- Cold Storage
- Posts
- 🔥 DeFi Meltdown: Curve Finance Bleeds $47M in Shocking Exploit!
🔥 DeFi Meltdown: Curve Finance Bleeds $47M in Shocking Exploit!
Curve Finance hit with a $47M exploit, UK gang's Coinbase laundering scheme busted, XRP lawyer's Twitter hijacked (Beware!), and SEC fines Quantstamp (Yikes!). Buckle up, it's a wild ride in the crypto world!
Hold on to your keyboards, folks, because the crypto rollercoaster just took a sharp turn. From a $47M exploit shaking Curve Finance to the core, to a UK gang's Coinbase laundering scheme going belly up, and an XRP lawyer's Twitter getting hijacked - it's a wild, wild west out here.
Curve Finance Takes a Hit: $47M Exploit Sends Shockwaves Through DeFi
Well, folks, the DeFi world was shaken to its core today as Curve Finance, a prominent decentralized exchange (DEX) for stablecoins, fell victim to a major exploit. The losses are currently estimated at a staggering $47 million.
A number of stablepools (alETH/msETH/pETH) using Vyper 0.2.15 have been exploited as a result of a malfunctioning reentrancy lock. We are assessing the situation and will update the community as things develop.
Other pools are safe.
— Curve Finance (@CurveFinance)
4:45 PM • Jul 30, 2023
The exploit targeted several stable pools on Curve Finance that were using Vyper, a contract-oriented programming language that targets the Ethereum Virtual Machine (EVM). The versions 0.2.15, 0.2.16, and 0.3.0 of Vyper were found to be vulnerable due to malfunctioning reentrancy locks, which are supposed to prevent multiple functions from being executed simultaneously by locking a contract.
The attack affected a number of DeFi projects. Ellipsis, a decentralized exchange, reported that some of its stable pools with BNB were exploited using an old Vyper compiler. Alchemix's alETH-ETH pool saw an outflow of $13.6 million, JPEGd’s pETH-ETH pool lost $11.4 million, and Metronome’s sETH-ETH pool was drained of $1.6 million. Curve Finance's CEO, Michael Egorov, confirmed that over $22 million worth of CRV tokens had been drained from the swap pool.
phishing, please ignore twitter.com/vyperlangs/sta…
— Vyper (@vyperlang)
5:41 PM • Jul 30, 2023
The exploit sent shockwaves through the DeFi ecosystem, triggering a flurry of transactions across pools and a rescue operation by white hats. The Curve DAO token (CRV) took a hit, declining over 5% in reaction to the news.
This is not the first time Curve Finance has been targeted. Just a few days ago, its omnipool platform, Conic Finance, was exploited for $3.26 million in Ether. The DeFi sector has been under siege with multiple attacks over the past months. In the second quarter of 2023 alone, over $204 million was swindled through DeFi hacks and scams.
The moral of this story? Even the giants can fall, and in the wild west of DeFi, vigilance is key. Stay safe out there, folks. (Read more: https://cointelegraph.com/news/curve-finance-pools-exploited-over-24-reentrancy-vulnerability)
Crypto Laundering 101: Drug Gang Gets Slammed for Using Coinbase in Prison
Well, sh*t. Here's a wild tale that's got all the flavors of a crime thriller! A gang in the UK, dealing in everything from cocaine to ketamine, was nabbed after it got a little too clever with its money laundering techniques.
These guys were running a £4.6 million ($5.2 million) drugs operation and thought they'd found the perfect way to clean their dirty money: Coinbase. Yeah, you heard that right.
The gang leader, a 30-year-old named Amir Khan (no, not the boxer), converted a cool £1.65 million ($2.1 million) of the ill-gotten gains into crypto. Now, the judge is scratching his head because a chunk of the money might be impossible to recover.
From top left: Leon Sullivan; Darryl Skym; Matthew Dean and Callum Richards were all jailed
To add a little spice to the story, there's a love angle too. Khan's co-leader, 26-year-old Joshua Billingham, was guiding his girlfriend, Stacey Challenger, through the operation. But the defense's "she's just a naive girl" argument didn't hold water with the judge.
The couple's home was raided and the cops found a money-counting machine, designer clothes, and a Range Rover. "What was a money counter doing in your possession? You were unemployed and living with a man who had no job," the judge asked Challenger. Well, that's awkward.
In the end, Khan got slapped with a 20-year sentence and his buddy Billingham got 14 years. Challenger, however, got off relatively easy with just one year.
The moral of the story? Crime doesn't pay... especially if you're trying to launder money through a crypto exchange while in prison! (Read more: https://protos.com/drug-gang-used-coinbase-to-launder-crypto-from-prison/)
XRP Army Alert: Pro-XRP Lawyer's Twitter Gets Jacked, Don't Bite That Bait Link!
Oh boy, looks like even the big shots aren't safe in the wild west of crypto. Jeremy Hogan, a lawyer who's a big name among XRP fans, got his Twitter account hijacked. The hacker, playing the role of a generous Santa Claus, said he'd double any XRP tokens sent to a specific wallet address.
AND... I have finally regained control of my X-Twitter Account! THANK YOU!
I'm pissed about the scam posts, and very sorry for the people who might have lost money.
BUT, I'm also thankful for the concern and help.
I will be posting intimate photos later, to prove it's me.
— Jeremy Hogan (@attorneyjeremy1)
11:16 AM • Jul 29, 2023
The tweet also dangled the carrot for BTC and ERC20 tokens. This isn't the first time we've seen this kind of scam. Remember when Obama and Biden's Twitter accounts were hacked with the same kind of Bitcoin bait? Elon Musk, the current Twitter CEO, also sent out a similar tweet that screwed over thousands of crypto investors.
Some examples of previous twitter scams from large accounts.
It's interesting that Hogan's Twitter was hacked after his posts got a lot of attention following the positive outcome of the XRP case. This just goes to show that as soon as you get a bit of fame in the crypto world, you become a target.
So remember, if it looks too good to be true, it probably is. Don't fall for these scams, folks. Keep your crypto safe and don't send it to any random wallet addresses. And remember, the losses from any bad decisions you make are on you, so do your homework before diving into any investment. (Read more: https://cointelegraph.com/news/xrp-lawyer-jeremy-hogan-scam-twitter-account-hack)
SEC Slaps Another Altcoin With Charges, Quantstamp Left Counting the Cost
Well, folks, the SEC is at it again! They've decided to play hardball with yet another altcoin company. This time, it's Quantstamp's turn in the hot seat. For those of you who've been living under a rock, Quantstamp is a blockchain security firm that got in trouble for their 2017 initial coin offering (ICO).
Looks like the SEC wasn't too happy about it, accusing them of conducting an illegal ICO. The cherry on top? Quantstamp didn't register its ICO as required by federal securities laws. Classic rookie mistake, guys.
Quantstamp, however, decided to take it on the chin and settle the charges without admitting or denying the SEC's findings. The cost? A casual $1,979,201 indemnity, $494,314 in pre-assessment interest, and a $1 million civil penalty. Ouch. That's gotta hurt the pocketbook.
They've also agreed to return the remaining QSP tokens to any investors claiming them and to register the QSP as a security under the Securities Exchange Act of 1934.
So, let this be a lesson to all you crypto newbies out there - always, and I mean always, play by the rules, or you'll end up in the SEC's crosshairs. Not a fun place to be. (Read more: https://blockworks.co/news/quantstamp-sec-securities-violations)
What did you think of this weeks edition? |