Now, a judge has awarded default judgment in the case, requiring the DAO to pay a more than $640,000 penalty, close down its website, and stop trading.
The court held that the Ooki DAO was a "person" under the Commodity Exchange Act and thus could be held liable for violations of the law.
- Order on Motion for Default Judgment, Commodity Futures Trading Commission v. Ooki DAO
While simply claiming in a lawsuit that a crypto token is a security does not necessarily constitute a firm decision that it is so, this has been enough in the past to lead exchanges to remove token listings. The 2020 lawsuit against Ripple and its XRP token led to the token widely being delisted from exchanges serving US customers.
After this was brought to BNB Chain's attention by crypto sleuth zachxbt, they tweeted that they "acted quickly (within 10 minutes) to ban the offending accounts and remove the posts. We've taken steps to secure the server and protect against any further abuse." However, less than an hour later they put out a new tweet announcing that the URL had been hijacked to redirect to a new server.
"This is a scam, and if you connect your wallet, you will lose your funds. Please exercise caution until we are able to confirm a resolution", they wrote.
The SEC, apparently unconvinced by Coinbase's usual spiel, filed a complaint with five claims for relief involving operating without registering with the SEC and offering unregistered securities by way of providing a cryptocurrency staking program.
Coinbase has responded with its usual bluster, and vowed to fight the lawsuit. They don't really have much choice, given their business is almost entirely predicated on being able to continue operating in the US. A tweet by Coinbase CEO Brian Armstrong refers to "the US congress... introducing new legislation to fix the situation", suggesting he is hoping that Congress might bail him out of the mess he's in. Given the amount of lobbying Coinbase has been doing, and the apparent bought and paid for crypto advocates who sit in Congress, his hopes are not entirely misplaced, but we shall see. As with the lawsuit against Binance, this is not likely to resolve anytime soon, particularly if the companies both decide to fight in court.
- "SEC Charges Coinbase for Operating as an Unregistered Securities Exchange, Broker, and Clearing Agency", U.S. Securities and Exchange Commission
- SEC v. Coinbase
- Tweet by Brian Armstrong
The complaint echoes some of the allegations made by the CFTC in a March lawsuit, including that Binance.US was primarily a front for Binance's international platform that was used to try to distract US regulators. However, it also goes farther by adding allegations around Binance's lack of controls around market manipulation, which the SEC alleges contradict public statements by Binance that they had sophisticated programs to prevent wash trading and other manipulative actions. The SEC even claims that the CZ-owned and -operated market maker Sigma Chain was engaged in substantial wash trading on the platform.
The SEC lawsuit was also a bit of a bombshell in its naming of some major cryptocurrencies as securities: SOL, ADA, MATIC, FIL, ATOM, SAND, MANA, ALGO, AXS, and COTI. These are the crypto assets associated, respectively, with the Solana, Cardano, Polygon, Filecoin,[d] Cosmos, The Sandbox, Decentraland, Algorand, Axie Infinity, and Coti projects.
Following the thefts, Atomic Wallet tweeted that they were aware of the reports of wallet compromises, and that they were attempting to learn more about the attacks, but had not yet confirmed any method of attack. They've since taken down the wallet software download page, likely out of concern that the software itself has been compromised.
Crypto sleuth zachxbt compiled a list of reported compromised Atomic Wallets, finding that multiple individuals lost multiple millions in the attack. The largest known individual theft so far involved almost $8 million in USDT (Tether); other individuals lost $2.8 million in USDT and 1,897 ETH (~$3.5 million).
Users of Atomic Wallet have been advised to transfer their assets to other wallets.
On June 6, both zachxbt and blockchain research group Elliptic speculated that the laundering strategy by the thieves resembled that of the North Korea-linked Lazarus Group, which has been responsible for other major crypto thefts.
The leaked key allowed the attacker to transfer ownership of project smart contracts to themselves, though they later returned ownership.
unshETH posted a message to the hacker, demanding they return 90% of the stolen funds. They threatened: "We want to be clear, and this is not a bluff: we know who you and some people connected to you (friends) are, and we will absolutely move forward with law enforcement if you have not returned the money by the deadline above. We don't want to do this to you or have to rope your friends in, and would prefer everything be settled and everyone just move forward, but if we don't get the funds back by the above-mentioned time, we will be left with no choice in order to protect our protocol."
"Sounds exactly like someone bluffing would say", wrote one commenter.
- "Team Behind Offshore Yuan, Hong Kong Dollar Stablecoins Detained by Chinese Police: Report", CoinDesk
- "独家：离岸人民币稳定币CNHC发行团队失联，或因涉案被司法部门带走", PA News (in Chinese)
Binance did not list the jurisdictions in which it would be ending privacycoin trading, but users in France, Spain, and Poland all reported receiving alerts. This suggested it could be related to the recent passage of the MiCA crypto legislation in the European Union. The resolution states: "The operating rules of the trading platform for crypto-assets shall prevent the admission to trading of crypto-assets that have an inbuilt anonymisation function unless the holders of those crypto-assets and their transaction history can be identified by the crypto-asset service providers operating a trading platform for crypto-assets."
In late June, Binance announced that they had reversed their decision, and would continue to offer the tokens.