News: OpenSea phishing attack, BitMEX execs plead guilty, 2016 DAO hacker maybe found, Cryptsy indictment

  • Back home, off NHS wifi and onto writing stuff again. Buy some signed author copies of the books — £25 the pair, plus postage £6 UK, £10 Europe or £12 rest of the world. Each one signed and non-fungible!
  • Subscribe on Patreon! Your $5 or $20 each month keeps the hits coming. Tell your friends and colleagues! Just the thing for the expense account!
  • Click here and enter your email address to get every new post emailed to you as it goes up.

“Please, God, I don’t ask for much from You. But give me this. A video of a sad cryptobro, trying to get a beat cop to make a police report about his stolen ape jpeg.”

The destiny of all cryptocurrency exchanges is to get hacked, and the same goes for NFT marketplaces. Some large OpenSea users suffered a phishing attack on 19 February — the users received an email that looked like it was from OpenSea, and clicking the link authorised a malicious smart contract. This let the attackers take the NFTs and sell them — on OpenSea! — netting 1,115 ETH ($2.9 million). The attacker returned some of the NFTs, and even gave some victims back some of the ETH from sales. [Web 3 Is Going Great; Twitter]

One victim of the previous OpenSea hack has filed to sue OpenSea for the loss of his valuable Bored Ape. Decentralised! [case docket]

Unofficial Minecraft NFT play-to-earn project Blockverse had a great launch — it sold out in just eight minutes, taking in 500 ETH, worth $1.2 million! There was 792 ETH in secondary sales of the NFTs! Then the anonymous developers deleted the project’s website and Discord. [The Gamer]

The crypto used to buy Melania Trump’s NFT for $170,000 came from … the same entity that created the NFT. As usual, NFT promoters pull celebrities into their shenanigans, then leave the celebrity to take the reputational hit. [Vice]

Rupert Murdoch goes NFT — with NFTs of front pages from The Sun. Can’t wait for the NFT of “GOTCHA!” [Guardian]

Snoop Dogg buys the trademarks to celebrated rap label Death Row Records, where he started his career! He plans to make Death Row Records “an NFT label.” Perhaps he could sell NFTs of the piss he’s taking. [NME]

Apparently, NFT marketplace Cent shut down due to actually having any ethics. CEO Cameron Hejazi seems to have wanted to set up a genuine art market — but then encountered crypto’s little ways. [Vice; blog post]

Section heading by Klyith on SomethingAwful.

 

 

GOU So Much For Subtlety*

* yes, yes, I know Subtlety is actually a GSV

The US Department of Justice announces a new National Cryptocurrency Enforcement team, with Eun Young Choi as its first director. Choi has been a Justice Department prosecutor for the past decade. Choi’s focus will be on ransomware and other uses of cryptocurrency in crime. [press release]

BitMEX founders Arthur Hayes and Ben Delo were charged in October 2020 with violations of the Bank Secrecy Act. They’ve pleaded guilty. Each will pay a $10 million fine, with possible further sentencing. No word on Sam Reed. [Department of Justice]

Crypto lender BlockFi is paying a $100 million settlement to the SEC. BlockFi is not to open any new interest-bearing accounts. Old accounts can continue to exist, but can’t add new funds. BlockFi assures us that paying a $100 million fine is good news for regulatory clarity. [press release; order, PDF; blog post]

In the course of writing her book on Ethereum, Laura Shin thinks she found the guy who hacked The DAO in 2016 — Toby Hoenisch of TenX. Hoenisch denies it, but evidently Shin thinks the evidence is good enough to put it in a book. Hoenisch was one of the many who warned The DAO that Slock.it’s buggy smart contract would get hacked the moment it went live. The interesting bit is that Chainalysis think they can analyse transactions going through the Wasabi Wallet mixer. [Forbes, archive]

Bitcoin old-timers may remember the Cryptsy exchange — which claimed a “hack” in 2014, and shut down in early 2016, then blockchain data showed that founder Paul Vernon had taken the bitcoins. Coinbase had to pay out nearly $1 million to Cryptsy’s victims after letting Vernon use Coinbase to cash out the coins. Anyway, the IRS has finally indicted Vernon over the Cryptsy fraud. [CoinDesk, 2016; CoinDesk, 2016; CoinDesk, 2020; IRS press release]

If crypto prices keep going down, have you considered becoming an SEC or CFTC whistleblower? You get paid in actual money, not illiquid minor altcoins. Start collecting your Discord chats now!

 

 

Regulatory clarity

The EU proposes requiring all crypto payments to have full Know-Your-Customer details — with no minimum limit. The current draft regulation removes a previous proposal to let through transactions under 1000 EUR — see page 13 of the draft for the change. [draft, PDF]

The draft Russian bill on cryptocurrency, from the Ministry of Finance, will forbid the use of cryptos in payments — cryptos will just be a tightly-regulated investment vehicle, with full KYC at every step. This is the soft option on the Bank of Russia’s proposal to ban just about everything about cryptos. [MinFin, in Russian]

The Financial Stability Board releases “Assessment of Risks to Financial Stability from Crypto-assets.” The threat is still at “could” level — but the FSB underscores “the need for timely and pre-emptive evaluation.” Crypto-assets don’t interact much with the real economy yet — but that’s what they’re warning regulators to watch out for. There’s a whole section about Facebook’s Libra — er, “global stablecoins”. If you’re in crypto and want to know why regulators are all up in your business lately, blame Facebook. [FSB, PDF]

 

 

Baby’s on fire

Digiconomist estimates Bitcoin mining’s total power usage in 2021 as 134 terawatt-hours. The International Energy Association puts the total world electricity consumption in 2021 at 26,444 TWh. So in 2021, Bitcoin mining used 0.5% of the energy consumption of the entire world. A pet rock would use much less power, and for only seven less transactions per second. Note that Bitcoin’s daily power consumption is way up — the rate right now, over an entire year, would add up to 204 TWh. [Digiconomist; IEA; Digiconomist]

Bitcoin incentivises renewable energy — where “incentivises” is a word meaning “absolutely doesn’t actually do this at all in reality”. Like how “blockchain could” means”blockchain doesn’t.” Back in the real world, what Bitcoin incentivises is … restarting obsolete fossil fuel plants. [Guardian]

The EPA tackles the US crypto mining industry’s habit of restarting fossil fuel plants — if the financial regulators won’t do anything about bitcoin mining, the EPA sure can. Specifically, the power plants have been banned from adding further coal ash to existing toxic waste disposal sites. With quotes from me. [E & E News]

The European Union has been working on MiCA (Markets In Crypto-Assets) guidelines for a few years now, to take effect as of 1 January 2025. The Socialist, Green and Left Party groups, particularly from Germany, have proposed restricting proof-of-work crypto mining. Stefan Berger of the centre-right EPP, who’s running the MiCA process, considers it a bill to regulate assets, and not somewhere for technological details — but he thinks this new proposal is likely to go through. I can’t find the actual proposal text — anyone? [BTC-ECHO, in German; Yahoo! News]

Kazakhstan increases taxes on crypto miners from 1 tenge (0.23c) to 5 tenge (1.2c) per kWh. Marat Sultangaziev, First Vice-Minister of Finance, proposes taxes on crypto mining equipment — whether running or not — and removing the VAT exemption on computing equipment from mining hardware. [KazInform, in Russian; The Block]

Zhejiang Province in China is still trying to get rid of its crypto miners. Schemes include a power surcharge of seventy-nine cents per kWh. [CoinDesk]

 

 

Putta block

Kickstarter sort of backs down from its “blockchain” plans — though without the bit where it meaningfully backs down from anything. But the company hopes not to completely alienate the project founders and funders the company relies on. [blog post]

Kickstarter COO Sean Leow talks to Comics Beat about the blockchain controversy. Leow appears to have no idea what any of this is, and has no answers to the obvious questions that the company’s entire C-level would have been expected to ask — such as “what does this in fact do better than not doing it this way?” [Comics Beat]

 

 

New facts emerge

What happens when you actually try to use a blockchain for your CBDC — Eastern Caribbean Bank DCash is still offline, since 14 January, as they try to upgrade Hyperledger. Bitt Inc., who built DCash, also run the eNaira in Nigeria. [Bloomberg]

I’m shocked, shocked to hear that when you try to get your capital out of crypto lender of flawless repute Celsius, they suddenly need more KYC. Send them a video of yourself eating a bug. “I hastily submit the requested info. They still haven’t answered until now.” [Reddit]

Ken Kurson, founder of half-dead crypto news site Modern Consensus, was charged with cyberstalking, pardoned by President Trump, then charged again at state level by New York. Anyway, Kurson’s taken a plea deal with a minimal penalty, which knocks the original felony charges down to misdemeanors. [Law And Crime]

Celebrity PR guru Ronn Torossian achieved the public relations failure mode of becoming the story when he took on Bitfinex/Tether as a client in late 2017, and saw what happened when you try to treat the finance press like the gossip press. He’s become the story again, with the tale of how he bought PR industry news site Everything-PR in 2014, used it to defame his competitors, and denied he was running the site. [AdAge, archive; Crain’s]

Galt’s Gulch, but on the blockchain, yet again — Antony Welch owns Latoro Island in the Vanuatu archipelago. He’s now trying to sell shares in it to 21,000 bitcoiners, claiming it will be a regulation-free tropical paradise as “Satoshi Island.” Welch previously tried to sell the island in 2017. [Guardian; YouTube, 2017]

 

 

Hot takes

Hilary Allen: “I just posted my new essay, DeFi: Shadow Banking 2.0? TL;DR: DeFi is neither decentralized, nor very good finance, so regulators should have no qualms about clamping down on it to protect the stability of our financial system and broader economy.” [SSRN]

This essay is good, and also much more understated in its descriptions and prescriptions than I would have been. Also, the DeFi pumpers are shrieking like stuck pigs at the essay, which is a considerable number of points in its favour.

Still my favourite commentary on Solidity, which from now on I’m calling JavaScript With A Concussion. But this is from 2017 — I’m sure that every one of these issues has been fixed by now, five years later. [Hacker News, 2017]

 

 

 

 



Become a Patron!

Your subscriptions keep this site going. Sign up today!

2 Comments on “News: OpenSea phishing attack, BitMEX execs plead guilty, 2016 DAO hacker maybe found, Cryptsy indictment”

  1. “Solidity, which from now on I’m calling JavaScript With A Concussion”—wait, JavaScript with a concussion isn’t just JavaScript?

    (If you’re coding something where security is more important than stability, maybe use something obnoxiously failsafe like Rust or Swift rather than something that just silently eats as many coding errors as possible.)

    1. There are all manner of proposals for better languages, including on the EVM! But Worse is Better, so they went for something designed to help mediocre JS coders become mediocre JSWAC coders.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.