OneCoin operated out of Bulgaria, and was founded by Greenwood and "Cryptoqueen" Ruja Ignatova, the latter of whom has been on Europol's most wanted list since May 2022. The fraud amounted to around $4 billion and affected at least 3.5 million victims.
OneCoin cofounder gets 20 years in prison
Karl Sebastian Greenwood, co-founder of the notorious OneCoin ponzi scheme, was sentenced to 20 years in prison after pleading guilty to fraud and money laundering charges. He will also forfeit $300 million, much of which he spent on real estate, luxury vacations, and a yacht.
- "Co-Founder Of Multibillion-Dollar Cryptocurrency Scheme “OneCoin” Sentenced To 20 Years In Prison", press release by the U.S. Attorney's Office, Southern District of New York [archive]
Binance.US CEO Brian Shroder bails as the company cuts 1/3 of its employees
Brian Shroder, the CEO of Binance's US entity, has left the crypto exchange as it faces an existential lawsuit from the U.S. SEC. Shroder is only the latest exec to leave Binance and its various regional arms in what is becoming a mass exodus in recent months. The company has also lost its general counsel, chief strategy officer, head of investigations, a senior VP of compliance, and two leaders of Binance's Russian arm.
Simultaneously, Binance.US announced it would be cutting 1/3 of its employees, or more than 100 people. This is the second staffing cut since the SEC lawsuit was filed in June — Binance.US cut around 50 positions, then around 10% of employees, shortly after the lawsuit was announced. The primary Binance entity also fired more than 1,000 people in July.
- "Binance.US CEO Leaves Embattled Crypto Exchange", The Wall Street Journal [archive]
CoinEx hacked for $70 million
Various blockchain watchers noticed suspicious transfers from a hot wallet known to belong to the CoinEx cryptocurrency exchange. CoinEx later confirmed a "security incident" involving "unauthorized transactions", and disclosed that around $70 million was stolen. Outside researchers have suggested that the thieves appear to be a part of the North Korean state-sponsored hacking group, Lazarus.
CoinEx is based out of Hong Kong, and was recently forced to stop serving US customers as part of a settlement with the New York Attorney General which also required them to pay a $1.7 million fine.
Developer steals $1 million from the group behind Milady NFTs
A developer working on an NFT project spearheaded by Remilia, the DAO behind the Milady NFT project, stole around $1 million from the group by diverting fees generated by their new Bonkler "experimental finance art project". According to leader Charlotte Fang, the developer "also seized codebases and coordinated with two others on the team in an attempt to seize control of our social media, followed by demands for a significant portion of our treasury, including the NFT reserves." Fang stated that they believed they knew the thief's identity and had filed a lawsuit against them, and promised that they "will now be dealt with through the heavy hand of the law".
Remilia is a very controversial group, particularly after it was exposed that leader Charlotte Fang was a major figure in a white supremacist cult known as Kali Yuga Accelerationism (abbreviated "kaliacc"), and involved in a 4chan suicide cult.
Fang announced the theft on September 11 in a tweet accompanied by a glitch art image derived from a photo of the Twin Towers engulfed in flames and smoke shortly after the 9/11 terrorist attacks.
Banana Gun bot launches token, sparks rug pull fears as they disclose a bug
The team behind Banana Gun, a Telegram bot to help "snipe" token launches, launched a token associated with the project on September 11. Only hours later, they announced in a tweet that they'd uncovered a bug in their smart contract that meant that when people sold tokens, the 4% tax that was meant to go to the project was also kept in individuals' wallets.
The team wrote in an announcement that they had no choice but to sell the treasury wallet to drain the liquidity pool, which is locked to... well, stop the project team from draining the project and rug-pulling. At the time of announcement, the project team had around 950 ETH (~$1.5 million) in the treasury wallet.
Some pointed out that they could simply set the tax to 0% and carry on without the hefty sales tax, but that didn't seem to appeal to the project's creators. Some also speculated that the team might just take the money and run after draining the LP.
Fortress Trust hit by "security incident", bailed out by Ripple
Fortress Trust is a crypto custody and blockchain infrastructure company, founded by Scott Purcell. Purcell is also known for founding Prime Trust, which later lost over $75 million in customer funds, squandered another $8 million gambling on Terra/Luna just before its collapse, and then filed for bankruptcy in August 2023. Purcell is also embroiled in a lawsuit from former company Banq, now also bankrupt, which alleges he stole trade secrets and other valuable material to start Fortress.
On September 7, Fortress Trust disclosed that several customers had been "impacted by a third-party vendor" compromise. On September 8, Fortress Trust announced they had been acquired by Ripple. On September 11, The Block reported that Ripple had covered undisclosed losses to customers as a part of the acquisition deal. The losses were later disclosed to be around $15 million, and the third-party vendor was said to be a company called Retool, who blamed the compromise on a social engineering attack against one of their employees.
- Tweet thread by Fortress Trust [archive]
- "Ripple Acquires Crypto-Focused Chartered Trust Company Fortress Trust", CoinDesk [archive]
- "Ripple made Fortress customers hit by security incident whole as part of acquisition", The Block [archive]
- "Episode 125 – How to Steal Almost $100 Million: Prime Trust goes Bust", Crypto Critics' Corner [archive]
Paxos pays $500,000 fee to send $1,865
A wallet on the Bitcoin blockchain paid a 19.82 BTC ($499,171) fee to transfer 0.074 BTC ($1,865). Put another way, they spent 270x the transaction value to pay the fee. Bitcoin transaction fees are required to make any action on the Bitcoin blockchain, and people can opt to pay higher fees to incentivize their transactions being processed sooner. 19.82 BTC is far outside the realm of someone just hoping to get a speedy transaction, however — the next-highest transaction fee in that block was 0.006 BTC ($159.20).
Bitcoiner Jameson Lopp speculated that the transaction "looks like an exchange or payment processor with buggy software" based on its transaction history. "The address in question that made the fee calculation error has the characteristics of a withdraw-only hot wallet from an enterprise," he wrote.
His observations were well-founded, as it later came out that the wallet belonged to the Paxos blockchain company, who attributed the overpayment to a bug. Luckily for Paxos, the miner who snapped up the outsized fee agreed to refund it.
- Bitcoin transaction on Blockchain.com explorer [archive]
- Tweet thread by Jameson Lopp [archive]
Vitalik Buterin's Twitter account hacked to promote crypto scam
The Twitter account belonging to Vitalik Buterin, inventor and effective leader of the Ethereum project, was hacked to promote a crypto scam. A tweet posted to his compromised account advertised a "commemorative NFT" to celebrate the impending release of "proto-danksharding", which is the actual name for an upcoming change to the Ethereum protocol.
However, the link was a scam, and anyone who connected their wallet risked having their wallet drained of its cryptocurrency and NFTs. Some blue-chip NFTs were stolen, including two CryptoPunks (a collection with a floor price of around 47 ETH, or $76,800). Altogether, stolen assets surpassed $650,000 in value within a few hours of the theft according to zachxbt, though this counts notoriously difficult-to-value NFTs.
The tweet was taken down within twenty minutes of being posted. All in all, posting a link to a wallet drainer was probably among the least effective things the attacker could do with the Twitter account of a person whose word can dramatically move markets.
It did seem to be something of a stark warning to some in the crypto world, however, who expressed sentiments along the lines of "if Vitalik can get hacked, anyone can."
NFT startup Glass shuts down a year after raising $5 million
The NFT startup Glass was operating under the assumption that YouTubers and others who post video content for fans online might want to mint those videos as NFTs, which their fans could then buy. Unfortunately for them, they have since "come to the conclusion that there is not sustainable demand for video NFTs".
In September 2022, the startup managed to raise $5 million from investors including TCG Crypto and 1kx. Either that money's run out, or they're cutting their losses early.
Founder of the Thodex crypto exchange sentenced to 11,196 years in prison
As of writing, the April 2021 $2 billion Thodex exit scam is the second largest exit scam recorded in the Web3 is Going Great leaderboard. Thodex was one of the largest crypto exchanges in Turkey, until its CEO, Faruk Fatih Özer, disappeared along with $2 billion in customer funds.
He was arrested in August 2022 after a year on the run. Now, he and his brother and sister have all been sentenced to 11,196 years in prison – sentences so over the top that one has to wonder if perhaps Turkish prosecutors are worried the Özers are some kind of crypto-focused vampire crime family. They will also pay a 135 million lira fine (~$5 million).