He was arrested in August 2022 after a year on the run. Now, he and his brother and sister have all been sentenced to 11,196 years in prison – sentences so over the top that one has to wonder if perhaps Turkish prosecutors are worried the Özers are some kind of crypto-focused vampire crime family. They will also pay a 135 million lira fine (~$5 million).
Founder of the Thodex crypto exchange sentenced to 11,196 years in prison
As of writing, the April 2021 $2 billion Thodex exit scam is the second largest exit scam recorded in the Web3 is Going Great leaderboard. Thodex was one of the largest crypto exchanges in Turkey, until its CEO, Faruk Fatih Özer, disappeared along with $2 billion in customer funds.
CFTC goes after three defi projects
The CFTC has announced charges and settlements against defi projects Opyn, ZeroEx, and Deidex for various commodities law violations. The projects will pay $250,000, $200,000, and $100,000, respectively, to settle the charges. They have also agreed to cease and desist the activities.
The CTFC stated: "Somewhere along the way, DeFi operators got the idea that unlawful transactions become lawful when facilitated by smart contracts. They do not."
Fourth FTX exec pleads guilty, agrees to forfeit $1.5 billion
Former CEO of FTX's Bahamian entity, Ryan Salame, has pleaded guilty to two criminal charges in the ongoing case against FTX and founder Sam Bankman-Fried. Salame (pronounced "Salem") is the fourth exec to plead guilty, following pleas from Caroline Ellison and Gary Wang in December 2022, and another from Nishad Singh in February 2023.
As part of the deal, Salame has agreed to forfeit $1.5 billion. He will also pay $5.6 million restitution to FTX debtors and $6 million to the U.S. government, and will forfeit two homes in the Berkshires and a 2021 Porsche 911. According to the New York Times, he is not cooperating with the investigation.
Salame's sentencing is scheduled for March 2024.
Victim loses around $24 million in phishing scam
A crypto phisher hit it big today when they lured in a victim with a massive wallet balance. The victim wallet was drained of 4,851 rETH and 9,579 stETH, both wrapped versions of ETH used for staking. Altogether, the tokens are priced at around $24 million.
The wallet address used by the phisher has been associated with multiple crypto phishing websites which attempt to convince users to authorize transactions, often by impersonating known crypto projects or promising token airdrops.
High-profile streamers bail on MrBeast-promoted Creator League after learning there are blockchains involved
A group of high-profile streamers and social media influencers agreed to join eFuse's "Creator League", where they would lead community e-sports teams. The project was announced on September 2, and was promoted by mega-influencer MrBeast. Only days later, the project has been put on hold after some of those influencers balked once they learned blockchains were involved.
YouTuber CDawgVA publicly withdrew from the project on September 3, writing, "I was not told or made aware at any point that there was Blockchain technology and was only made aware of that information when the event went live. I was given assurances that it had nothing to do with NFT's. Given my vocal hatred of such tech, I would never agree to join had I known that."
The creator of the OTK Network, which had agreed to participate in the League, wrote: "We were told there was no NFT/crypto component but looks like that may not be the case."
Creator League issued a statement attempting to downplay its blockchain usage, emphasizing that people who purchased "Creator Passes" were not buying cryptocurrency or NFTs. "The Creator League is not an NFT project and we have never sold tokens," they insisted. "Those buyers who remain uncomfortable with the blockchain technology can request a refund," they continued.
Now, Creator League has been postponed. eFuse, the company behind it, has also just announced a 30% layoff amid company restructuring.
Stolen LastPass vaults possibly cracked to enable crypto thefts
In November 2022, popular password management tool LastPass disclosed that hackers had stolen "password vaults" containing data belonging to more than 25 million users. Although the vaults themselves are encrypted, some experts now believe that these vaults are being cracked to enable access to crypto credentials stored within.
A report by cybersecurity expert Brian Krebs outlines how various experts have come to this conclusion after analyzing a long string of crypto thefts perpetrated against people with otherwise strong security practices. Altogether, the thefts suspected to have been enabled by the LastPass breach amount to more than $35 million.
- "Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach", Krebs on Security [archive]
GMBL.COMPUTER crypto casino exploited hours after launch
The brand new Arbitrum-based defi casino GMBL.COMPUTER was exploited for around 471 ETH (~$770,000). The project, which promises to "generate yield from casino games", had officially launched only hours earlier. The GMBL team later stated that they believed the exploit was due to a flaw in the platform's referral system, where people could place bets without depositing any funds and use them to generate referral bonuses.
GMBL offered a "bug bounty" to the attacker, inviting them to return 90% of the stolen funds in exchange for a promise not to pursue legal action. The exploiter later returned 235 ETH (~$382,000), or half what they had stolen.
GMBL promised that "we are going to thoroughly test everything again before re launching".
MetaMask phishing scammers hijack government websites
Phishing scammers hoping to lure victims into visiting fake websites resembling that of the popular MetaMask crypto wallet have adopted a new approach: compromising government websites. CoinTelegraph identified websites on domains belonging to the governments of countries including India, Nigeria, Egypt, Colombia, Brazil, Vietnam that had been compromised and modified to redirect to these scam sites. Some of them included the websites of the Nigerian postal service and, ironically, of Egypt's Consumer Protection Agency.
Once victims visit the fake site, they're prompted to connect their MetaMask wallets to access various services, which would allow the scammers to steal any assets in the wallets.
Genesis to close U.S. spot trading business
Although Genesis Global Capital filed for bankruptcy in January 2023, portions of the larger business were not included in bankruptcy proceedings and continued to operate. One such portion was Genesis's U.S.-focused spot trading platform, at least until an email to clients announcing that their accounts would be closed at the end of the month.
"The decision was made voluntarily and for business reasons," the email claimed.
Genesis is a subsidiary of the Digital Currency Group (DCG) conglomerate, which has since the beginning of the year seen its Genesis platform enter bankruptcy, shuttered its TradeBlock subsidiary, and is reportedly approaching a deal to sell its CoinDesk crypto media outlet.
Nima Capital accused of rug pull
"Even VCs are rugging now", remarked someone on Twitter as Nima Capital was observed selling 9 million $SYN (priced at ~$3.7 million before the sudden sale caused the token price to drop) and removing all stablecoin liquidity from the Synapse decentralized blockchain bridge. In April 2023, Nima had entered into a deal with Synapse to lock $40 million of liquidity in the project in exchange for the $SYN tokens, with an agreement to not sell the tokens for twelve months. However, it appears they've just dumped their tokens seven months early. Not only that, Nima Capital took their website offline and made their Twitter account private in typical rug-pull fashion.
Synapse posted on Twitter that they were "investigating unusual activity" on the wallets of one of their liquidity providers, and were "working to get in touch with them".
The $SYN token plummeted almost 25% after the sell-off, later recovering somewhat.