of their coins. Other attackers have their eyes on bigger fish like crypto exchanges and malware attacks on large corporations demanding crypto as ransom.

Current crypto market cap

Total Crypto Market Cap | Source: Crypto Total Market Cap on TradingViews.com

One such case is in the case of Colonial Pipeline being hit with a malware. The corporation had to pay $4.4 million in ransom to get operations back up.

The irreversibility of crypto transactions makes it so that coins sent out of a wallet cannot be reversed. This means that if anyone were to get their hands on your seed phrase, they could take all of your coins. The transactions would be visible on the blockchain for you to see but there is no way to actually tell who is on the other end of the transaction.

Related Reading | Will A Large Spike In Bullish Sentiment Translate To A Bitcoin Rally?

So crypto investors are always advised to never reveal their seed phrase to anyone. Never enter it into any website. Do not store it online.

A good way is to write it down on a piece of paper and place it somewhere only you can get to.

The safety of your coins are of the utmost priority.

Featured image from Crypto Network News, images in article from Reddit, chart from TradingView.com