236 days ago • cryptodaily
Magnate Finance Orchestrates Rug Pull, Over $6 Million Stolen
Magnate Finance, a lending and borrowing protocol that operates on the Ethereum Layer-2 network Base, has apparently orchestrated a rug pull, stealing millions from users of the protocol.
The rug pull had been predicted by on-chain sleuths, including ZachXBT, who cited several previous actions of the project’s founders.
Details Of The Rug Pull
Magnate Finance has also effectively cleared its entire digital presence, having deleted its Telegram group on the 25th of August. It also took its website offline, rendering it inaccessible on the same day. The protocol later deleted its X (formerly Twitter) account as well, effectively erasing its entire digital and social media presence. Mere hours after deleting its entire social media presence, Magnate Finance developers manipulated the price oracle of the protocol. This let them remove all assets within the protocol, removing around $6.4 million of the total value locked (TVL) in the protocol, effectively collapsing the project.
Security firm PeckShield called this occurrence a classic rug pull and also conducted an investigation into the situation. The security firm stated that the developers behind the project transferred around $1.34 million worth of DAI tokens to a new address. Later, they bridged around $1 million of the stolen funds to the BNB Smart Chain. The firm also tracked five different wallets, all of which were linked to the Magnate Finance scammers. PeckShield added that the scammers had manually manipulated the price oracle, allowing them to drain funds.
A majority of the stolen funds went to several Ethereum Layer-2 platforms, such as Optimism and Arbitrum, along with the BNB Smart Chain using Stargate. Around 295 ETH and 1.3 million DAI tokens are currently held on the Base chain.
ZachXBT Had Warned Of Potential Exit Scam
The Magnate Finance rug pull came to light after a warning issued by on-chain investigator ZachXBT. ZachXBT had issued a warning that the developers behind the Magnate Finance protocol could orchestrate an exit scam. The on-chain investigator reached this conclusion after discovering that the Magnate Finance deployer address was linked to a previous exit scam involving a project called Solfire. Solfire defrauded its users of around $4.8 million.
“Community Alert: Magnate Finance on Base will likely exit scam in the near future currently with over $6.4M TVL. The deployers address is directly linked to the Solfire $4.8M exit scam.”
The Problem Of Exit Scams
Exit scams and rug pulls have become a considerable problem in the decentralized finance (DeFi) ecosystem, with scammers using them as their preferred tactic. The Magnate Finance rug pull is the second rug pull this month, with the SwirlLend rug pull occurring earlier. SwirlLend, another protocol on Base, stole around $460,000 in an exit scam, with some funds also stolen on Linea. PeckShield, in an analysis of the rug pull, stated that the SwirlLend team drained $290,000 worth of crypto assets from Base and a further $170,000 worth of assets from Linea.
Like Magnate Finance, SwirlLend has also completely erased its digital presence, with its social media accounts on Twitter and Telegram deleted and the website rendered inaccessible.
The scourge of rug pulls, and exit scams is evident from the total value of cryptocurrencies lost to them in the first half of 2023. According to blockchain security firm Beosin, phishing scams and rug pulls have resulted in the loss of a staggering $655 million so far.
“Total losses from hacks, phishing scams, and rug pulls in #Web3 amounted to a staggering $655.61M in H1 2023. Out of this, 108 attacks resulted in a loss of ~$471.43M. Phishing scams accounted for around $108M of losses, while 110 #rugpulls resulted in a total loss of ~$75.87M.”
Growing Problems On Base Chain
Coinbase’s Layer-2 blockchain has faced several problems since it commenced operations. RocketSwap, a project on Base, fell victim to a brute force attack, which saw around 471 ETH, valued at about $865,000 stolen. The protocol outlined an emergency plan following the attack and would also attempt to reach out to the hackers to negotiate a return of the stolen assets.
Another project on Base, the decentralized exchange LeetSwap, also had to suspend trading operations thanks to fears of a potential exploit. The decentralized exchange tweeted that it had detected a security vulnerability and had to stop trading for further investigations. Additionally, Coinbase and Base are also dealing with the aftermath of an SEC lawsuit.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
236 days ago • cryptodaily
Magnate Finance Orchestrates Rug Pull, Over $6 Million Stolen
Magnate Finance, a lending and borrowing protocol that operates on the Ethereum Layer-2 network Base, has apparently orchestrated a rug pull, stealing millions from users of the protocol.
The rug pull had been predicted by on-chain sleuths, including ZachXBT, who cited several previous actions of the project’s founders.
Details Of The Rug Pull
Magnate Finance has also effectively cleared its entire digital presence, having deleted its Telegram group on the 25th of August. It also took its website offline, rendering it inaccessible on the same day. The protocol later deleted its X (formerly Twitter) account as well, effectively erasing its entire digital and social media presence. Mere hours after deleting its entire social media presence, Magnate Finance developers manipulated the price oracle of the protocol. This let them remove all assets within the protocol, removing around $6.4 million of the total value locked (TVL) in the protocol, effectively collapsing the project.
Security firm PeckShield called this occurrence a classic rug pull and also conducted an investigation into the situation. The security firm stated that the developers behind the project transferred around $1.34 million worth of DAI tokens to a new address. Later, they bridged around $1 million of the stolen funds to the BNB Smart Chain. The firm also tracked five different wallets, all of which were linked to the Magnate Finance scammers. PeckShield added that the scammers had manually manipulated the price oracle, allowing them to drain funds.
A majority of the stolen funds went to several Ethereum Layer-2 platforms, such as Optimism and Arbitrum, along with the BNB Smart Chain using Stargate. Around 295 ETH and 1.3 million DAI tokens are currently held on the Base chain.
ZachXBT Had Warned Of Potential Exit Scam
The Magnate Finance rug pull came to light after a warning issued by on-chain investigator ZachXBT. ZachXBT had issued a warning that the developers behind the Magnate Finance protocol could orchestrate an exit scam. The on-chain investigator reached this conclusion after discovering that the Magnate Finance deployer address was linked to a previous exit scam involving a project called Solfire. Solfire defrauded its users of around $4.8 million.
“Community Alert: Magnate Finance on Base will likely exit scam in the near future currently with over $6.4M TVL. The deployers address is directly linked to the Solfire $4.8M exit scam.”
The Problem Of Exit Scams
Exit scams and rug pulls have become a considerable problem in the decentralized finance (DeFi) ecosystem, with scammers using them as their preferred tactic. The Magnate Finance rug pull is the second rug pull this month, with the SwirlLend rug pull occurring earlier. SwirlLend, another protocol on Base, stole around $460,000 in an exit scam, with some funds also stolen on Linea. PeckShield, in an analysis of the rug pull, stated that the SwirlLend team drained $290,000 worth of crypto assets from Base and a further $170,000 worth of assets from Linea.
Like Magnate Finance, SwirlLend has also completely erased its digital presence, with its social media accounts on Twitter and Telegram deleted and the website rendered inaccessible.
The scourge of rug pulls, and exit scams is evident from the total value of cryptocurrencies lost to them in the first half of 2023. According to blockchain security firm Beosin, phishing scams and rug pulls have resulted in the loss of a staggering $655 million so far.
“Total losses from hacks, phishing scams, and rug pulls in #Web3 amounted to a staggering $655.61M in H1 2023. Out of this, 108 attacks resulted in a loss of ~$471.43M. Phishing scams accounted for around $108M of losses, while 110 #rugpulls resulted in a total loss of ~$75.87M.”
Growing Problems On Base Chain
Coinbase’s Layer-2 blockchain has faced several problems since it commenced operations. RocketSwap, a project on Base, fell victim to a brute force attack, which saw around 471 ETH, valued at about $865,000 stolen. The protocol outlined an emergency plan following the attack and would also attempt to reach out to the hackers to negotiate a return of the stolen assets.
Another project on Base, the decentralized exchange LeetSwap, also had to suspend trading operations thanks to fears of a potential exploit. The decentralized exchange tweeted that it had detected a security vulnerability and had to stop trading for further investigations. Additionally, Coinbase and Base are also dealing with the aftermath of an SEC lawsuit.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
260 days ago • cryptodaily
Tether Blacklists Scammer After $20 Million USDT Heist
A scammer managed to steal $20 million worth of Tether (USDT) on the 1st of August, using a zero transfer phishing attack.
Tether immediately swung into action, blocking the scammer’s address and blacklisting them, all within an hour of the attack being orchestrated.
Zero Transfer Attack
Blockchain users have to always be on their guard when making on-chain transactions, primarily due to the threat of hackers and scammers. One such scammer managed to steal $20 million worth of Tether (USDT) by orchestrating a zero-transfer phishing attack. Most zero-transfer attacks operate using the same modus operandi. Hackers trick the user into sending a $0 transaction to a phishing address similar to an address the victim frequently transacts with or transfers funds to.
Users typically check only the first and last few digits of a wallet address and ignore reading the complete address. This is the loophole that hackers are able to use, outsmarting the intended victim with a phishing address that looks similar to the original address. Users that don’t bother to check the whole address typically fall for such attacks. For example, if a user sends 100 coins to a particular address, the hacker could send 0 coins from the victim’s wallet to a similar address controlled by the attacker.
The victim views the transaction in their transaction history and assumes that the address in question is the proper address and ends up sending the transaction to the phishing address instead.
The Tether Attack
Data from On-chain analytic firm PeckShield has shown that a scammer managed to grab $20 million worth of USDT using this type of attack. The intended address to which the victim wanted to send the funds was 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570. However, the scammer tricked the victim into sending the funds to another address, 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570, as shown by PeckShield in its analysis.
Data shows that the victim’s wallet address initially received $10 million from a Binance account.
This was sent to another address before the scammer jumped into the middle of the transaction, sending a fake Zero USDT transfer from the victim’s account to the phishing address in question. Following this, the victim inadvertently ended up sending 20 million USDT to the phishing address, thinking they were transferring it to the original address.
“#PeckShieldAlert A #ZeroTransfer scammer grabbed 20M $USDT from 0x4071...9Cbc. Intended Address: 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570 Phishing Address: 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.”
Tether Swings Into Action
Tether was extremely proactive in dealing with the scammer, almost immediately freezing the stolen funds by putting the scammer’s address on a blacklist. This was done barely an hour after the attack. Tether’s quick response has raised plenty of eyebrows regarding the victim’s identity, with on-chain sleuth ZachXBT tweeting his curiosity about the victim’s identity.
“Curious who this would be if it were blacklisted within ~1 hr. Tether takes days to do that after obvious hacks but was acted here extremely quickly.”
According to some members of the crypto community, the victim could be an influential individual or a very large firm. Zero transfer scams are becoming increasingly common in the crypto space over the past year. The first instance of a big zero transfer scam occurred in December 2022, with the ecosystem losing around $40 million to similar attacks since.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
263 days ago • cryptodaily
Crypto Weekly Roundup: SBF Under Gag Order And More
More developments in the FTX saga, where the former CEO of the now-defunct crypto exchange has come under fire for conducting an interview with the New York Times, which prosecutors have claimed amounts to witness tampering. He has been put under a gag order which prevents him from discussing the case publicly. Let’s find out more.
Bitcoin
Democratic presidential candidate Robert F. Kennedy Jr. confirmed his recent purchase of a significant amount of Bitcoin earlier this year.
Wednesday’s announcement of the widely expected 25 basis point rise in the interest rate led to a higher move in cryptocurrencies.
A team of Bitcoin developers and enthusiasts have introduced the "Frostsnap" method to provide multisig wallets with a range of new capabilities.
DeFi
The Bank of Italy's Milano Hub innovation center will support a project spearheaded by Cetif Advisory that aims to develop a security token ecosystem for institutional DeFi.
DeFi protocol Parrot Finance will begin implementing an activist investor-led plan to phase out the platform’s PRT token, with redemptions set to begin as early as Monday.
Altcoins
An obscure altcoin called the X token has surged by over 1000% following Elon Musk’s announcement that Twitter is rebranding itself to X.com.
Technology
Bridge Protocol LayerZero has revealed that it has achieved a significant landmark, crossing 50 million cross-chain messages.
Archax, a leading global digital asset exchange, broker, and custodian, has unveiled its latest offering: a crypto exchange designed specifically for institutional investors.
Avalanche Foundation has earmarked a whopping $50M to acquire assets that are tokenized on its blockchain.
The highly controversial Arkham Intel Exchange has approved its first-ever bounty hunt, with crypto sleuths set to go after crypto wallets belonging to Terra co-founder Do Kwon.
Business
Venture capital firm, Sequoia Capital, has cut its cryptocurrency fund by over 65% from $585 million to $200 million.
Bankrupt crypto lender Celsius Network has reached two crucial settlements to end its bankruptcy proceedings and clear a path for the return of customer assets.
Flashbots, an Ethereum software infrastructure provider, has raised $60 million from venture capitalists and other prominent players from the blockchain ecosystem.
Cryptocurrency exchange KuCoin has responded to recent rumors about mass layoffs within the company, clarifying that the adjustments to its headcount are part of routine organizational development.
Deloitte and Chainalysis have joined forces in a strategic alliance to tackle compliance challenges within the digital asset ecosystem.
BlackRock and India’s Jio Financial Services will soon enter a joint venture to launch a “digital-first offering” in India.
Crypto derivatives and copy trading platform Bitget announced the listing of its native token BGB on the renowned cryptocurrency exchange MEXC.
Regulation
The South Korean Financial Services Commission's (FSC) decision to seize Delio’s assets cast doubts over its future operations.
In a recent statement, the SEC claimed that the recent Ripple ruling was incorrect while disclosing that it has already decided and is currently moving in to post an appeal.
The United States Federal Reserve has officially launched its new instant payment system, dubbed FedNow, to modernize and streamline the United States’ payment system.
FTX founder Sam Bankman-Fried has agreed to a gag order that prevents him from publicly discussing his case after prosecutors alleged he was discrediting their witness, Caroline Ellison.
Changpeng Zhao and other defendants associated with the Binance crypto exchange plan to appeal to the court to dismiss a lawsuit from the CFTC.
Worldcoin, the high-tech cryptocurrency initiative supported by Sam Altman, might soon be under the scrutiny of data protection regulators in the UK.
The Republic of Namibia pivots on its crypto stance by introducing a law regulating the digital asset industry, ending the country’s total ban on cryptocurrencies.
Block.one, a significant investor in the blockchain industry, is now under fire from the EOS Network Foundation (ENF) for purportedly defaulting on its $1 billion investment commitment.
Blockchain security firm Quantstamp is under scrutiny from the SEC for conducting an unregistered initial coin offering (ICO) in 2017.
The United States House Financial Services Committee passed two crucial bills that could pave the way for regulatory clarity.
The SEC has intensified its oversight of financial institutions that use AI and predictive algorithms.
Democrat Congressman Brad Sherman said on Wednesday during a key congressional committee that only the US government has the right to print money out of thin air.
The United States Senate has passed an $886 billion military spending bill with strict anti-money laundering provisions for cryptocurrency.
In a letter addressed to the SEC, Grayscale Investments has appealed for the equal treatment of all spot Bitcoin ETFs.
Singapore-based crypto exchange Crypto.com announced it obtained registration with the central bank of the Netherlands, De Nederlandsche Bank (DNB).
The Supreme Court of India came down heavily on the central government, expressing displeasure over the lack of a clear law or regulations regarding cryptocurrencies.
NFT
NFT art gallery Bright Moments held its live minting event at the Gotham store, one of New York City's "luxury" cannabis dispensaries.
CyberKongz partners with Axie Infinity’s creator Sky Mavis to migrate its existing Play and Kollect NFT game and mint the new Genkai NFT collection on the Ronin chain.
Web3
CEO Mark Zuckerberg remains hopeful about the company’s metaverse prospects despite sinking $3.7 billion in operating losses in the second quarter of this year.
Japan is set to embrace Web3 technology with the backing of major companies like Fujitsu and Mitsubishi, going beyond just entertainment and gaming.
The Binance crypto exchange platform is set to start operations for Japanese customers, according to an announcement from CEO Changpeng Zhao.
Security
Crypto payments platform CoinsPaid believes North Korean Lazarus Group was behind the hack that saw $37 million stolen from the platform.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
265 days ago • cryptodaily
Parrot Finance To Commence PRT Token Buyback On Monday
DeFi protocol Parrot Finance will begin implementing an activist investor-led plan to phase out the platform’s PRT token, with redemptions set to begin as early as Monday.
The redemption is the result of a highly contentious vote that returns a portion of Parrot Finance’s treasury to token holders.
A Controversial Vote
Two years ago, Parrot Finance had raised over $80 million during the public token sale of its PRT tokens. Cut to 2023, and the DeFi protocol is holding a controversial vote to buy its investors out. The proposal in question calls for the end of Parrot’s governance token through a redemption program which will see $50 million from its treasury be divided among PRT token holders, priced at $0.0045 each. If passed, the vote would be catastrophic to Parrot’s earliest investors, who shared the protocol’s vision of building a powerful stablecoin and lending market.
Early investors would end up recouping only one-tenth of their initial investment, despite the fact that Parrot’s treasury would retain around $73 million. The proposal has angered investors who argue that the DeFi protocol’s team could walk away with millions of dollars, despite never following up on their promise of giving PRT token holders more control over the protocol and often being absent from the protocol entirely. According to early investors, the Parrot team had promised them a protocol that they would be able to govern. Instead, they are being asked to leave for pennies on the dollar.
Going Ahead With Token Buyback
According to multiple posts on its Discord server, Parrot Finance is moving ahead with its plan to purchase its PRT tokens from sellers at a price of $0.0045 each. The purchase will be carried out through a stablecoin market set up on the OpenBook decentralized exchange. According to the company, the redemption period will last for eight weeks, concluding with the sunsetting of the PRT token.
The greenlighting of the plan comes after the results of a community vote to return a chunk of the DeFi protocol’s treasury to token holders came out. The vote passed with 99% voting in favor but faced significant backlash from smaller investors who accused the Parrot team of keeping a major chunk of the treasury for themselves. According to pseudo-anonymous on-chain sleuth Ashpool, the vote was a premeditated sham, pointing to the “dress rehearsal” vote, which was held a week prior to the final proposal. According to a thread by crypto reporter Danny Nelson, the Parrot team, along with activist investors, are likely to make millions in future payroll, a huge share of the treasury, and complete ownership of the protocol.
“gopartyparrot raised nearly $90 million during the height of Solana’s 2021 bull market. But its plans to build new kinds of crypto lending markets never caught fire. After nearly a year of pressure from activist investors, the protocol held a contentious vote to buy out all PRT holders. The now-passed plan earmarks just a slice of Parrot’s remaining treasury for normal investors.”
Original Investors Obliterated
Nelson called the Parrot team the real winners of the exercise, stating,
“Parrot’s developer team walks away with millions of dollars in future payroll runway and a massive share of the treasury, not to mention full ownership of the protocol. They’re almost certainly the big winners here. Activist investors will also likely make a bundle. Some of them have likely been buying the token for months at prices well below the buyback rate in preparation for the redemption program.”
Nelson stated that the original investors in the project would be obliterated. As things stand, the original investors in Parrot and its PRT token can expect to recover only about a tenth of their actual investments.
“But the original retail investors in Parrot are getting absolutely obliterated. Anyone who bought Parrot’s IDO and stuck it out to the end will recoup around 1/10 of their capital.”
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.