The defendants are said to have committed hundreds of acts of wire fraud, “causing harm to Google and at least approximately 100,000 Google users.”
Crypto catfishers ditch fake exchanges for approval phishing scams
According to on-chain analytics firm Chainalysis, romance scammers increasingly use this method to steal their victim’s hard-earned crypto.
Asked to get a banana, a BAYC owner narrowly avoids a fake Forbes scam
Scammers posing as Forbes journalists have been targeting BAYC holders to set up interviews and distract them while they attempt to steal their apes.
$6.4 Million Lost In Latest Base-Native DeFi Protocol Rug Pull
Magnate Finance, a DeFi lending protocol on the Ethereum layer-2 network Base, is reported to have conducted a rug pull, robbing its users of $6.4 million worth of assets. This event represents the latest troubling incident on the Base network in merely a month of its official mainnet launch.
3 Rug Pulls, $16.7 Million Lost – Who’s Responsible?
On Friday, August 25, blockchain security intelligence Peckshield confirmed Magnate Finance’s rug pull, stating that the project developers manipulated the provider of the price oracle, allowing them to withdraw all assets of the platform.
Peckshield also provided more information on the scammers’ movement, stating that they had transferred $1.34 worth of DAI to a new address while also bridging $1 million of the loot to the BNB chain.
The majority of the stolen funds have been transferred to other Ethereum layer 2 solutions such as Optimism and Arbitrum. Meanwhile, the $1.3 million DAI and an additional 295 ETH, valued at around $486,000, remain on the Base Network.
Magnate Finance on #BASE has rug pulled for $6.4M.
The deployer is also linked to the past rug pulls:Solfire's $4.8M rug on Jan 23, 2022 Kokomo Finance's $5.5M rug on Mar 27, 2023
That makes a total profit of $16.7M for the scammers. https://t.co/jl7rhRnt7C pic.twitter.com/SfL3dk4wW0
— Beosin Alert (@BeosinAlert) August 25, 2023
Interestingly, a few hours before the Magnate Finance rug pull occurred, an X user and on-chain investigator, ZachXBT, posted a community alert stating the possibility of such an event.
ZachXBT’s suspicion was based on the fact that the deployer address of Magnate Finance received some funds from the Solifire’s $4.8 million rug pull that occurred in January 2022.
In addition, the deployer address of Magnate Finance is also linked to the Kokomo Finance $5.5 million exit scam in March 2023. In total, the developers of the Base DeFi lending protocol have been involved in three rug pulls that have resulted in the loss of $16.7 million of user funds.
At the time of writing, Magnate Finance has deleted its Telegram group, as well as disabled its official website. In addition, the project’s X account has also been deactivated, wiping all of its online and social media presence in what has been a “classic rug pull.”
Another Setback For Base?
The early days of the Base Network in the crypto space have been anything but smooth sailing. Prior to the network’s public launch on August 9, BALD, a memecoin project on the Coinbase native network, was exposed as a rug pull after developers withdrew $25.6 million of the project’s liquidity.
Since then, there have been more negative occurrences within the Base ecosystem, with the Rocketswap DEX losing over $450,000 via “brute force hack,” while 342 ETH, valued at $626,000, has also been stolen from LeetSwap, another Base-native DEX.
However, it is worth stating that the Base Network has also recorded some positives in its short time of operation. According to data from L2Beat data, Base ranks as the fourth most active layer two solution with a daily transaction per second value of 7.73.
In addition, where the general total DeFi ecosystem has taken a dive below the $40 billion mark, Base has shown much resilience. Using data from DefiiLama, the project’s TVL gained by 11.02% in the last week and is now valued at $185.81 million.
Revoke adds new feature after users complain of fake approvals scam
Scammers have found a new way to make crypto by luring users into revoking fake approval transactions.
‘Scammers’ impersonate Crypto Twitter users on Threads as users near 100M
Threads are already seeing potential crypto scammers arrive on the platform as Crypto Twitter personas warn of impersonators on the app.
Losses from crypto rug pulls outpaced DeFi exploits in May: Beosin
Over $45 million was lost to exit scams in May while exploits on DeFi protocols racked up less than half that amount over the same period.
Google Ads data: $4M stolen through crypto phishing URLs
Unsuspecting cryptocurrency users have lost over $4 million to phishing websites promoted using Google Ads.
Beware of fake Arbitrum Airdrops, community warns
The community has warned others to stay vigilant after reports of phishing websites and scams offering Arbitrum Airdrop tokens.
Scam alert: $300K stolen by fake Blur airdrop websites
Unsuspecting users looking to claim Blur token airdrops have had funds stolen by a number of fake websites.
Bitcoin ATM firm profited from crypto scams via unlicensed kiosks: Secret Service
52 crypto kiosks were seized in the investigation led by the U.S. Secret Service’s Cyber Fraud and Money Laundering Task Force.
California regulator launches complaint-based crypto scam tracker
The regulator said it receives thousands of consumer and investor complaints about possible crypto scams each year, and it appears it’s done something with the information.
Crypto scammers feel the chill: Revenue drops 46% in 2022 — Chainalysis
Falling crypto prices caused crypto scam revenue to plummet in 2022, though two scam types managed to persist.
FTX customers warned of scammers baiting them with return of assets
Scammers have been trying to trick customers by offering them the prospective return of their assets.
5 sneaky tricks crypto phishing scammers used last year: SlowMist
SlowMist found that across 303 recorded blockchain security incidents in 2022, nearly a third were made up of phishing attacks, rug pulls and scams.
Web3 sees 15 new scam smart contracts an hour: Solidus Labs
Solidus Labs, which has been monitoring 12 leading blockchains, has detected a majority of scam-like tokens originating from Binance’s BNB Chain.
The Other Side Of The Do Kwon Story: Fat Man Terra Visits Laura Shin
It’s time to listen to the other side. Fat Man Terra used to be a cog in the Terra machine, but nowadays he’s the protocol’s biggest critic. He’s also a researcher, and his investigation lead him to believe that Terra was a scam from the very beginning. Of course, Laura Shin’s Do Kwon interview rubbed Fat Man Terra the wrong way. So, exercising his right to reply, he went to the same platform and told his side of the story.
If what Fat Man Terra says is true, the Terra/ Luna story is a horror film.
A court will probably decide if he’s right or wrong, though. Let’s explore his allegations, taking into account that this is just the investigator’s interpretation of the facts. He might know more about the Terra/ Luna case than everyone on Earth, though.
This is the introduction to the episode titled “Fat Man Terra Speaks: Do Kwon Is a ‘Sociopath’ and a ‘Charismatic Manipulator”:
“Fat Man Terra, the anonymous Twitter account dedicated to bringing Do Kwon to justice, reacts to my recent interview with Do Kwon and says what he thinks it revealed about his personality.”
This is the video:
Fat Man Terra Presents The Case
- According to the pseudonymous investigator, the Terra creators were “unfairly enriching themselves” and failed to disclose critical information to investors. On purpose.
- Regarding his interview with Shin, Fat Man Terra thinks Do Kwon was “dancing around questions” and didn’t answer directly several of them.
- He thinks Do Kwon was “intentionally lying” about Terra’s breakup with Chai. Both when it happened and during the interview. At best, the situation was “heavily mishandled.”
- Fat Man Terra claims that on-chain data shows that TerraForm Labs cashed out billions of dollars. They cashed out throughout Terra’s whole existence.
- He also thinks there’s proof that the organization has “hundreds of millions stashed away.”
- According to the pseudonymous investigator, at the time Terra claimed that the protocol was attacked, but could not find “proof of fraud.”
The investigator also thinks that Do Kwon is “not able to stick to one story.” That’s a characteristic that fraudsters often exhibit. And he claims there’s a reason that regulators all over the world are looking at Terra specifically. Some things don’t add up, and this case is far from over.
LUNA price chart on Eightcap | Source: LUNA/USD on TradingView.com
Opinions About Do Kwon’s Character
Respectfully, Fat Man Terra goes for the throat. He’s been studying Do Kwon and his diagnosis is that the man is:
- A “sociopath with little regard for people’s feelings.”
- “Avoiding law enforcement” and “definitely on the run.”
- An idiot. Apparently, Do Kwon held all of the company’s bitcoin reserves in a single wallet.
- A liar. He knew that his involvement in the failed algorithmic stablecoin Basis Cash was relevant and should have disclosed it.
- A thief. Do Kwon was pretending to believe in Terra over everything and promoting it as such to retail. In reality, he was “simultaneously pulling out” hundreds of millions.
According to Fat Man Terra, it all comes down to that. “If you really believe in UST, why did you cash out so much,” he asks Do Kwon. Also, why did he made up statistics and inflated the network’s numbers?
The investigator will “start to believe he’s sorry” when Do Kwon starts making affected Terra investors whole from his own pocket.
Fat Man Terra Is Still Optimistic
The parasites will always be there, surrounding the crypto space. According to Fat Man Terra, if the industry wants to survive we have to start “calling out scammers” and “pushing for justice.” He believes the industry will develop “failsafe mechanisms” to filter out bad actors and, in general, he’s “optimistic about the future of the space.” Make no mistake, though. Despite the optimism, the investigator claims that “Terra was a scam at every level.”
According to Laura Shin, Do Kwon will be back to answer the allegations in the future.
Featured Image: Laura Shin screenshot from the interview | Charts by TradingView
Bitcoin.org Hacked By Scammers For A Few Minutes. Someone Sent Them 0.4 BTC
Hackers took over the Bitcoin.org website and displayed the classic double your money scam for a few minutes today. Apparently, it was a DNS hack. Luckily, the Bitcoin community took notice and alerted Cobra, the pseudonymous website owner, as well as the company that hosted the domain. A few minutes later, Bitcoin.org was down. Sadly, a credulous person was faster than them and sent 0.4 BTC to the displayed address… or did he?
Someone sent half a bitcoin🤦♂️ pic.twitter.com/pnyJIHJZIN
— Harrison Bergeron (@coinableS) September 23, 2021
The transaction exists, but there’s a rumor that it might’ve been the scammers themselves, trying to make the operation look reputable. Just like a busker who put some change in his hat to encourage others to contribute. However, that’s just a rumor. Someone might’ve been scammed.
Related Reading | Old Bitcoin Miner Proves Craig Wright has No Access to 145 Tulip Trust Addresses
In any case, everybody else should thank Matt Corallo, a Bitcoin Core contributor who took it upon himself to contact the domain name registrars and managed to convince them to temporarily take down the site before some catastrophe happened.
Namecheap to the rescue, thanks y'all https://t.co/HfmQVvUDt9
— Matt Corallo (@TheBlueMatt) September 23, 2021
What Does The Bitcoin.org Owner Think About All Of This?
When Cobra announced the Bitcoin.org hack, he or she said, “Currently looking into how the hackers put up the scam modal on the site.” So far, there’s no information on that. Cobra also said that Bitcoin.org “May be down for a few days,” but luckily that wasn’t necessary.
https://t.co/OsFgRFRRZb has been compromised. Currently looking into how the hackers put up the scam modal on the site. May be down for a few days.
— Cøbra (@CobraBitcoin) September 23, 2021
Earlier in the day, Cobra contacted via Twitter their new hosting company Cloudflare and told them that the website has never been hacked, and now that he moved to their servers, this happened. The company responded, and eventually, the original tweet disappeared.
BTC price chart for 09/23/2021 on Bittrex | Source: BTC/USD on TradingView.com
Does This Have Anything To Do With Craig Wright AKA Faketoshi Nakamoto?
A few months ago, both Cobra and Bitcoin.org made worldwide news. Craig Wright, Australian entrepreneur and Satoshi Nakamoto cosplay artist, got a UK court to order the website to remove the Bitcoin Whitepaper from its servers. At the time, Yahoo! finance informed:
“Cobra, the pseudonymous creator of the Bitcoin.org website, has been ordered by London’s High Court to discontinue hosting its copy of the Bitcoin white paper.
Citing copyright infringement brought forward by nChain Chief Scientist Craig Wright, the judge had no option but to rule a default judgment because Cobra chose not to make an appearance.”
https://t.co/yc0aKbZcer is Hacked by Scam. pic.twitter.com/2qmRMS2lJh
— Wu Blockchain (@WuBlockchain) September 23, 2021
Does the hack have anything to do with Craig Wright? There’s not a single clue to indicate that, but, rumors are flying. He’s the only one incentivized to attack Bitcoin.org, they say. However, 0.4 BTC is a pretty great incentive. Maybe the scammers were just interested in scamming.
Related Reading | Craig Wright Wins Lawsuit On Bitcoin.org Hosting Bitcoin Whitepaper
In any case, to close all the loops, Yahoo quotes Cobra explaining why he chose not to make an appearance in court:
“Unfortunately the court rules allowed for me to be sued pseudonymously, however, I couldn’t defend myself pseudonymously. So I was put in an impossible situation of losing my privacy or losing the case in a default judgment.”
So, to sum it all up, Bitcoin.org is back up again and no one scammed you. All is well that ends well.
Featured Image: Screenshoot from the hacked website | Charts by TradingView
Ledger Scam: Scammers Mail Hacked Ledger Devices To Steal Crypto
Scammers are now mailing hacked ledger devices to Ledger users in a bid to steal crypto from unsuspecting users.
An alarmed user made a post on Reddit that they had gotten a Ledger device that they hadn’t purchased. In the package was a poorly worded letter riddled with grammatical errors that explained that due to a cyberattack, Ledger was replacing all old devices with new ones for the purpose of safety.
Letter explaining the reason the device was sent
In further pictures posted by the accounts was a sealed and authentic looking Ledger device.
Device sent in a sealed box
The user then went on to open the device which contained instructions for connecting the device to a computer and installing the application from the device. Asking to choose seed phrase length and inputting your seed phrase into the device.
Instructions contained in the device asking to input seed phrases
Growing more suspicious, instead of plugging the device to their computer, the user went on to dismantle the Ledger device itself.
Ledger devices look like flash drives with a small screen on them. The screen is to make sure that your seed phrase is yours alone.
This proved to be the right move as upon dismantling the device and looking at the circuit board, there were obvious differences between the new device and the original Ledger device.
Side by side comparison of the device sent and an original Ledger device. Fake device on the left and original device on the right.
The scam is obviously a phishing scam meant to send the attackers the seed phrases once they are entered on the compromised device.
In the Reddit post, they issued a warning to other users. A bold new way of attacking with the poster referring to it as “some next level of scam attempt.”
Ledger Hack
Late last year, Ledger had announced that there had been a data breach and the attackers had gotten access to their databases. The names, phone numbers, and mailing addresses of 272,000 customers were stolen and subsequently posted on Raidforums. Raidforums is a platform where hackers go to post the information of hacked databases.
Related Reading | Why Bitcoin Is Actually “Bad For Crime” Contrary To Belief
Ledger had come forward after the breach to assure customers that there was no need to worry. The hack had no way of affecting the hardware wallets of users. As the private keys to the wallets were only held by users and there was no way for the hackers to actually get their hands on them.
This seemed like it was under control and users could rest easy. Ledger was very clear that the data breach only affected information that had to do with e-commerce purposes. No crypto balances were in jeopardy.
The company further posted on Twitter that they were working with law enforcement to stop any breach-related scams. Stating that they had, with the help of law enforcement, taken down over 170 phishing scam websites since the breach happened.
Crypto and Hacks/Scams
The crypto space isn’t new to hacks and scams. There are countless successful and unsuccessful attempts carried out yearly on investors. Some attackers set their sights on smaller scams, going after individual crypto investors in a bid to trick them out of their coins. Other attackers have their eyes on bigger fish like crypto exchanges and malware attacks on large corporations demanding crypto as ransom.
Total Crypto Market Cap | Source: Crypto Total Market Cap on TradingViews.com
One such case is in the case of Colonial Pipeline being hit with a malware. The corporation had to pay $4.4 million in ransom to get operations back up.
The irreversibility of crypto transactions makes it so that coins sent out of a wallet cannot be reversed. This means that if anyone were to get their hands on your seed phrase, they could take all of your coins. The transactions would be visible on the blockchain for you to see but there is no way to actually tell who is on the other end of the transaction.
Related Reading | Will A Large Spike In Bullish Sentiment Translate To A Bitcoin Rally?
So crypto investors are always advised to never reveal their seed phrase to anyone. Never enter it into any website. Do not store it online.
A good way is to write it down on a piece of paper and place it somewhere only you can get to.
The safety of your coins are of the utmost priority.
Featured image from Crypto Network News, images in article from Reddit, chart from TradingView.com
Grifter season in DeFi-land, and Uniswap v3 is here! Finance Redefined 4/28-5/05
Uniswap v3 starts off with a whimper, not a bang, and grifters galore in this week’s Finance Redefined.