Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime
Cryptohack Roundup: FTX Updates
Also: Bitcoin Fog Case Testimony; Axie Infinity Co-Founder HackEvery week, ISMG rounds up cybersecurity incidents in digital assets. This week, progress was made in the FTX case, a hacker testified in the Bitcoin Fog case, an Axie Infinity co-founder and a MicroStrategy account were hacked, the KyberSwap hacker moved funds, the EU has a new AMLA office, and Aleo was breached.
See Also: OnDemand | NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation
FTX Updates
Bankrupt crypto exchange FTX resolved a lawsuit seeking to claw back the $33 million it spent in 2020 and 2021 in acquiring Swiss startup Digital Assets DA AG, which it later renamed it FTX Europe. DA AG founders Patrick Gruhn and Robin Matzke agreed to reacquire the company for $32.7 million, Reuters reported. A July lawsuit filed in the U.S. Bankruptcy Court in Wilmington, Deleware by the estate, attempting to return funds to defrauded customers, asserted that acquisition was a "massive overpayment" made with customer funds. The startup "had little more than a business plan and was 'not up and running yet' at the time of the acquisition, according to FTX's complaint, Reuters reported. FTX assessed that no other buyer would be willing to acquire the fledgling subsidiary.
A bankruptcy judge also reportedly approved FTX's request to sell its nearly 8% stake in AI startup Anthropic, into which FTX and sister investment firm Alameda invested $500 million in 2021. Anthropic was reportedly valued at $18 billion in December.
Separately, the defense team of former disgraced FTX CEO Sam Bankman-Fried argued for a prison sentence ranging from 63 to 78 months. The defense's sentencing memorandum report labeled the government's recommendation of a 100-year sentence "grotesque" and asked the judge to consider Bankman-Fried's upbringing, morality and philanthropy. "Sam is not motivated by greed," the defense asserted. It also said that his autism diagnosis would make him "uniquely vulnerable in a prison population."
Bitfinex Hacker Testifies in Bitcoin Fog Case
Ilya Lichtenstein, who pleaded guilty to money laundering charges and executing the 2016 Bitfinex hack, testified as a cooperating witness against Roman Sterlingov and Bitcoin Fog, Bloomberg reported. Prosecutors accuse Sterlingov of operating the darknet mixing service Bitcoin Fog, which allegedly received tens of millions of dollars from illegal drug trafficking marketplaces. Lichtenstein reportedly said he had used Bitcoin Fog up to 10 times to launder some of the stolen Bitfinex funds. Sterlingov's defense argued that there is insufficient evidence, such as eyewitness accounts and server logs, linking their client to running the mixer.
Axie Infinity Co-Founder Hacked
Jeffrey Zirlin, who co-founded Sky Mavis, the company that created the Axie Infinity game, said two of his personal wallets had been hacked. He said the theft did not affect Ronin Network, which in 2022 was the victim of one of the biggest hacks in the crypto space. Blockchain security firm PeckShield said that a wallet containing approximately 3,248 ether, which is equivalent to about $9.7 million, had been compromised. The stolen funds were transferred from the Ronin Bridge to the crypto mixer Tornado Cash. Zirlin said the attack was limited to his personal accounts and had no effect on the validation or operations of the Ronin chain. The leaked keys were unrelated to Sky Mavis operations, he added.
MicroStrategy Suffers Phishing Attack
The social media account on X, formerly Twitter, of MicroStrategy fell victim to a hacking incident, resulting in the posting of malicious links related to a phony airdrop for an ethereum-based crypto token, crypto sleuth Spreek reported. When users clicked on these links, they were redirected to a counterfeit MicroStrategy webpage that prompting them to connect their wallets and claim the fraudulent MSTR airdrop. By accepting a series of permissions in their Web3 wallets, users unwittingly allowed the attackers to drain tokens from their wallets. The scam has already caused losses exceeding $440,000, blockchain investigator ZachXBT said.
KyberSwap Hacker Moves Funds
The hacker responsible for the KyberSwap decentralized exchange attack has been transferring substantial assets across different blockchains. Blockchain analytics firm PeckShield observed movements from the attacker’s wallet address and said they had bridged 798.8 ether, valued at nearly $2.5 million, from Arbitrum to the Ethereum network. The hacker also shifted almost $1 million in stablecoins. Another wallet linked to the exploiter transferred $826,500 of Dai stablecoin to a different wallet. The $49 million attack in November is one of the largest hacks of 2023.
Frankfurt to House EU's Anti-Money Laundering Authority
The European Union's new Anti-Money Laundering Authority will establish its headquarters in continental financial hub Frankfurt and commence operations by the middle of next year. The organization will oversee "high-risk and cross-border financial entities," including crypto firms, especially those operating across borders or deemed high-risk. It will collaborate with financial intelligence units and regulators across EU nations. The alternative locations considered for the headquarters included Brussels, Dublin, Madrid, Paris, Rome, Riga, Vilnius and Vienna. The AMLA's general board will consist of representatives from regulators and financial intelligence units of all EU member states, and the executive board will comprise the chair and five independent full-time members.
Aleo Is Breached
Decentralized blockchain platform Aleo inadvertently exposed sensitive information about some users, Cointelegraph reported. The platform, which specializes in zero-knowledge cryptography, mistakenly sent KYC documents to user emails. These documents included selfies and ID card photos of other individuals. At least two users confirmed this incident, the news platform said.