Larsen attempted to downplay the massive theft, claiming repeatedly that the theft did not represent a threat to Ripple itself, and trying to reassure people that Ripple wallets are still safe. However, fears over a threat to Ripple itself and the true separation between Larsen's wallets and those belonging to the Ripple project continued, and XRP dipped around 5% on the news.
$112.5 million in XRP stolen from Ripple CEO Chris Larsen
Blockchain sleuth zachxbt noticed the strange movement of around 213 million XRP, the native token for the Ripple project. These tokens were priced at around $112.5 million at the time of the theft. He originally identified the source of funds as Ripple itself, though Ripple CEO Chris Larsen later went on Twitter to claim that the funds that were stolen had come from his personal wallets and not from wallets belonging to the Ripple project.
Abracadabra exploited for almost $6.5 million, Magic Internet Money stablecoin depegs
Well that sure is a headline I just had to write.
The Magic Internet Money ($MIM) stablecoin has lost its dollar peg again, dipping all the way below $0.77 in a flash crash before returning to around $0.95.
The depeg appears to be related to an exploit of the Abracadabra lending protocol, which allows people to borrow $MIM. An attacker exploited an apparent flaw in the platform's smart contracts to drain around $6.5 million.
This is the second time the token has depegged, after a June 2022 incident shortly after the Terra collapse.
HyperVerse founder Sam Lee charged
US Attorneys in Maryland and the US Securities and Exchange Commission filed criminal and civil lawsuits, respectively, against Sam Lee, the co-founder of the HyperVerse cryptocurrency investment scheme, which has defrauded victims of between $1.3 billion and $1.9 billion depending on whose estimate you use. The US Attorneys have accused Lee of securities fraud and wire fraud. The SEC has accused Lee and a major HyperVerse promoter, Brenda Indah Chunga (aka "Bitcoin Beautee"), of securities fraud and offering unregistered securities.
This is the second HyperVerse related criminal charge in recent days, following the arrest of promoter "Bitcoin Rodney".
Goledo Finance hacked for $1.7 million
Goledo Finance, an Aave-based lending protocol, was exploited through a flash loan attack. The attacker stole assets estimated by CertiK at around $1.7 million.
Goledo Finance contacted the attacker to offer a 10% "bounty" for the return of the remaining assets. In a message on January 29, the attacker wrote: "I hacked Goledo and want to negotiate".
- Tweet by CertiK [archive]
- On-chain message from the attacker [archive]
Korean crypto karaoke platform Somesing hacked
Have you ever gone out to karaoke and thought "man, the only thing missing from this perfect night is a blockchain"? No? Weird.
Anyway, the South Korean Somesing platform — which is really more of a TikTok-but-just-for-song-covers clone than anything to do with karaoke — suffered a breach in which 730 million SSX tokens were stolen. These tokens are nominally priced at around $11.5 million, but around 2/3 of the stolen tokens were as yet undistributed and not a part of the circulating supply.
8,100 Bitcoin forfeited by Silk Road drugs distributor in guilty plea
The US government is cementing its status as one of the largest BTC holders by adding another 8,100 BTC (priced at almost $350 million today) to its stash. The tokens were forfeited in a plea agreement from Banmeet Singh, who sold large quantities of drugs including fentanyl, LSD, ecstasy, Xanax, Ketamine and Tramadol on various dark web marketplaces including the Silk Road.
Singh pled guilty to conspiracy to possess with the intent to distribute controlled substances and conspiracy to commit money laundering, charges for which he's expected to serve around 8 years in prison.
- "Defendant pleads guilty in dark web narcotics case involving largest cryptocurrency seizure of $150 million in drug proceeds", U.S. Attorney's Office, Southern District of Ohio [archive]
- "Dark-web drug-ring plea nets DEA millions in cryptocurrency", The Washington Post [archive]
WallStreetMemes token price plummets after staking contract exploited
Hackers were able to exploit a vulnerability in the staking contract for WallStreetMemes ($WSM), a memecoin and online casino project targeted at the "meme warriors" who frequent various financial meme communities, many of which formed around the Gamestop short squeeze.
The attackers were able to siphon 769 million $WSM from the contract, which was notionally worth around $7 million. However, the token lacks liquidity to support swapping hundreds of millions of tokens without depressing the price, and the token price dropped around 35% in the wake of the attack as the thief began to cash out over several days.
Meanwhile, WSM announced that they would be issuing a new token to replace the stolen tokens, and "renew[ing] the liquidity pool"... somehow.
- WSM exploiter wallets [archive]
- "Important Security Update", WallStreetMemes Medium [archive]
MailerLite hack enables over $700,000 in crypto phishing thefts
After hackers gained access to various accounts on the MailerLite email marketing software via a social engineering attack on an employee, they were able to send malicious phishing emails that appeared as though they had been genuinely sent from companies including the CoinTelegraph crypto media outlet and the crypto firms Wallet Connect, Token Terminal, SocialFi, and De.Fi.
The emails appeared to announce airdrops and exclusive offers from those companies, and recipients were invited to connect their wallets to claim tokens. Those wallets were then drained.
The attackers stole a variety of cryptocurrencies, and some outlets have reported the theft has totalled more than $3.3 million. However, because a substantial amount of that number comes from the illiquid Xbanking token, the actual liquid value of the tokens is likely closer to $700,000. The attackers have begun mixing the stolen funds through the Railgun privacy service.
- "MailerLite confirms hack that led to $3.3M crypto-phishing email attacks", CoinTelegraph [archive]
- "Coordinated crypto hack and phishing campaign floods investor emails: Alert", CoinTelegraph [archive]
- "Mailer Lite hacker impersonates crypto firms, draining $600,000 with phishing emails", The Block [archive]
Animoca Brands-owned Gamee tokens stolen
An attacker was able to gain access to the Gamee (GMEE) token's source code repository, then exploit a vulnerability in the code to transfer 600 million GMEE tokens to their own wallets. At the token's market price of $0.025 before the hack, these tokens were ostensibly priced at $15 million, though the token value plunged around 60% to below $0.01 following the theft as the attacker began selling the tokens.
GMEE is the token belonging to the Gamee blockchain-based gaming platform, which was acquired by the Animoca Brands company in 2020. Animoca is mostly known for its crypto-metaverse project, The Sandbox.
Concentric Finance exploited for $1.8 million
The Concentric Finance yield aggregator project issued a statement that the protocol had been exploited after a social engineering attack on a team member that had access to the project's deployer wallet.
Tokens priced at around $1.8 million were drained from the project vaults. In a tweet, Concentric urged users to revoke contract approvals to avoid further losses.
The wallet addresses used by the exploiter appeared to connect the attacker to the $2.7 million OKX DEX theft in December 2023.