The biggest crypto scams of 2022 (so far)


Ah, 2022. Cryptocurrency’s first full year in the mainstream…and it was an unmitigated disaster. But even amid crypto’s biggest crash yet, the scams flourished.

And while the value of cryptocurrency stolen is stunning, not everything is solely about the money. Last year, Mashable looked into the biggest crypto scams of 2021. Yes, some big bucks were being funneled via various scams and schemes included on that list. However, sometimes the audacity and uniqueness of these scams and hacks — perpetrated by people who only walk away with six figures worth of stolen crypto — are worth mentioning, too.

So, without any further ado, here are some of the biggest and boldest frauds, swindles, and rackets in cryptocurrency from 2022 thus far.

Celsius’ crypto pyramid comes tumbling down

When the stablecoin Terra and its sister token Luna failed in May, it created a domino effect that took down the whole crypto market with it. Crypto lending companies in turn took a huge hit in the crypto crash. Celsius, formerly one of the largest crypto lenders, ended up filing for bankruptcy.

Things were already fishy when some Celsius clients began reporting they couldn’t withdraw their funds in June. The now-former Celsius CEO Alex Mashinsky tried to calm fears by saying the company was not halting withdrawals. But then just days later, Celsius froze everyone’s accounts.

Critics say that Celsius’ promise of ridiculously high yields should have already been a warning sign that things were too good to be true. However, as more information comes to light in the aftermath, it seems increasingly likely that Celsius functioned much like a Ponzi scheme, paying off early investors with funds that came in from recent investors.

In fact, that’s basically what regulators with the Vermont Department of Financial Regulation said.

“This shows a high level of financial mismanagement and also suggests that at least at some points in time, yields to existing investors were probably being paid with the assets of new investors,” reads a September filing from the agency.

Thus, when the crypto market crashed, Celsius ran out of liquidity.

According to Celsius’ bankruptcy filings, the crypto lender owes around $4.7 billion to its investors.

Ukraine rug pulls donors (for good reason!)

One of these scams is not like the others and it’s this one: When the government of Ukraine rug pulled its donors. However, it needs to be included because it’s honestly so great: a rare “good” scam.

In February of 2022, shortly after Russia invaded Ukraine, the Ukrainian government quickly decided to accept donations in the form of cryptocurrencies to take advantage of the big pockets in the crypto space who are always looking to pump their coins and generate good press. 

While a decent number of donations came in at first, the crypto started to pour in after Ukraine announced an airdrop to those who donated via the Ethereum network. An airdrop is basically when crypto wallet holders are sent freebies, usually in the form of crypto tokens or NFTs. As Ukraine put it, they were essentially sending donors a “reward” for donating.

Enter the bad-faith actors. People started sending a slew of crypto donations to Ukraine to take advantage of the airdrop. Around 60,000 transactions were made on the Ethereum blockchain to Ukraine in less than 2 days. According to Ukrainian officials, individuals started to send minuscule sums of money just so they could register in time to receive the airdrop. Ostensibly, these individuals were looking to profit off of a country in wartime by receiving a “reward” more valuable than whatever they donated to flip the freebie for quick profits.

Ukraine decided to cancel the airdrop, just days after it was announced. Some donors who were looking for those profits cried “scam.” And, technically, this is what’s known as a rug pull. A rug pull is when a crypto developer makes promises to raise funds, then abandons the project while walking away with all the liquidity.

But, this is a truly unique situation. Ukraine was trying to fundraise, thought they’d thank donors who meant well, then pulled the plug when they realized people were trying to take advantage of the situation. The donations still went to a charitable cause though.  So, let’s call this a rug pull for good. And that’s why it’s at the top of the list.

Users “loot” Nomad bridge thanks to exploit

Crypto bridge hacks are nothing new at this point. According to blockchain analytics firm Chainalysis, hackers have managed to haul in around $2 billion in 2022 alone by exploiting bugs on these bridges, which allow users to exchange one crypto token for another across separate blockchains. Crypto bridges are supposed to make things easier when trading between crypto tokens, but they’ve also made things a lot easier for hackers due to the potential for vulnerabilities.

In August, hackers discovered one such vulnerability on the Nomad crypto bridge and were able to walk away with close to $100 million thanks to their efforts. That’s a lot of money, but certainly nowhere close to the largest amount of crypto stolen from a crypto bridge.

However, it didn’t end there. The Nomad bridge hack was unique because the exploit leaked to the public before it could be patched. This led to a situation where multiple people decided to join in on the “looting” of the Nomad bridge. In total, $186 million was pilfered from the Nomad bridge. 

Researchers at Coinbase later discovered that around 90 percent of the crypto wallet addresses taking part in the hack were “copycats” who were replicating the original hackers’ exploit after it was publicized.

 

Some of the millions of dollars in crypto stolen was eventually returned by white hat hackers and people who later realized their crypto wallet address was connected to enough personal data that they could be identified. But that recovered crypto only amounted to less than 5 percent of the total haul.

Wormhole bridge hacked for $325 million

As mentioned previously, crypto bridge hacks are becoming more and more frequent. While the Nomad hack was unique, the $186 million stolen pales in comparison to the $325 million taken in February from the Wormhole crypto bridge.

The attacker was able to mint 120,000 in “wrapped” Ethereum on the Solana blockchain via the Wormhole bridge. (Wrapped crypto, for the uninitiated, is essentially a way to peg the amount of crypto to the current value, making it easier to trade when bidding on NFTs for example.) However, the Wormhole bridge exploit allowed the hacker to mine those tokens without depositing the equivalent amount from their own funds. Basically, the hacker was able to print money out of thin air here due to a vulnerability on the Wormhole crypto bridge.

Wormhole’s developers ended up having to temporarily shut the crypto bridge down in order to close the exploit. But by then, of course, it was too late. $10 million was offered as a bounty to the hacker if they returned the rest of the funds. But, being that $325 million is a lot more than $10 million, the offer wasn’t accepted.

Axie Infinity hacked, $615 million stolen

Would you notice if someone stole $615 million from you? Sky Mavis, the company behind the most popular crypto game Axie Infinity sure didn’t!

In March, hackers discovered an exploit on the Ronin blockchain, which is the Ethereum-based sidechain that Axie Infinity runs on. To make matters worse, the exploit was a result of what was supposed to be a temporary change initiated by Sky Mavis in December that lowered security protocols. Things weren’t reverted and the hackers were able to take advantage of the situation just months later.

How did Sky Mavis finally discover they were missing hundreds of millions of dollars? A user tried to withdraw their funds and was unable to because the liquidity was no longer there.

Axie Infinity is a play-to-earn crypto game that requires users to purchase expensive NFTs before playing. Once they acquire those NFTs, they can then earn real money in the form of crypto from playing the game. However, due to the high cost of entry, users who can’t afford the NFTs often find themselves wrapped up in exploitative “scholarships” that require them to split the profits with other users who lend out these high costs NFTs that are needed to play.

Nonetheless, in countries like the Philippines, play-to-earn games like Axie Infinity have become popular as users can earn the equivalent of an average salary in their country. Those users, unfortunately, found out that their earnings were inaccessible due to the hack.

Axie Infinity has since raised $125 million to reimburse its users for stolen funds. But, that’s a far cry from the $625 million they lost. As for that money, they’re likely never going to get that back. The U.S. government believes that the hack was carried out by a group based in North Korea.

Day of Defeat, red flags everywhere

Does an investment that promises a 10,000,000 x price increase sound too good to be true to you? No, my zero key did not get stuck. That’s exactly what the Day of Defeat token promised. And plenty of people bought in.

Molly White is the creator of Web3 Is Going Great, a website that tracks all of the scams and grifts in the space daily. When I reached out to her to see what crypto scams stuck out to her so far this year, she pointed me to Day of Defeat. She called it one of the projects with “some of the biggest red flags I’ve ever seen.” And she’s seen a lot.

The developers of Day of Defeat called the project a “radical social experiment” that was “mathematically designed to give holders 10,000,000X PRICE INCREASE.” On top of that, they touted a “Mystery Plan” (come on!) that would be rolled out in June of next year that would further see the price of the token increase by 1,000,000. In a FAQ on the Day of the Defeat website, they answered a question concerning their access to the pool of funds, which they said they would “promise” not to redeem. A promise!

Well, guess what? It appears that they broke that promise. In May, the project rug pulled after $1.35 million was pulled out, causing the token’s value to drop by more than 96 percent. As Molly pointed out, it’s unlikely even the people who made off with that $1.35 million did not see those crazy returns that were promised. If they did, their investment would’ve needed to be less than 14 cents.

BBC tricked into promoting alleged crypto scammer

Everyone loves a rags-to-riches story. Apparently, the BBC loved this one so much, that they failed to properly look into the individual in question, who traded in his rags for riches by crypto scamming.

In February, the BBC ran an article about a local Birmingham crypto investor, Hanad Hassan. The piece claimed that Hassan put £50 into crypto last year and was able to turn it into millions! That wasn’t all. The article also covered how Hassan wanted to use his newfound wealth to help people within the community.

One problem: The internet was full of people who claimed Hassan had scammed them.

In April 2021, Hassan launched a “charity token” called Orfano. In addition to being a crypto investment, it would set aside 3 percent of the funds to support charity projects. This is a common tactic in crypto rug pulls to make investors feel like they’re doing something legitimate and good with their money. Months later, Orfano abruptly shut down, taking everyone’s investments with them. There was no way for users to withdraw any of their money.

A month later, Hassan relaunched Orfano as OrfanoX and once again did the same thing to new investors in this token. And now the BBC was going to herald his “good fortunes!”

The story is so ridiculous, it was one of the first recommended to me by David Gerard, a cryptocurrency critic and author of the book “Attack of the 50 Foot Blockchain.”. According to Gerard, the BBC not only ran a “puff piece” on the crypto scammer, Hanad Hassan, but they also produced a 30-minute documentary on him titled, We Are England: Birmingham’s Self-Made Crypto-Millionaire. The scheduled airing was only pulled hours before it was supposed to air in February.

While Hassan’s crypto scamming took place in 2021, he pulled the wool over the eyes of the BBC just this year. He essentially scammed them into spinning his story. A scam within a scam. Scamception!

Seth Green’s stolen Bored Ape

Actor Seth Green’s apes were stolen. The Robot Chicken creator had his entire NFT collection lifted from him after Green fell for a phishing scam in May. Green’s NFT losses included his Bored Ape Yacht Club #8398, two Mutant Apes, which is another NFT project by Bored Ape Yacht Club creators Yuga Labs, and a Doodle NFT. 

But, see, Green lost more than just the estimated hundreds of thousands of dollars in the resale value of his NFTs. The actor has been working on a comedic series called White Horse Tavern which features various NFT characters throughout the show. The star of the series, however, is Bored Ape #8398, which Green named Fred Simian.

Bored Ape holders own a license to the IP for their particular apes and can do with them what they’d like: Sell merch, create video games, develop a sitcom – you name it. And that was the problem for Green. He didn’t hold his ape, whoever stole his Bored Ape sold it on the aftermarket to a collector, which meant Seth Green did not hold the rights to Fred Simian anymore. 

Luckily for Green, though, he recently was able to get his Bored Ape back…at the cost of $297,000. That’s right. He paid for his Bored Ape twice, a six-figure price each time.

If you’re familiar with the non-fungible token space, you might be thinking to yourself: NFTs are stolen quite regularly. Hell, Yuga Labs’ social platforms were compromised just this month, resulting in Bored Ape holders losing more than Seth Green did.

So, why focus on Green’s case? I can’t think of another NFT-related scam this year that reveals the multifaceted flaws of the industry. A celebrity had their NFTs & intellectual property stolen in a crypto scam and they didn’t know what to do. In the end, they had to resort to just buying their stolen property back! What are you going to do about it if this happens to you too?





Source link

Leave a Comment