Study: Criminals Target Defi Platforms, Steal More Than $67 Million in February Alone

March 9, 2024 Bitcoin.com

CertiK confirms OrdiZK exit scam, $1.4 million stolen

March 6, 2024 The Crypto Briefing

Creator of Mutant Ape ripoff NFTs pleads guilty to $3M fraud scheme

November 15, 2023 Coin Telegraph

Creator of Mutant Ape ripoff NFTs pleads guilty to M fraud scheme

The French developer of the Mutant Ape Planet NFT collection faces up to five years in prison after pleading guilty to wire fraud charges.

The creator of the Mutant Ape Planet nonfungible token (NFT) collection — a knock-off of Yuga Labs’ Mutant Ape Yacht Club project — has pleaded guilty to conspiracy to commit wire fraud in a New York federal court.

In a Nov. 14 statement, the U.S. Attorney’s Office for the Eastern District of New York said French national Aurelien Michel pleaded guilty to executing a “rug pull” and admitted to defrauding investors out of $3 million in connection with the fraudulent Mutant Ape Planet NFTs.

Nonfungible Token (NFT) Developer Pleads Guilty to an International Scheme to Defraud NFT Purchasers

Aurelien Michel Conspired to Steal From Purchasers of “Mutant Ape Planet” NFTs Through False Promises and Misrepresentations@HSINewYork @IRSCI_NY https://t.co/K3CzIb8dQD
— US Attorney EDNY (@EDNYnews) November 14, 2023

According to Department of Justice (DOJ) prosecutors, Michel and his co-conspirators marketed the NFTs to investors by falsely promising them rewards and benefits designed to increase the demand for the collection.

Prosecutors said Michel and his associates “intentionally failed to deliver on these promises, diverting millions of dollars’ worth of proceeds for their personal benefit.”

“While Michel purported to sell dream NFTs backed with rewards and benefits, he defrauded investors, turning their dream into a nightmare of deception and losses,” said Thomas M. Fattorusso, special agent in charge of IRS criminal investigation in New York.

“There is no excusing this kind of greed, and today’s guilty plea brings Michel one step closer to realizing his own nightmare — behind bars.”

Michel was arrested in New York on Jan. 4, 2023, on charges related to the scheme. The DOJ said on Jan. 5 that Michel admitted to the NFT collection’s community via a social media chat that he perpetrated a rug pull and said “we never intended to rug but the community went way too toxic.”

Upon sentencing, Michel faces a maximum sentence of five years in prison and has agreed to pay $1.4 million in restitution.

The Mutant Ape Planet collection — which has since been removed from the NFT platform OpenSea — once consisted of 6,797 NFTs minted on the Ethereum blockchain.

In February 2022, it boasted more than 320 Ether (ETH) in sales volume, which dropped significantly by April 2022, two months later.

*Sales of the Mutant Ape Planet NFT collection between Jan. 2022 to Jan. 2023. Source: OpenSea*

By January 2023, around the time of Michel’s arrest, the average price and total sales volume of the collection had cratered to near zero.

Magazine: I spent a week working in VR. It was mostly terrible, however…

Astrology NFT project ‘Lucky Star Currency’ rugged for over $1m – Certik

October 9, 2023 Coin Telegraph

Astrology NFT project ‘Lucky Star Currency’ rugged for over m - Certik

Blockchain

The deployer account for LSC drained over $1 million in tokens from the project, then swapped them to BUSD using PancakeSwap.

The astrology-themed NFT project Lucky Star Currency (LSC) has performed an exit scam for over $1 million, according to an October 9 report from blockchain security firm Certik.

The project’s deployer account called the ‘withdrawToken’ function on both the NFTMerge and AdwardCenter contracts, removing over $1 million in LSC from them. These tokens were then swapped for Binance USD (BUSD) stablecoin and sent to another account.

#CertiKSkynetAlert

We can confirm an exit scam on @AstrAstrol75591 LSC token

Bsc: 0x2b3559c3DBdB294cbb71f2B30a693F4C6be6132d

EOA 0x9Ef withdrew LSC tokens from the AwardCenter contract. Tokens were then sold for $1.1mhttps://t.co/sy7vFfqhf5
— CertiK Alert (@CertiKAlert) October 9, 2023

Lucky Star Currency is a project that focuses on NFTs and claims to be founded by astrologists. Its contracts include an Award Center and NFT Marketplace. It is marketed towards the Chinese crypto investment market. The team promotes the project on X (formerly Twitter) under the username @AstrAstrol75591. It also has a Telegram channel. As of October 9, the project’s website and user interface are offline.

Before the alleged rug, Lucky Star Currency was heavily promoted on the Chinese news app Toutiao and Q&A platform Zhihu.

At approximately 02:52 a.m. UTC, BNB Smart Chain address 0x9Ef72Ee68a7c841986A0C60e0FDbAE4e27446Deb removed over 1.6 million LSC from the AwardCenter contract for Lucky Star Currency. In a second transaction, an additional 1.4 million LSC was drained from the project’s NFTMerge contract. After draining funds, the attacker swapped them for over $1 million in BUSD via Pancake swap and then sent them to account 0x23f8c805306Bf27AB8bf3cEbEce4B778acfFd896. This account has been receiving BUSD from various sources for the past 82 days, implying that there may be more than one scam depositing funds to it.

According to Certik, the contracts that were drained have been listed on Telegram as the project’s official contracts.

*Admin Telegram post stating the official addresses for LSC contracts 'NFTMerge' and 'AwardCenter.' Source: Certik.*

In addition, blockchain data shows that the attacking account is the deployer for the AwardCenter contract.

The company that promoted the project claimed to have an office in Shenzen City, China.

*Lucky Star Currency office, Shenzhen, China. Source: Certik, Telegram*

Rug-pulls from Chinese projects have become a recurring problem in the Web3 space. Running a centralized cryptocurrency exchange is illegal in the country. Because of this, users who deposit to a Chinese protocol that has centralized elements may risk having their funds confiscated by police.

Over $100 million were lost in July when the China-based Multichain protocol drained all of its users' funds into an attacker’s account. The team alleges that police have arrested their CEO, but victims still search for answers as to what happened to their funds and how they can be reimbursed.

Pond0x DEX claims $100M in trading volume as critics allege it’s a scam

September 29, 2023 Coin Telegraph

Pond0x DEX claims 0M in trading volume as critics allege it’s a scam

base network

Pond0x reported that its DEX reached $100 million in cumulative volume, citing a Dune dashboard as evidence.

The Pond0X decentralized exchange (DEX) has reached more than $100 million in total trading volume, according to a September 28 social media post from its official channel. Investors previously lost over $2 million in the launch of the exchange’s native token, PNDX, when the coin turned out to have a transfer function that allowed anyone to transfer it without the owner's permission. But supporters claim these losses were not the fault of the developer.

$108,000,000 Trade Volume ✅

And counting.

What comes next…?

pic.twitter.com/lpetFqJAkq
— Pond Coin (@Pond0x) September 28, 2023

As evidence for Pond0X DEX’s trading volume, the official channel cited a Dune dashboard created by user mogie, which shows over $111 million in all-time trading volume as of September 29.

*Total volume metric for Pond0X. Source: @mogie Dune channel*

The PNDX token launched on July 28. At the time, critics accused the project of being a “rug-pull” or exit scam. At issue was the unorthodox way that the project’s founder, Jeremy Cahen (also known as “Pauly”), launched the coin. In the launch post on X (formerly Twitter), Cahen posted the URL to an app that allowed people to deposit a fixed amount of Ether (ETH) to receive a fixed amount of PNDX. He also posted the contract address for the token.

In response, some investors started buying the coin on Uniswap, using its contract address to identify it, while others deposited ETH into the app to receive PNDX. The price on Uniswap quickly rose above that of the ETH needed to mint PNDX, so minters started selling their coins into the market at a profit. Critics claimed that this process transferred over $2 million of wealth from those who bought the coin on Uniswap to those who minted it using the app. The ETH deposited through the app went into a contract that contained no means of reclaiming the funds, leading critics to allege that the whole project was intended to drain funds from investors and send it to Cahen.

In addition, coding experts began claiming that the token lacked a normal transfer function. Instead of only allowing the token owner to transfer it, PNDX allowed anyone to transfer tokens. This meant that each PNDX owner could lose their tokens at any moment, since any programmer could “steal” their PNDX using developer tools. On July 29, Solidity enthusiast and blogger sm-stack claimed they ran a test in Foundry that proved this point.

However, more than two months after the project’s launch, it continues to garner hundreds of supporters on Twitter, with replies to official posts routinely saying such things as “FEELS GOOD MAN” and “Best DEX, don’t see a reason for people to use other tbh.”

Best DEX, don’t see a reason for people to use other tbh
— Lemur (@OGLemur) September 28, 2023

On July 29, crypto trader and blogger Antony Williams claimed to have read the app’s smart contract code and determined how it works. According to him, Pond0x is “fundamentally an LP Farm” and not a complete scam. The app issues each user an ID that determines the user’s share of a pool of Pepe (PEPE) tokens. Users can increase the Pepe rewards they are entitled to by calling the “BribeforLevelUp” function. To call this function, the user must deposit 0.26 ETH. This ETH is used to purchase Pepe tokens, which then get deposited into the pool to pay out rewards. The exchange also issues a “Score” to each user. Higher scores represent more potential rewards from trading fees collected, all other factors being held constant.

Williams did not say these rewards could be claimed immediately, but asserted that the developer “likely” has the intention to pay them out at some point in the future. He also claims that the PNDX token “is essentially valueless,” which may have been created ithis way “to avoid legal complications.”

The project launched its decentralized exchange on September 1. According to the Dune dashboard cited above, this DEX has now reached over $100 million in trading volume, showing that at least some traders are undeterred by Pond0X criticism.

3 reasons why Pepe price will continue to fall in September

September 10, 2023 Coin Telegraph

Coin Telegraph

A mix of on-chain, fundamental, and technical indicators hint at a continuing Pepe price decline ahead.

Pepecoin (PEPE) price has crashed nearly 85% from its record high of $0.00000448 in May 2023. What's more, its bearish momentum is likely to continue in September.

Back-to-back Pepecoin security breaches

Pepecoin has suffered two concerning security breaches in the last two weeks.

First, on Aug. 24, Pepecoin's rogue founding team members transferred $16 million worth of PEPE tokens to exchanges to potentially sell them. That created concerns across the community about a potential "rug pull scam," causing a 30% decline in the PEPE market.

Then, on Sep. 9, Pepecoin's official X (aka Twitter) handle confirmed that an anonymous entity dubbed "lordkeklol" had hacked their accredited Telegram channel.

❌❌ $PEPE Announcement❌❌

The old telegram for $PEPE is hacked and no longer in our control. The “lordkeklol” account has been compromised. Whoever has gained access to this account is using it to push scams and deceive people and launch other coins. This person is lying and… pic.twitter.com/jxlYwoSP1Q
— Pepe (@pepecoineth) September 9, 2023

PEPE price has dropped over 12% since the news, hinting that the back-to-back security breaches have eroded investors' confidence in the memecoin project.

Pepe whales exit

More evidence about Pepecoin's investors leaving the project comes from the token's supply distribution data.

Notably, addresses with a balance between 100 million and 1 billion PEPE (the blue wave in the chart below) control the token's maximum circulating supply — about 96.5% of it. The supply held by this cohort has dropped substantially since the "rug pull" concerns emerged.

*PEPE supply distribution among addresses holding more than 1,000 tokens. Source: Santiment*

This whale departure from the project could further erode buying sentiment in the PEPE market.

Descending triangle breakdown

From a technical perspective, PEPE has entered the breakdown stage of what it appears to be a descending triangle pattern.

A descending triangle in a downtrend is looked as a bearish continuation pattern. The pattern resolves when the price breaks below its lower trendline and falls by as much as the height between the triangle's upper and lower trendline.

*PEPE four-hour price chart. Source: TradingView*

As a result of this technical setup, PEPE price risks falling to $0.00000064 in September 2023, down about 12% from current price levels.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

Rogue Pepecoin team members blamed for $16M PEPE multsig withdrawal

August 26, 2023 Coin Telegraph

Rogue Pepecoin team members blamed for M PEPE multsig withdrawal

Coin Telegraph

In an announcement to the PEPE community, it was claimed that three former members stole funds from the project and then handed over full control to the sole remaining member.

The circumstances behind the mysterious $16 million withdrawal from the Pepecoin (PEPE) project’s multisig wallet have seemingly been revealed, with the finger being pointed at three ex-team members who went rogue.

On Aug. 24, the price of PEPE plunged by roughly 15% amid fears of a potential rug-pull after the community spotted that $16 million worth of PEPE was withdrawn from the Pepe multisig wallet and sent to several exchanges.

1/4

1 hour ago, the Pepe multisig wallet, changed the amount of signatures required on their multisig from a 5/8 to 2/8. This comes after sending $15.7 million worth of $PEPE to exchanges.

A breakdown of what we know: pic.twitter.com/bxBxp6Nzqz
— ASXN (@asxn_r) August 24, 2023

Clearing up the matter in an Aug. 25 post on X (Twitter), one of the anonymous founding members behind Pepecoin provided a community announcement from the @pepecoineth account, detailing what they claim had happened.

According to the statement, three team members abruptly stole the funds from the multisig and then abandoned the project completely, leaving it in full control to the sole remaining member.

“The multi-sig was set up to require 3/4 signers present for an approval. Yesterday these 3 ex-team members came back behind my back, logged onto the multi-sig, stole 16 Trillion/ 60% of the 26 trillion multi-sig tokens, and sent them to exchanges to sell.”

“They then removed themselves from the multisig in an attempt to absolve any association to $PEPE, deleting all of their social accounts and leaving me behind nothing but a message stating ‘the multisig has been updated, you are now in full control,’” they added.

an announcement to the $PEPE community:

Yesterday on August 24th, 2023, a series of unexpected transactions took place from the $PEPE multisig CEX
Wallet in which ~16 Trillion $PEPE tokens (worth roughly $15m USD) were transferred to various crypto exchanges (OKX, Binance,… pic.twitter.com/iZmXV1TAvw
— Pepe (@pepecoineth) August 26, 2023

The founding member claimed that the X account and the remaining 10 trillion PEPE in the multsig are now in safe hands, with the funds set to be transferred to a new wallet where “they will safely rest until a use or burn arises.”

It was also asserted that these former members were difficult to work with since Pepecoin launched in April, and had held the project back from progress on its various targets.

Moving forward, the remaining member claimed they will do what’s right for the PEPE community now that the bad actors have gone.

“Since its inception, $PEPE has unfortunately been plagued by inner strife with a portion of the team being bad actors led by big egos and greed,” they said, adding that:

“As I process what has happened, I look forward to a future for $PEPE where I will be able to operate with the community and tokens’ best intention in mind and no negligent team members and locked multisig situation blocking me from doing what is best.”

The telegram group for $PEPE is currently locked down, the old telegram account for the group owner was hacked and the group was taken over. In the process of trying to regain access or make a new one. All official communication for $PEPE will take place via the @pepecoineth… pic.twitter.com/lQFTu02jub
— Pepe (@pepecoineth) August 26, 2023

The reaction was mixed in the comments, with some in support or bullish on the announcement, while others were questioning the truth of these claims.

*Comments on the Pepecoin announcement. Source: X*

At the time of writing, the price of PEPE has increased by 5.7% over the past 24 hours to sit at $$0.000000895278, with a current market cap of $382.7 million according to data from CoinGecko.

Magazine: What do crypto exchanges really do with your money?

Multichain victims search for answers in $1.5B exploit as new evidence emerges

August 23, 2023 Coin Telegraph

Multichain victims search for answers in .5B exploit as new evidence emerges

Bridge

Chinese police may have busted Multichain in a money laundering investigation, but many questions remain, including its CEO’s alleged fake ID.

On July 14, developers of the $1.5-billion Chinese cross-chain protocol Multichain confirmed users’ worst fears. The protocol’s CEO, identified only as “Zhaojun He,” was arrested by Chinese authorities in Kunming on May 21 after months of repeated denials on official communication channels. Also allegedly arrested was Multichain’s core team, which was operating in Shanghai.

It was never disclosed why Zhaojun had been arrested or what the charges were. However, evidence suggests that Multichain funds may have been seized as part of an anti-money laundering operation in the context of a greater crackdown on crypto by Chinese authorities. In addition, an alleged fake ID used by the CEO to register Multichain’s operations only draws more questions.

Multichain co-founder Alfred Xu assured that the development team was doing “just fine” on May 24 | Source: Telegram

Victims demand answers

Despite their previous assurance of decentralization, the Multichain team revealed that the protocol’s multi-party computation servers and private keys were all under the exclusive control of Zhaojun, which were handed over to police. Without access to such items, the protocol had to shut down, and its team members were nowhere to be found.

By the time of disclosure on July 14, $1.5 billion in total value locked on Multichain bridge remains inaccessible. An atte mpt to “rescue” users’ assets earlier that month also resulted in the arrest of Zhaojun’s sister, or so the development team says. Since the arrest began, funds on Multichain have been mysteriously swapped or bridged to unidentified wallets.

Crypto investor ArkRide, who claims to have over $9,000 stuck in the Multichain protocol, founded a victims group shortly after the incident. The group now has over 300 members.

ArkRide tells Cointelegraph that when the group formed, the members did not even know the names of key Multichain executives. Subsequently, one member shared a document from the Singapore government’s Accounting and Corporate Regulatory Authority alleged to be a Multichain business filing. The document lists “He Xiaokun,” a resident of Jiangsu Province, China, as the “Director” of the company. After seeing this document, some allege that “Zhaojun He” is in fact a pseudonym for “He Xiaokun.” (Chinese family names are written first.)

*A Singaporean business filing for the principal business entity behind Multichain.* *Source: Telegram*

Several Multichain victims reached out to Chinese embassies and the police in their home countries in an attempt to get further information, but received no response.

Around the same time as user investigations, they were contacted by the Fantom Foundation, one of the largest users of the Multichain bridge prior to its collapse. Through several Telegram messages, sources at Fantom claimed that it has hired attorneys within China to assist in the recovery process and confirmed Multichain co-founder Zhaojun had been detained by Chinese police.

“We’ve been gathering info from different parties and have contacted a Chinese law firm to get advice moving forward,” the source also claimed that some of the Multichain funds have been frozen by centralized exchanges and stablecoin issuers and that the foundation is attempting to get these funds distributed to victims. When asked about the possibility of a rug pull, the source wrote: “I do not believe the MC team misappropriated funds.”

On July 14, Fantom co-founder Andre Cronje stated that “Multichain was a big blow” to the network, as much of its total value locked consisted of Multichain derivative stablecoins. Stablecoin issuers Circle and Tether have frozen over $65 million in assets associated with the hack, according to blockchain data.

Cointelegraph reached out to the Fantom Foundation for comments but did not receive a response by the time of publication.

In a conversation with Cointelegraph, freelance content creator PJ Krypto claimed that he has lost a full month’s paycheck from a client as a result of his funds getting stuck inside the Multichain protocol. According to him, this happened on Aug. 1, nearly a month after the team had announced that the protocol should not be used.

*Multichain’s user interface gave no warning that it shouldn’t be used. (Aug. 23, 2023)*

After his transfer took an unusually long time, PJ checked Multichain’s block explorer and noticed that it had an abnormally large amount of pending transactions. Alarmed, he then checked the protocol’s social media accounts.

“Nearly, my jaw dropped to the ground when I started reading everything,” he stated, continuing:

“I don’t know, I guess, sometimes, you just kinda get comfortable. You’ve used something before, and it just works. And you get a little lackadaisical, and I think that’s where I got victimized […] the silly thing is, I could have just sent it to a centralized exchange.”

The content creator stated that his paycheck is still stuck in the Multichain protocol. As a result, he has been unable to pay his team for subcontracted work they performed for him in July and will likely have to catch up these payments out of revenue from August. “It was a tough pill for them to swallow. I mean, they have bills, right? And I’m behind now on my bills for my content creation.”

ArkRide lost over $9,000 worth of crypto in Multichain on July 15 under similar circumstances. He expressed relief that his loss from the hack was small and stated that he has met others who fared much worse:

“My amount that I lost on Multichain is not as much as some people that I talked to lost because there were people who lost nearly half a million. I talked to a couple of guys who lost like $100K each, and there were some people who literally couldn’t stand from their beds, they told me they wanted to commit suicide or something like this.”

The investigation continues

The Chinese national ID system reveals concerning information on who is the actual director of Multichain. A Chinese national ID is a 15- or 18-digit number containing an individual’s residing jurisdiction, date of birth and gender.

A query revealed that the individual listed as “He Xiaokun” in Multichain’s Singaporean registration documents was born on May 10, 1955. The same search for “Yang Qiumei,” another director listed on the Multichain registration file, reveals the said individual to have been born on July 20, 1957. Xu Ruduo, the third director of Multichain — possibly referring to co-founder Alfred Xu — registered using a different type of ID. Alfred Xu has been unreachable since the arrest of his colleague.

*The ID search query revealed that “He Xiaokun,” an individual listed as a Multichain director, is currently 68 years old and lives in a village in Jiangsu.* *Source: ID Search*

By inspection, Zhaojun appears far too young to fit the profile of either “He Xiaokun,” age 68, or Yang Qiumei, 66. Both individuals had been indicated as residing in the same address at a rural Chinese village.

A photo of Zhaojun circulated during his participation in the crypto project Fusion, circa 2017, and was previously his profile picture of his official Twitter account. Dejun Qian, co-founder of Fusion, confirmed Zhaojun was in charge of Multichain during the time of the incident. The two were previously involved in a business dispute regarding Multichain, when it was formerly known as Anyswap.

*Zhaojun He as listed in Fusion’s developer team. His biography reads: “M*ore than 10 years of experience in secure Linux R&D. Former technical director of Chinese leading security operating system. Received bachelor of software engineering, Dalian University of Technology.” Source: Fusion

Sources reviewed by Cointelegraph claim that from the very beginning (May 21), Chinese authorities accused Zhaojun of “money laundering” by bridging tainted assets from users via the Multichain protocol. As a result, the police have attempted to seize all protocol assets, user, enterprise or tainted alike, as proceeds of crime. Although some of these seizures were prevented when centralized exchanges or stablecoin issuers froze the funds, the rest have passed into the hands of Chinese authorities, these sources claim.

Wuwei Liang, a former staff member of crypto exchange CoinXP, claims that in 2019, the firm’s entire development team was apprehended by Chinese police, along with the confiscation of protocol funds and shutdown of all relevant operations. Liang Liang, the firm’s CEO, was subsequently charged with operating a “multi-level marketing operation” and a “pyramid scheme,” which could result in the criminal seizure of the projects’ users’ and enterprise’s assets al if convicted.

During the trial this July, some sources claim that key witnesses and defense attorneys were threatened with legal intimidation. A presiding judge also reportedly stated, “Presumption of innocence until proven guilty” is “not a correct principle” within Chinese law. The trial has been adjourned.

CoinXP trial participants allegedly being apprehended by police | Source: Liang Liang

In a similar incident on May 29, Chinese crypto exchange BKEX suspended withdrawals citing the need to cooperate with police on charges of “money laundering.” The exchange has not been active since, and, like Multichain, its team members are nowhere to be found. Social channels, too, have gone cold. Its website is also offline.

*Crypto exchange BKEX’s last message to users before halting withdrawals.*

In yet another incident, the entire development team of offshore Hong Kong dollar and Chinese yuan stablecoin issuer Trust Reserve disappeared in May after its office was raided by police. Local sources say that Trust Reserve developers had been detained. Again, the charges are unknown.

Allegations of corruption

In each of these instances, police have neither informed investors of the charges against protocol developers nor of what process investors can go through to recover their funds. CoinXP’s Liang claims that this is because police are using the legal system as a means of corruption to embezzle investors’ capital for their own benefit:

“Defense lawyers would persuade the parties and their families [of arrested crypto executive] to comply, shut down servers, hand over [private] keys, and cooperate in pleading guilty, claiming that this will result in leniency. Little do they know that this makes it easy for law enforcement to profit from unlawful conduct, ‘legally’ pushing the parties towards prison and, at the same time, ‘legally’ taking away the digital assets that belong to the users, investors and founding team.”

Whatever the reason, the Chinese government has not yet answered investors’ questions of where the funds have gone and why they have not been returned to users.

Users such as ArkRide, PJ Krypto and others in the “Multichain Scam” group have so far been unable to get answers as to where their hard-earned money went. But one thing is certain: The Multichain exploit will go down as one of the worst crypto hacks of 2023. Across the world, Multichain users’ assets have mysteriously disappeared. Although some of the funds may be recovered, many are still experiencing the trauma it caused them.

Cointelegraph Editor Zhiyuan Sun contributed to this story.

Magazine: Should we ban ransomware payments? It’s an attractive but dangerous idea

Tragedy or rug pull? Inside the collapse of a ‘charitable’ NFT project

August 17, 2023 Coin Telegraph

Charity

Orica NFT’s charity efforts have succeeded, but its tokenholders have not, and up until now, its co-founder was nowhere to be found.

Launched in November 2021, nonfungible token (NFT) marketplace Orica held itself up as an “ethical platform” benefitting artists, collectors and charities alike. At the time, the organization was involved in prominent projects — from building a school in Uganda to aiding victims of human trafficking to helping Ukraine.

But less than two years later, the project’s founders have disappeared, and the marketplace’s user interface has gone offline. All that remains are the project’s charity efforts, which proved to be genuine, in tandem with allegations from disgruntled users that the developers orchestrated a rug pull. In a new revelation, co-founder Danial Zey breaks his yearlong silence, not only denying all allegations and insisting the project was “hacked” but also claiming that the project is still ongoing. Cointelegraph investigates.

An ICO amid the bear market

According to initial coin offering (ICO) information site CryptoTotem, Orica ran a fundraiser from Aug. 14 to Sept. 14, 2021. It aimed to raise $3.1 million from the sale of its Orica (ORI) token. In its ICO, Orica promised to earmark 50% of the total supply of ORI for “NFT marketplace rewards.” Another 10% was supposed to be supplied to “advisors and partners,” 15% given to the team and 25% sold to investors. At launch, Aug. 21, 2021, the price of ORI rose to a peak of $3.638 per coin, then fell to $0.036 by Oct. 1, 2022, based on data from Live Coin Watch.

The token no longer has tangible value at the time of publication, and its communication channels appear to have gone cold. A former user, who wished to remain anonymous, told Cointelegraph that the “[NFT] marketplace kind of dried out with not enough people using it and then very quickly everything went kind of offline including their website."

*ORI price chart. Source: Live Coin Watch*

The philanthropy that survived

In late 2021, the firm partnered with Austrian charity project Bbanga to help build a school for children in the Ssese Islands in Uganda. Bbanga commissioned German digital artist Mellowmann to release Uganda-inspired digital art pieces as NFTs, which were then to be sold via Orica’s marketplace. The sale surpassed the $6,500 goal needed to construct the school.

*Mellowmann and Bbanga NFT sold at the Orica auction.* *Source: Orica*

A former Orica staff member, who wished to remain anonymous, told Cointelegraph that “the Uganda school received full payment as this was overseen by Sani, Founder of the Bbanga Project, who was working with Orica at the time." The project released a video this June showcasing that some of the school's buildings had already been built, including a main hall and library.

*The Orica and Bbanga school in Uganda.* *Source: Bbanga*

On Dec. 21, 2021, charity group Hope for the Future also announced that it would be selling NFTs on Orica to fund its efforts. Hope for the Future is another Austrian-based nonprofit that helps victims of human trafficking reintegrate into society after they are rescued from captivity. The charity continues to operate today. Its efforts to help Ukrainian artists also materialized in the REFUGE campaign that ran in March 2022.

*An embroidery NFT "Obra" previously held for sale on Orica.* *Source: Aline Brant*

When prompted on the matter, the former Orica staff member said, “All artists were paid in full." An amount close to $30,000 was raised in conjunction with Orica’s efforts to help Ukraine and was processed by crypto donations processor The Giving Block. In one of the last statements before going cold, Zey wrote: “We donated 10% of the amount we ever made. Our main product is tech that is built to give to people."

And the project that didn't ...

Despite official claims as to why the project went down, blockchain data and user complaints suggest irregularities.

On May 11, 2022, the Polygon version of Orica was deployed as part of its migration from BNB Smart Chain. This version had a total supply of just 84 million tokens, 16 million less than the original Orica token on BNB Chain. The Polygon version of ORI was a “liquidity generator” token with built-in liquidity provider and swap functions. It had the ability to call contracts on the decentralized exchange QuickSwap, which is a fork of Uniswap v2 on Polygon.

On June 4, 2022, an Orica Discord server admin who goes by the name “Plem” told users the migration was complete. According to Plem, users had received tokens on the new chain equal to the ones they held on the previous chain.

*Orica announcing the Polygon migration.* *Source: Discord*

Some users complained that they had not received their tokens. In response, the admin told them to add the new token contract in MetaMask. If they did this and still did not see their tokens, they were asked to submit a support ticket.

But the deployer on Polygon did not directly send tokens to users who held ORI on BNB. Instead, it transferred ownership to a separate account, which proceeded to sell nearly the entire supply of the coin through market-making operations. Zey stated that this second account was not operated by him. Instead, he claimed that a “hacker” stole his deployer key and transferred it. The new owner proceeded to call various liquidity provider and swap functions over the next two months on QuickSwap.

Zey did not report this attack until Aug. 11, 2022, exactly one month after it had occurred. A member of the team had reported 24 days after the “attack” that the migration had been completed. The same day, the new owner transferred an unusually large amount of tokens — 23,187,983 — to address 0x14dd44e1d3f9a173998c53d75622127ce921ccee. After this transaction, the new owner continued to post liquidity provider transactions for ORI tokens until the new owner stopped on Sept. 11, 2022. In a similar Aug. 11, 2022 Telegram message, Zey claimed that his laptop had been hacked and that tokens had been “moved out directly from the deployer.”

On Aug. 12, 2022, Plem announced that the project would be “closing communications” due to a “hard situation that involves massive uncontrollable tokens deployment and selling process.”

*Orica staff stating that they would cease communications. Source: Discord*

In the final message, users were told to send direct messages to Zey if they had questions, referring to the team’s blockchain operations lead. Subsequent messages to the group indicate that Zey has blocked all messages.

*Orica's last message before going dark on Discord. Source: Discord*

*Co-founder Danial Zey’s response to a user inquiry before new messages in the channel were archived.* *Source: Telegram*

On Sept. 11, 2022, the new owner made a final transfer of approximately 150 Polygon (MATIC), worth $133.10 at the time, to address 0xfE3fB1d3C9FBF50b6af3A60b5D070dF68D87b99e. This account had previously received 3,463 MATIC ($3,082 at the time) from the new owner. At the time of publication, 9.9 million ORI ($4,341 at today’s price) remains in the account that was transferred ownership after deployment.

Co-founder’s new revelations

Speaking to Cointelegraph on Aug. 17, 2023, Zey denied the rug pull allegations, stating:

“I think the situation is complex and it is not wise to give out info that we might need to win some of the funds back. About the part with rug pull. We had a team of more than 15 people and we paid them until the end salaries plus we paid for the liquidity , Certik audit and some parts of the development."

“Our tokens were locked," said Zey. “On the blockchain it is also provable that we had several severe attacks on us. We are a charity project but still got hacked," he stated while alleging that hacked funds were laundered through cryptocurrency mixer Tornado Cash, making it impossible to trace. “The few remaining people that worked without any salary like myself are still in this project working patiently behind the scenes but the comeback has to be strong so we can make up for the situation," Zey claims.

Zey did not respond to a request for the hash ID of transactions linked to the alleged Orica hack.

Out of 12 team members listed in the project’s ICO, five have deleted their LinkedIn profiles — Zey, legal counsel Ivan, process manager Karim, IT project manager Pouriya and business development manager Rilwan. The others, save for Zey, were either unreachable or had left Orica by the time of its breakdown.

*The Orica founding team became unreachable after last year.* *Source: CryptoTotem*

A mixed legacy

As of today, most of what remains of Orica is in the brick and stone of a school in Uganda and the artists it has helped.

But also remaining are the tokenholders who never received a proper explanation as to why the project has ceased to exist. Despite breaking his silence, Zey never addressed the reasons for the hiatus, and many questions remain unanswered.

It’s not uncommon to see that investors and co-founders alike build rapport around a project as friends and exit as enemies during its collapse. But for Orica, there was at least a brief moment in which everything seemed to have worked well.

Cointelegraph editor Zhiyuan Sun contributed to this story.

Weekend Wrap: Uniswap dev sacked for alleged rug, Steadefi hacker goes mixing and more

August 14, 2023 Coin Telegraph

certik

Uniswap developer AzFlin has admitted to creating the FRENS token but has argued what he did doesn't constitute a rug pull.

Uniswap dev loses job, was it worth it?

A Uniswap developer known as “AzFlin” has been sacked by the founder of Uniswap Labs, Hayden Adams, for allegedly creating a memecoin and rug pulling it a few hours later for 14 wrapped-Ether (wETH), worth $25,800.

It is understood that AzFlin developed and deployed FrensTech token (FRENS) on Coinbase’s new layer 2 blockchain Base on Aug 12 before selling the tokens raised from the liquidity shortly after.

Adams publicly confirmed the sacking of AzFlin, adding that such behaviour is neither supported nor condoned at Uniswap Labs.

Wanted to let people know this person is no longer with the company.

Not behavior we support or condone. https://t.co/sxVowwIR3Q
— hayden.eth (@haydenzadams) August 12, 2023

The developer has mocked the situation at hand with a series of light-hearted posts along with a new X (formerly Twitter) cover photo.

*AzFlin is making fun of their new unemployment status. Source: X (formerly Twitter).*

AzFlin, however, claims that no rug pull was committed.

“I bought that $FRENS used to provide LP with my OWN money from the dev wallet, so I am entitled to do as I please with it. This FUD is outrageous,” they said on Aug. 12.

Not everyone is buying into AzFlin’s story though, with some applauding Adams’ decision to fire AzFlin for the alleged action:

Hayden Adams' decision to terminate employee AzFlin is highly necessary and demonstrates his commitment to upholding Uniswap's reputation and ethical standards. Developing a meme token and then exploiting access to transfer and sell tokens from the liquidity pool is a morally…
— KEVIL KOLS NETWORK (@KevilCrypto) August 13, 2023

Zuckerberg calls out Musk for dodging cage fight

Meta CEO Mark Zuckerberg says it's “time to move on” from any talks of a potential cage fight between him and Elon Musk, accusing the Tesla CEO of making excuses and dragging his feet on any solid plans.

Zuckerberg explained in an Aug. 13 Threads post that Musk isn’t “serious” about a real fight because Musk has dragged on giving any potential dates for the bout.

“I think we can all agree Elon isn’t serious and it’s time to move on.” Zuckerberg added:

“Elon won’t confirm a date, then says he needs surgery, and now asks to do a practice round in my backyard instead.”

*Mark Zuckerberg’s latest comments on a potential fight with fellow billionaire Elon Musk. Source: Threads*

Zuckerberg — who has helped re-shaped Meta’s investment focus on the Metaverse and artificial intelligence — said that he will be ready for a fight whenever Musk “gets serious” about a real date and official event.

The Meta CEO said he will continue to focus on competing with those who take the sport seriously for the meantime.

Donald Trump holds Ethereum and NFTs

Financial records have revealed that former United States President Donald Trump owns between $250,001 to $500,000 in Ethereum (ETH).

The statement, which was filed to the United States Office of Government Ethics on April 14, lists “cryptocurrency wallet (Ethereum)” as one of Trump’s investments, according to the 82-page form.

*Donald Trump's public financial disclosure report. Source: U.S. Government*

The investment may possibly be linked to Trump’s several nonfungible token (NFT) collections which have hit the market on several occasions between 2022 and 2023.

Trump’s NFT venture is expected to rake in between $100,000 and $1 million, according to the financial statement.

Despite the cryptocurrency and NFT investments, the billionaire businessman has voiced his skepticism towards the industry in the past, labeling Bitcoin (BTC) as a “scam” and cryptocurrencies more broadly as “potentially a disaster waiting to happen” in Aug. 2021.

Trump is once again in the running to become the next U.S. President in the upcoming 2024 Presidential Election.

Steadefi hacker turns to Tornado Cash

The exploiter of decentralized finance protocol Steadefi has transferred 100 Ether (ETH), worth about $185,000 to cryptocurrency mixing protocol Tornado Cash, according to blockchain security firm CertiK.

CertiK explained on Aug. 13 that the hacker still holds $786,000 (424 ETH) connected to the Steadefi exploit, which took place on Aug. 7.

#CertiKSkynetAlert

We have seen EOA 0xe10d deposit 100 ETH (~$185K) into @TornadoCash.

The EOA, which still holds 424 ETH ($786k), is connected to the exploit on @steadefi on August 7.

See more on Skynet https://t.co/4HOEg2PJ1k
— CertiK Alert (@CertiKAlert) August 13, 2023

A total of $334,000 was drained directly from Steadefi, with total losses amounting to over $1.1 million, according to some estimates.

Tornado Cash has served as a tool for hackers attempting to obfuscate the money trail and cash out the stolen funds.

On Aug. 8, 2022, the United States Office of Foreign Asset Control (OFAC) sanctioned Ethereum and USD Coin (USDC) addresses connected to the privacy tool.

Also making news

United States Senator Cynthia Lummis has filed an amicus brief supporting Coinbase’s motion to dismiss its lawsuit against the U.S. Securities and Exchange Commission. Lummis says the SEC is unrightfully pushing to obtain “primary influence” over the cryptocurrency sector at a time where much regulatory consideration needs to be taken by Congress.

Decentralized finance platform Curve Finance has officially stated on Aug. 11 its intention to reimburse users impacted by the recent hack resulting in $62 million of losses on July 30. The firm has already managed to retrieve 79% of the funds thus far.

Magazine: Girl Gone Crypto thinks ‘BREAKING’ crypto news tweets are boring: Hall of Flame

Rug Pull