Larsen attempted to downplay the massive theft, claiming repeatedly that the theft did not represent a threat to Ripple itself, and trying to reassure people that Ripple wallets are still safe. However, fears over a threat to Ripple itself and the true separation between Larsen's wallets and those belonging to the Ripple project continued, and XRP dipped around 5% on the news.
The Magic Internet Money ($MIM) stablecoin has lost its dollar peg again, dipping all the way below $0.77 in a flash crash before returning to around $0.95.
The depeg appears to be related to an exploit of the Abracadabra lending protocol, which allows people to borrow $MIM. An attacker exploited an apparent flaw in the platform's smart contracts to drain around $6.5 million.
This is the second HyperVerse related criminal charge in recent days, following the arrest of promoter "Bitcoin Rodney".
Goledo Finance contacted the attacker to offer a 10% "bounty" for the return of the remaining assets. In a message on January 29, the attacker wrote: "I hacked Goledo and want to negotiate".
Anyway, the South Korean Somesing platform — which is really more of a TikTok-but-just-for-song-covers clone than anything to do with karaoke — suffered a breach in which 730 million SSX tokens were stolen. These tokens are nominally priced at around $11.5 million, but around 2/3 of the stolen tokens were as yet undistributed and not a part of the circulating supply.
Singh pled guilty to conspiracy to possess with the intent to distribute controlled substances and conspiracy to commit money laundering, charges for which he's expected to serve around 8 years in prison.
- "Defendant pleads guilty in dark web narcotics case involving largest cryptocurrency seizure of $150 million in drug proceeds", U.S. Attorney's Office, Southern District of Ohio [archive]
- "Dark-web drug-ring plea nets DEA millions in cryptocurrency", The Washington Post [archive]
The attackers were able to siphon 769 million $WSM from the contract, which was notionally worth around $7 million. However, the token lacks liquidity to support swapping hundreds of millions of tokens without depressing the price, and the token price dropped around 35% in the wake of the attack as the thief began to cash out over several days.
Meanwhile, WSM announced that they would be issuing a new token to replace the stolen tokens, and "renew[ing] the liquidity pool"... somehow.
The emails appeared to announce airdrops and exclusive offers from those companies, and recipients were invited to connect their wallets to claim tokens. Those wallets were then drained.
The attackers stole a variety of cryptocurrencies, and some outlets have reported the theft has totalled more than $3.3 million. However, because a substantial amount of that number comes from the illiquid Xbanking token, the actual liquid value of the tokens is likely closer to $700,000. The attackers have begun mixing the stolen funds through the Railgun privacy service.
- "MailerLite confirms hack that led to $3.3M crypto-phishing email attacks", CoinTelegraph [archive]
- "Coordinated crypto hack and phishing campaign floods investor emails: Alert", CoinTelegraph [archive]
- "Mailer Lite hacker impersonates crypto firms, draining $600,000 with phishing emails", The Block [archive]
GMEE is the token belonging to the Gamee blockchain-based gaming platform, which was acquired by the Animoca Brands company in 2020. Animoca is mostly known for its crypto-metaverse project, The Sandbox.
Tokens priced at around $1.8 million were drained from the project vaults. In a tweet, Concentric urged users to revoke contract approvals to avoid further losses.
The wallet addresses used by the exploiter appeared to connect the attacker to the $2.7 million OKX DEX theft in December 2023.