DeFi Project ‘Morgan DF Fintoch’ Vanishes With $32m In Likely Rugpull
- A DeFi project claiming to be associated with Morgan Stanley has seemingly stolen $32m worth of user deposits.
- The funds were stolen in the form of USDT, and many users had previously complained about not being able to withdraw.
- So far however, 2023 has not seen as high a volume of crypto exploits as 2022 comparatively this far through the year.
A DeFi project known as Morgan DF Fintoch has reportedly disappeared with $32m worth of user funds in USDT in an apparent exit scam (or rugpull). The project, which incentivized users to deposit by promising 365% APY, claimed that it was associated with investment bank Morgan Stanley, despite the firm publicly stating that they had no affiliation it.
Those investigating the project also noted that the “CEO” of the project used a display picture of actor Mike Provenzano with a made up name. The project had gained significant traction and had amassed more than 70,000 followers on Twitter – despite the fact that many users had complained about being seemingly unable to withdraw their funds from the project.
Investigators found that despite deposits to the platform being made on BNB Chain, the funds were then being sent to the Ethereum and Tron blockchains. Despite the theft however, evidence has shown that 2023 has been more forgiving for DeFi hacks and rugpulls than its predecessor comparatively at this point of the year. Although some experts have suggested that the biggest DeFi hacks of this year are likely yet to come.
Crypto rugpulls refer to a deceptive practice in the cryptocurrency world where unscrupulous individuals or groups create and promote a seemingly promising cryptocurrency project, only to suddenly abandon it after attracting a significant amount of investment. This results in investors losing their funds as the project's value collapses. The term "rugpull" is derived from the act of pulling the metaphorical rug out from under investors, leaving them with worthless or significantly devalued tokens. Rugpulls typically occur in decentralized finance (DeFi) projects, where the lack of regulation and transparency makes them particularly vulnerable to such fraudulent activity.
Illustration by TradingView
Former OpenSea Head of Product Convicted of Money Laundering and Wire Fraud
- Nate Chastain has been convicted of abusing his position at OpenSea to conduct insider trades.
- The ex-exec was accused of earning over $50,000 for purchasing and selling NFTs he knew would be featured on the site.
- Chastain’s punishment is still unknown, but the case could establish a form of precedent for future NFT insider trading cases.
Nate Chastain, ex-head of product for top NFT marketplace OpenSea, has been convicted of both fraud and money laundering by federal prosecutors in Manhattan. Specifically, the convictions describe Chastain to have purchased items in an NFT collection knowing it would soon be featured on the OpenSea platform, before selling the tokens for more than $50,000 worth of profit.
What happens now?
Chastain’s defense argued that the company itself did not consider the collection featuring timetable to be confidential information, and Chastain pleaded not guilty to all charges. Having been found guilty, the former OpenSea executive faces a maximum of up to 40 years in prison (although it is not known whether a jail sentence will be issued at all).
This was also noted to have been the first ever NFT-related insider trading case – and Chaistain’s yet-unknown punishment could set the tone for future trials of this kind. The case has raised concerns about the need for clearer regulations and guidelines around insider trading in the nascent NFT industry. As NFTs become implemented into a wider variety of use cases, the potential for insider trading and market manipulation becomes more significant, and it is likely that other cases of this kind will emerge in the future.
OpenSea is a decentralized marketplace for buying, selling, and discovering non-fungible tokens (NFTs) and other digital assets. It was founded in 2017 by Devin Finzer and Alex Atallah and is headquartered in New York City, USA. OpenSea's platform allows anyone to easily create, sell, and buy NFTs, which are unique digital assets that are stored on a blockchain and cannot be replicated or duplicated. These can include digital art, music, videos, and other types of digital content. OpenSea supports a range of blockchains, including Ethereum, Polygon, and BNB Chain, and has evolved to become one of the most widely used NFT marketplaces in the crypto world.
Blur Takes the Stage as NFT Volumes Reach Nearly $2bn Last Month
- NFT trading volumes are beginning to recover, almost reaching $2bn in monthly volume last month.
- OpenSea’s NFT marketplace dominance is also being threatened by a new marketplace called Blur.
- The majority of monthly volume is now facilitated by Blur, but some has raised concerns regarding “wash trading”.
Is NFT trading ready to recover?
It seems NFT trading volumes have begun to recover this side of the year, with March trading volumes almost reaching $2bn. It represents a 4% decline from February’s trading volume which was even higher at $2.04bn.
NFT sales however have declined from a wider perspective, and some investors have become wary of the speculative nature of the market. It might take several months of sustained high trading volumes before it can be deemed to have fully stabilized.
The NFT space exploded in 2021 bringing widespread investment and attention. However, in 2022, interest in the space was not immune to the market downturn – which saw crypto asset prices plummeting. This new monthly volume data however might suggest that investor interest in the space is undergoing a resurgence as crypto prices have since the beginning of the year.
What’s helping NFT-interest surge?
While the recovery of crypto asset prices and the potential of mainstream NFT adoption have helped spur on the industry’s recovery, there are other factors at play.
Specifically, the rise of a new NFT marketplace called Blur which is threatening OpenSea’s historical market dominance. The majority of the trading volume which took place in March was facilitated by Blur, with $1.35bn in volume being handled by the marketplace – partly due to its rewards program. Although OpenSea now has its own rewards program through its recently released OpenSea 'Pro' platform.
Some however have pointed out that a large amount of Blur's volume might be what is known as wash trading (when traders buy and sell NFTs back to themselves), in order to take advantage of Blur’s attractive rewards program. As we progress through the year, NFT investors will be keeping close watch of Blur’s market position with respect to OpenSea, and how its emergence affects the space.
Axel Ruffini/ Unsplash
DeFi Insurance Payouts Demonstrate the Growing Issue of DeFi Exploits
- The DeFi insurance space is growing along side the problem of DeFi exploits and hacks.
- Despite its growth, the amount locked in insurance pools is less than 0.5% of DeFi’s TVL.
- Over $1bn worth of ETH has also been made inaccessible due to human error and bugs since it was launched.
As DeFi exploits becoming an increasingly large thorn in the side of crypto (and a factor contributing to its reputation as a risky asset class), the industry of providing insurance to the sector is also continuing to grow. Last year alone, more than $3bn worth of digital assets were stolen in exploits of this kind, and last week saw this year’s biggest attack so far – with the $197m exploit of Euler Finance which has been associated with the North Korean hacking group Lazarus. Let’s take a look at the numbers.
According to a report by OpenCover, last year saw the highest amount in DeFi insurance payouts in the history of the crypto space – with more than $34m paid out. Roughly 20,000 separate crypto entities are reported to have purchased DeFi cover, and the number seems likely to grow over the course of this year. However, the amount of capital in insurance related pools still represents only a miniscule portion of the space as a whole, at less than 0.5% of the roughly $50bn locked in DeFi.
Blame it on the bugs
It’s not just malicious intent causing tokens to fall out of the hands of their owner. New data shows that over $1bn worth of ETH (or 636k ETH) has been lost forever due to either human error, or bugs on the network. That number also does not include the amount of ETH made inaccessible due to wallet owners forgetting their private keys or passphrases.
But regardless of human error, the more frequent attacks such as that on Euler Finance become – the more popular DeFi insurance protocols such as Nexus Mutual and Sherlock will become too. The value locked in protocols such as these is one to keep a close eye on over the coming year.
Shubham's Web3 / Unsplash
AMZN: Amazon’s Involvement Could Give NFTs a Much Needed Endorsement
- Amazon has announced that it is launching its own NFT marketplace next month.
- Experts in the space believe the involvement of major companies helps ensure the longevity of the industry.
- The market has already been shaken up by Blur – a new NFT marketplace threatening Opensea’s dominance.
The NFT space has been in trouble for some time now. After an explosion of hype caused millions of dollars to pour into the space near the end of 2021(partly thanks to collections such as BAYC and CryptoPunks), its volumes struggled to maintain their previous highs. As of last month, Ethereum NFT trading volumes are down by 70% from their all-time highs of $5.35bn over January 2022. However, with Amazon hopping on board to the space – it could be what the industry needs to start making its way back up to its previous highs.
Online-retail behemoth Amazon has announced that it plans to launch its own digital asset marketplace sometime in April, which will also support NFTs tied to physical assets. Amazon has been exploring the possibility of offering NFTs for the best part of a year, and many believe that Amazon’s involvement could go a long way in restoring trust in the NFT industry. Some companies such as Starbucks and Reddit have already been doing so through their NFT-based rewards programs.
Amazon’s involvement would be another major development for the space, after rising-star marketplace, Blur, blew Opensea (the previous leader in NFT marketplaces) out of the water by trading volume. Last month, Opensea only facilitated $386m in NFT trading volume while Blur racked up more than $1.1bn – attracting traders with its appealing rewards program. However, with Meta just announcing that it’s abandoning plans to integrate NFTs into its social media app, major tech companies are at odds on whether the NFT space can be seen to have a future.
Logan Paul NFT project in troubleLogan Paul’s NFT project might have just landed him in some hot water.
- Internet celebrity Logan Paul has been accused of orchestrating a rug pull with his NFT project Crypto Zoo. The project, which launched in 2021, claimed to allow users to trade blockchain-based animals which could be hatched from “egg” NFTs.
- However, a filing to a Texas court claims the YouTuber deliberately targeted consumers “unfamiliar with digital currency” to market the project, before effectively abandoning it. The project’s marketing claimed purchasers would be given benefits and access passes at a later date.
- Celebrities are coming under increasing scrutiny for their involvement in crypto and NFT projects. Aside from Kim Kardashian’s $1.26m SEC fine for promoting Ethereum Max, US advertising watchdog ‘TINA’ has made claims against Snoop Dog, Paris Hilton and other celebs for their promotion of NFT projects.
Erik Drost / Wikimedia Commons
Sorare hits the back of the netThe Premier League is becoming increasingly involved with NFTs, and some companies are reaping the benefits.
- Blockchain-based fantasy football platform, Sorare, has signed a deal with the Premier League to sell NFTs – indicating that the sporting world’s relationship with NFTs isn’t going anywhere. It’s believed that the deal could be worth around $37m per year.
- The deal provides Sorare with a four-year license to sell NFT ‘player cards’ for all teams in the league, with Sorare being valued at $4.3bn in 2021. The platform however, will need to overcome plunging NFT trading volumes to make the partnership profitable.
- Diminished trading volumes aren't the only thorn in Sorare’s side. The platform’s been under investigation by the UK’s gambling watchdog for over a year, regarding concerns that its paid game contains gambling mechanisms. Although with its free-to-play offerings being expanded, it may be a non-issue.
A dark developmentWhat has been a suspicion of the DeFi world for some time, has finally been confirmed by the FBI.
- The FBI has confirmed that the $100m exploit of Harmony in June last year was committed by Lazarus Group – a hacking group associated with the North Korean government. The statement comes a week after some of the stolen assets were seized while being sent to exchanges to be sold.
- The intelligence agency said that these DeFi hacks are being perpetrated in order to fund North Korea’s nuclear weapons program, as the country has been under strict financial sanctions for almost 2 decades. It’s not doing any favors for DeFi’s already damaged reputation.
- It’s believed that through Lazarus Group and another hacking group called APT38, North Korea has stolen over $1.2bn worth of digital assets. It’s part of the reason for the US government’s ban on coin-mixer Tornado Cash last year – a move which was not without its own controversy.
The long arm of the SECThe perpetrator of the multimillion dollar Mango Markets hack is in the sights of the SEC.
- The SEC has charged Avraham Eisenberg with the exploit of Mango Markets last year, which saw $116m worth of assets drained from the platform. They described Eisenberg to have manipulated the platform’s MNGO token – which the SEC have also described as a security.
- The charges state that through a series of large trades, MNGO’s price was inflated by Eisenberg in order for it to be exchanged for USDC. He was arrested in Puerto Rico and will be taken to court in New York for a hearing.
- Eisenberg actually admitted that he had committed the attack just days after it was carried out, and said that he would return the majority of the funds. He tweeted that he believed his actions were legal. Whether the judge believes they were, is another matter.
Illustration by TradingView
The SEC gets seriousLast year, the Securities and Exchange Commission spent almost the majority of its time chasing after crypto projects which it deemed securities.
- Almost half of the enforcement actions taken by the SEC in 2022 were directed at crypto projects, as the sector continues to take up an increasing amount of the regulator’s resources. It also marks a 50% increase in crypto-related enforcement actions since 2021.
- 14 of the regulator’s 30 enforcement actions in 2022 related to ICOs (initial coin offerings) - where crypto projects raise capital for their project by releasing a token. 57% of those enforcement actions also involved an allegation of fraud.
- The regulator’s also been going after celebrity influencers for their promotion of crypto – issuing Kim Kardashian with a $1.26m fine in October for promoting Ethereum Max (which has no affiliation with Ethereum) on her Instagram account. When it comes to the debate of whether crypto falls within the SEC’s regulatory remit – it certainly seems to think it does.
Illustration by TradingView
Stolen funds on the moveA North Korea-linked hacking group has been making moves to cash out the profits from a major DeFi exploit last year.
- Lazarus, a hacking group linked to North Korea, attempted to move 41k ETH ($63m) over the weekend, which is believed to be connected to the $100m hack of Harmony in June last year. The funds were siphoned through the now-blacklisted Tornado Cash address mixer shortly after the hack.
- The funds were reported by Twitter sleuth, ZachXBT, to have been moved through privacy network Railgun before being consolidated and sent to three different exchanges. Lazarus is also believed to be responsible for the $635m hack of Ronin Bridge in March - which is still the largest DeFi hack of all time.
- Some of the funds were frozen and recovered by crypto exchange Huobi, after they found the depositing wallet to be suspicious. Although with only $2.5m worth of assets having been recovered, it feels a little soon to celebrate it as a victory.
Illustration by TradingView
Game of groansThe official Game of Thrones NFT collection has been released and, yeah… we’ll keep our ETH thanks.
- “Build Your Realm”, the official Game of Thrones NFT collection, was released to mockery on Tuesday, despite the entire collection selling out in just 7 hours. The collection was launched on Ethereum sidechain Palm to reduce the gas fees involved.
- The collection’s artwork left crypto Twitter less than impressed, with critics pointing out that the characters’ enormous hands don’t quite fit in with the canon of the TV series. And with around $150 worth of ETH being charged for each one, the irritation becomes slightly more understandable.
- Making matters worse, the token minting was also paused due to congestion – only adding to the frustration of users. So far, the project’s creators, Nifty’s and Daz3D, have yet to comment on the reception of the launch. Although having sold out, it could have gone worse we suppose.
A tale of token theftOnce again we’re reminded of the perils that can befall private key holders, as a big name in the NFT space gets his tokens pinched.
- Nikhil Gopalani, COO of Nike’s RTFKT web 3 brand, has suffered a hack resulting in at least $173k worth of NFTs being drained from two of his wallets. The majority of the value stolen was in the form of 19 NFTs of the hugely popular CloneX collection.
- Gopalani says the hack took the form of a phishing attack, in which the attacker impersonated Apple customer support. Most of the NFTs have already been sold, with Gopalani trying to stay positive by tweeting that he hopes those who bought them “love them.”
- RTFKT has been a major name in the NFT space for over a year, and was acquired by Nike in December 2021 for an undisclosed amount. Since then however, weekly NFT trading volume has plummeted by over 80%.
A bountiful year (for some)The crypto market may have taken a hammering this year, but some white-hat hackers were making profits.
- Crypto bug bounty platform Immunefi reported that it paid bounty hunters $52m over the course of 2022. That figure however is a far cry from the roughly $3bn stolen in DeFi hacks over the same period.
- The largest payout was a whopping $10m bounty for an exploit located in bridge protocol Wormhole. That single reward was larger than the total $8.7m paid out by Google’s Vulnerability Rewards Program over the course of 2021.
- Immunefi has something of a monopoly on the crypto bug bounty market. By comparison, its closest competitor, HackenProof, paid out only $850k since it launched in 2017. The larger this industry becomes, the less susceptible to hacks DeFi will be.
A cold winter(mute) aheadHaving already dealt with being hacked in September this year, Wintermute’s now dealing with dwindling revenue.
- Crypto trading firm Wintermute’s revenues have fallen into heavy decline this year, reporting only $225m in revenue from January to September compared to the $1bn the group pulled in in 2021.
- The slew of large-scale crypto collapses seen this year has been weighing down on the company, from Terra and 3AC, to Celsius and FTX. On top of that, crypto trading volumes are significantly lower than they were this time last year, which hasn’t been helping its position.
- Despite its concerningly diminished revenues, CEO Evgeny Gaevoy has brushed worries aside, saying that they don’t “necessarily care” how much they make right now, as the (potential) return of the crypto bull market would undo their losses. Gotta respect the confidence.
Make NFTs great againDonald Trump has dipped his toes into the NFT space, with his first collection making some big waves.
- Former president, Donald Trump, released a series of NFTs on Thursday, and the collection was met with surprising success. The 4,500 piece collection, priced at around $99 each, features artwork of Trump in various costumes, which he described as “scenes pertaining to his life”.
- The Polygon-based collection has already entirely sold out, and managed to reach $1.17m in trading volume in the first 24 hours after it launched. The tokens also serve as raffle tickets for a selection of prizes, reportedly including tickets to a “Trump gala dinner”.
- It wouldn’t be a Trump project without a bit of controversy however. Purchasers of the NFTs quickly pointed out that some tokens were being sent to the wrong wallet address, and a large portion of the rarest tokens had been kept for the project’s creators.
Who said NFTs were dead?Two new NFT projects have been met with surprising success, restoring a glimmer of hope for the downtrodden space.
- NFT projects, Valhalla and Cockpunch, have experienced a surge in popularity, seeing over $18m worth of combined trading volume over the past week. Valhalla, a project created by founders of the memecoin Floki, saw 6.7k sales in the past week alone.
- The volume surge caused the Valhalla and Cockpunch collections to reach 3rd and 4th place, in last week’s NFT popularity rankings. One NFT from the Cockpunch collection (founded by entrepreneur and author Tim Ferriss) sold for an impressive 55.55 ETH (worth around $74K).
- Their successes show that interest in the NFT industry still exists, but it’s nowhere near the levels seen at the beginning of the year. The first week of December this year saw just $63m worth of NFT sales – a far cry from the $230m in sales the same week last year.
NFTs with almond milkStarbucks has hopped on the NFT bandwagon (if a little late to the party) and so far, users can’t seem to get enough of it.
- Starbucks has launched the beta of its Odyssey Web 3 rewards platform built on the Ethereum layer 2 chain Polygon. The platform allows users to trade and purchase limited edition NFTs related to the Starbucks brand.
- The company reports that reception of the program has been exceptionally positive, although currently only a small number of users are testing the service. Increased functionality and access is due to be rolled out in the beginning of 2023.
- The major brand partnership is a huge boost for Polygon, which was already chosen by media giant Disney for its accelerator program in summer this year. Its token also seems to have weathered this year’s crypto market downturn – rising by almost 70% in the last 6 months.
Khadeeja Yasser / Unsplash
Too cute to pass upPudgy Penguin NFTs have been flying off the shelves – perhaps there’s hope for the NFT market yet?
- Pudgy Penguin NFTs were selling like hotcakes in an auction held by fine art broker Sotheby’s. The sale of ten of the collection’s NFTs brought in roughly $129k, with the average token selling for around $12.9k.
- The average sale price was much higher than the collection’s floor price of $1.3k – defying the recent slump in NFT-related hype. That being said, the collection’s got some high-profile supporters including NBA star Steph Curry and rapper Tory Lanez.
- Sotheby’s reported over $100m in NFT sales last year, but the space has been in decline along with the wider crypto market. With most NFTs based on the Ethereum blockchain, ETH’s 66% drop YTD certainly hasn’t helped the space.
Derebit gets doneA new victim of the crypto hackathon that has been 2022 has emerged, this time in the form of crypto exchange Derebit.
- Derebit suffered a ‘hot wallet hack’ on Monday evening which saw $28m worth of assets stolen. The group has halted withdrawals to prevent further damage, with the funds stolen including BTC,
ETH and USDC.
- The group insists that user funds have not been compromised and that the platform remains in a “financially sound position”. The losses will reportedly be covered by company reserves but with withdrawals still frozen, some customers are understandably concerned.
- Derebit hasn’t been having a great time of it recently, having suffered a blow after the now-bankrupt 3AC failed to meet its margin calls. However, having raised $40m at a $400m valuation in September, the group might be able to weather the storm.