MEV bot earns over $1 million in profit, loses almost $1.5 million in hack an hour later

MEV bots are a controversial category of bots who frontrun transactions in ways that are often detrimental to users. One such bot, known as 0xbadc0de, earned a windfall when a trader tried to sell 1.8 million cUSDC (USDC on the Compound protocol) — notionally worth $1.85 million — but only received $500 in assets in return due to low liquidity. The MEV bot, however, profited 800 ETH (~$1 million) from arbitrage trades surrounding the sale.

One hour later, a hacker exploited a vulnerability in the bad code of 0xbadc0de, which allowed them to withdraw all of the ETH in the contract: not just the ETH they'd recently earned in the huge trade, but all 1,101 ETH (~$1.5 million).

The bot operator subsequently sent a message to the thief via an Ethereum transaction, writing that if the thief returned the funds, they would give them 20% as a "bounty". Otherwise, they wrote, "we will have no choice but to pursue accordingly with everything in our power with the appropriate authorities to retrieve our funds". The thief replied by mimicking the message, writing, "What about normal people who you have mev'ed and literally fucked them? Will you return them?" and suggesting that if they returned all of the funds they'd extracted, the thief would pay them 1%.

Someone claims to have burned a Frida Kahlo drawing to "transition it into the Metaverse" as NFTs

a ghostly figure with enormous eyes intertwined with a giant fish, a broom, duck, bird, and other creatures against a green backdrop, with the phrase “Here are the sinister ghosts” scrawled across it.Fantasmones Siniestros (Sinister Ghosts) (attribution)
A businessman has published a video in which he burns a drawing that he claims is an original Frida Kahlo drawing worth more than $10 million — though its value and its authenticity have both been questioned. The entrepreneur created 10,000 NFTs from the drawing, which he's selling for 3 ETH (~$4,000) (reduced from the original 3.5 ETH/$4,700) for a hoped total of $40 million. He claims that in burning the artwork, he has "transitioned [it] into the Metaverse".

So far, the stunt has resulted in two NFTs being minted by outside parties, for total proceeds of 7 ETH (~$9,400) —  not quite the millions the drawing allegedly cost the NFT project creator. Meanwhile, Mexican authorities have said they are investigating whether the businessman committed a crime in intentionally damaging an artistic monument.

Crypto executive exodus continues

The wave of crypto executives stepping down from their roles is continuing, after Genesis' CEO left the company and Michael Saylor gave up his CEO title (but stayed on as chairman) in August.

Now, Genesis' managing director has stepped down after five years. Kraken CEO Jesse Powell relinquished his title, planning to remain at the firm as a chairman. Alex Mashinsky has resigned as the CEO of Celsius Network in the midst of bankruptcy proceedings. And FTX US president Brett Harrison will also be stepping down.

Eight state regulators file enforcement actions against Nexo

Crypto lending service Nexo was hit with a barrage of cease-and-desist lawsuits from eight states: California, Vermont, Oklahoma, Kentucky, Washington, South Carolina, New York, and Maryland. Several of them also tacked on fines, with Washington levying a hefty $1 million against the company, and Maryland fining them $5,000 per violation.

Nexo had previously been warned to stop offering services in New York state and to register under securities regulations, but hadn't done so. Several states called into question Nexo's "real-time audit", which they describe as bogus. Kentucky also noted in their lawsuit that when the company's holdings of their own $NEXO token was taken out of the equation, the company appears to be insolvent.

Four NFTs valued at at least $150,000 stolen from Jason Falovitch

An illustration of a golden brown ape with closed eyes, biting its lower lipBored Ape #7779 (attribution)
Sports manager turned crypto entrepreneur Jason Falovitch is now perhaps best known for his influence in the NFT space. He co-founded the Leverage Game Media company along with Mark Cuban, a group that owns many NFT assets and helps promote NFT projects through their control of major sports social media pages. Falovitch also co-founded @NFT, a group of social media pages that earned a ban from Twitter in February after accusations that they promoted scammy NFT projects without proper disclosure.

On September 25, Falovitch tweeted "I got hackled last night on Opensea. Apes, doodles, eth. It's not pretty." Four NFTs had been stolen from his wallet — two Doodles, and a Mutant and Bored Ape — along with 6 ETH (~$7,750). The Mutant and Bored Apes were both resold, for 15.99 ETH (~$20,700) and 82.69 ETH (~$107,000) respectively. Factoring in Doodle floor prices, the hacker is looking at at least $150,000 in profit.

The loss, however, is larger for Falovitch, who spent ~$377,000 on the four NFTs based on the price of ETH at the times of purchase. Falovitch tweeted after the hack, "Now I'm over $1M hacked in ETH and NFTs." It's not clear if he's referring to other wallets he may control that were compromised, previous hacks he's suffered, or if he's massively overestimating the value of the stolen NFTs. He also tweeted that he discovered his car was broken into as he went to drive to the police department to report the NFT thefts.

Well-known crypto researcher zachxbt, who is known for helping victims of wallet hacks recover their assets, tweeted to Falovitch: "Karma for all of the people you rekt with the scams promoted on your Instagram page. Definitely won't be tracking this one."

IRS gets permission for summons to go after taxpayers who didn't report crypto transactions

The IRS was granted authorization to issue a "John Doe summons", which will require M.Y. Safra Bank to provide them with information on U.S. customers who may have failed to report taxable cryptocurrency transactions. This summons is specifically aimed at customers who used sFOX, a crypto broker that used M.Y. Safra Bank's services. The IRS was also previously authorized to serve a John Doe summons on sFOX directly.

The press release stated, "Based on its recent experiences with cryptocurrencies, the IRS has strong reason to believe that many virtual currency transactions are not being properly reported on tax returns."

CFTC files suit against a DAO

The Commodity Futures Trading Commission fined the bZeroX blockchain project and its founders $250,000 for allowing illegal trading of digital assets, engaging in activities only allowed by registered futures commission merchants, and not performing proper KYC. They have also filed a civil suit against Ooki DAO, the successor to bZeroX, for violating the same laws.

This will certainly be interesting to watch. DAOs  —  decentralized autonomous organizations  —  are a popular form of web3 project governance where (typically) anyone who holds the governance token can vote on the actions of the DAO. There is little precedent in the way of filing charges against a DAO, and DAOs often don't have the liability protections of more traditional organizational structures.

Man charged with seven felonies over crypto scams

The U.S. Attorney's Office for the District of Utah announced seven felony charges against a man who is accused of several crypto-related scams.

In one, he conned two victims for $1.7 million by claiming to sell a powerful Bitcoin miner that didn't exist; instead, a fake machine in the office was connected to a monitor displaying prerecorded video to make it appear as though the machine was mining cryptocurrencies.

In another, he created a business he claimed would "Bank the Unbankable" by providing financial services to people who couldn't access them. Instead, the millions of dollars were spent on unrelated businesses.

Compute North, one of the largest crypto mining datacenters, files for bankruptcy

Aerial photo of dozens of containers housing crypto mining infrastructure on a large plot of landCompute North facility (attribution)
Compute North has filed for Chapter 11 bankruptcy, in what may be a blow to the crypto mining industry. Compute North is a major datacenter provider, and have deals with crypto mining companies including Marathon Digital, Compass Mining, and others. Compute North had just raised $385 million in February through a Series C equity round and debt financing.

Wall Street Journal suggests that Coinbase tested proprietary trading

According to a report in the Wall Street Journal, US-based cryptocurrency exchange Coinbase tested a group to speculate on cryptocurrencies in hopes of earning funds for the business. The WSJ said they performed a $100 million "test trade" before ending the initiative. Some Coinbase employees described the project as proprietary trading — something Coinbase has testified in front of Congress to say they don't do. Prop trading is controversial because of the potential conflicts of interest, in which firms can end up effectively trading against their own customers.

Coinbase has refuted the WSJ claims in a blog post, accusing the paper of confusing "client-driven activities" with prop trading. In a statement to the WSJ, published in the article alongside the allegations, a Coinbase spokesperson said that "Coinbase does not, and has never, had a proprietary trading business. Any insinuation that we misled Congress is a willful misrepresentation of the facts".

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.