It has been a tough month for the crypto sector and it is only the third day of August.
From cross-chain bridge hacks draining hundreds of millions of dollars of client funds to the Securities and Exchange Commission going after cryptocurrency Ponzi schemes, this corner of the market cannot resist.
These developments add to an already hot year for the crypto market, which saw a huge downturn due to fears of monetary tightening and lack of liquidity.
The news flow is hard to follow even for insiders, so here’s a rundown of what you’ve been missing since Monday.
US Securities and Exchange Commission headquarters in Washington DC. 23, 2022.
Al Drago/Bloomberg via Getty Images
Security and Exchange Commission on Monday filed a civil lawsuit that accused 11 people for their role in creating and promoting an allegedly fraudulent cryptocurrency-focused pyramid scheme that raised more than $300 million from investors.
The scheme, called Forsage, claimed to be a decentralized smart contract platform, allowing millions of retail investors to transact through smart contracts running on the platform. ethereumthrone and binance blockchains. The Securities and Exchange Commission claims that for more than two years, the scheme functioned as a standard pyramid scheme in which investors profited by recruiting others.
In a formal SEC complaint, Wall Street’s top watchdog calls Forsage a “learning pyramid and Ponzi scheme” in which Forsage aggressively promoted its smart contracts through online advertising and new investment platforms while selling “no actual consumable product.” The complaint adds that “the main way investors got money from Forsage was to get others involved in the scheme.”
The SEC said that Forsage operated a typical Ponzi structure in which it allegedly used the assets of new investors to pay out old ones.
“As the complaint alleges, Forsage is a pyramid scam launched on a massive scale and aggressively promoted to investors,” wrote Carolyn Welshhans, Acting Head of the SEC’s Crypto Assets and Cybersecurity Division.
“Scammers cannot circumvent federal securities laws by focusing their schemes on smart contracts and blockchains.”
Forsage, through its support platform, declined to offer a way to contact the company and did not comment.
Four of the eleven people indicted by the SEC are the founders of Forsage. Their current whereabouts are unknown, but they were last known to reside in Russia, the Republic of Georgia and Indonesia.
The SEC also indicted three US promoters who supported Forsage on their social media platforms. Their names are not mentioned in the commission’s message.
Forsage launched in January 2020. Regulators around the world tried to shut it down a couple of times. In September 2020, Forsage was sued by the Philippine Securities and Exchange Commission to cease wrongdoing. In March 2021, the Montana Securities and Insurance Commissioner did the same. Despite this, the defendants allegedly continued to push the scheme, denying the claims in several YouTube videos and in other ways.
The two defendants, both of whom neither admitted nor denied the charges, agreed to settle the charges subject to court approval.
So-called blockchain bridges have become a prime target for hackers seeking to exploit vulnerabilities in the world of decentralized finance.
Jakub Pozhitsky | NurPhoto | Getty Images
Crypto startup Nomad lost almost $200 million in a devastating feat of security. Nomad is known as a “bridge” through which users can transfer tokens from one blockchain to another. The hackers exploited a security vulnerability that allowed users to deposit any amount into the system and withdraw funds, even if Nomad’s deposit base did not have enough assets.
The nature of the bug meant that users didn’t need any programming skills to exploit it. Others caught on and deployed armies of bots to simulate attacks.
“With no prior programming experience, any user can simply copy the original transaction call data of the attackers and replace the address with their own in order to use the protocol,” said Victor Young, founder and chief architect of Analog, a crypto startup.
“Unlike previous attacks, the Nomad hack became free for everyone when a few users began draining the network by simply replaying data from the attackers’ original transaction calls.”
Blockchain bridges are a popular way to move tokens from networks like Ethereum, which have a reputation for slow transactions and high fees, to cheaper, more efficient blockchains. But careless programming choices have made them a prime target for hackers looking to swindle investors out of millions. More than $1 billion worth of cryptocurrencies were lost due to exploits in 2022, according to analytics firm Elliptic.
“I can only hope that developers and projects recognize that they are using a critical piece of software,” Adrian Hetman, CTO of Web3 security firm Immunefi, told CNBC.
“They have to put security first with every business decision because they are dealing with human money, most of that money is locked in these contracts.”
Nomad said it is working with cryptocurrency security firm TRM Labs and law enforcement to trace the movement of funds, identify those responsible for the attack, and return stolen tokens to users.
“Nomad is committed to keeping its community up to date with more to come in the hours and days ahead and thanks everyone who acted quickly to protect funds,” the company said in a statement.
Michael Saylor, Chairman and CEO of MicroStrategy, first encountered bitcoin in 2020 when he decided to start adding cryptocurrency to MicroStrategy’s balance sheet as part of an unorthodox treasury management strategy.
Eva Marie Uscategui | Bloomberg | Getty Images
Later on Tuesday microstrategy announced that CEO Michael Saylor is leaving his post become the company’s executive chairman. Company President Fong Le will take the reins from Sailor.
Saylor has been CEO since the company’s inception in 1989. MicroStrategy went public in 1998.
MicroStrategy’s stock has fallen more than 48% this year. bitcoin decreased by more than 51% over the same time period.
“I believe that separating the roles of chairman and CEO will allow us to better execute our two corporate strategies of acquiring and holding bitcoin and growing our enterprise analytics software business. As executive chairman, I will be able to focus more on our bitcoin acquisition strategy and related bitcoin protection initiatives, while Fong will be empowered as CEO to manage overall corporate operations,” Saylor said in a release.
The announcement comes as the company announces earnings for its second quarter, in which its total revenue fell 2.6% year-over-year. The company also posted a $918 million loss on the value of its digital assets, presumably primarily Bitcoin.
Technically, MicroStrategy can do enterprise software and cloud services, but Saylor said the publicly traded company is the first and only bitcoin US spot exchange-traded fund
“We’re kind of like your defunct spot ETF,” Saylor told CNBC on the sidelines of the Bitcoin 2022 conference in Miami in April.
This illustration photo, taken in Krakow, Poland on August 21, 2021, shows the Solana logo displayed on a phone screen and an image of cryptocurrencies.
Jakub Pozhitsky | NurPhoto | Getty Images
And then, on Tuesday evening, unknown attackers came for hot wallets connected to the Solana blockchain.
Nearly 8,000 digital wallets were emptied of just over $5.2 million in digital coins, including solanasol token and USDCoin (USDC), according to analytics company Elliptic. The Solana Status Twitter account confirmed the attack, noting that as of Wednesday morning, the exploit had affected approximately 7,767 wallets. Elliptic’s estimate is slightly higher at 7,936 wallets.
SolanaThe sol token, one of the largest cryptocurrencies after bitcoin and ether, fell by about 8% in the first two hours after the hack was initially discovered, according to CoinMarketCap. It is currently down about 1% while trading volume is up about 105% in the last 24 hours.
Beginning Tuesday evening, several users began reporting that assets held in “hot” wallets, i.e. addresses connected to the Internet, including Phantom, Slope and Trust Wallet, were being depleted.
Phantom said on Twitter said it was investigating a “claimed vulnerability in the solana ecosystem” and did not believe the problem was related to Phantom. Blockchain audit firm OtterSec tweeted that The hack affected several wallets “on a variety of platforms.”
Elliptic Chief Scientist Tom Robinson told CNBC that the root cause of the hack is still unclear, but “it appears to be due to a flaw in certain wallet software, not the solana blockchain itself.” OtterSec added that the transactions were signed by the actual owners, which “suggests that the private key has been compromised.” A private key is a secure code that grants the owner access to their cryptoholdings.
The identity of the attacker is still unknown, as is the root cause of the exploit. The violation continues.
“Engineers from several ecosystems, with the help of several security firms, are investigating empty wallets on Solana,” according to the Status of SolanaTwitter account that shares updates to the entire Solana network.
The solana network strongly encourages users to use hardware wallets as there is no evidence that they have been affected.
“Don’t reuse your seed in a hardware wallet – create a new seed. Empty wallets should be considered compromised and abandoned.” reads one tweet. Seed phrases are a set of random words generated by a crypto wallet when it is first set up, and it provides access to the wallet.
The private key is unique and links the user to their address on the blockchain. The seed phrase is a fingerprint of all the assets of the user’s blockchain, which is used as a backup in case the crypto wallet is lost.
The Solana network was considered one of the most promising newcomers to the crypto market, with proponents such as Chamath Palihapitiya and Andreessen Horowitz touting it as a contender for Ethereum with faster transaction processing times and improved security. But lately it has run into a number of issues, including downtime during periods of activity and the perception of being more centralized than Ethereum.