Blockchain & Cryptocurrency
,
Cryptocurrency Fraud
,
Fraud Management & Cybercrime
Also: 2023 Crypto Crime Stats, Multichain’s Potential Liquidation
Every week, ISMG rounds up cybersecurity incidents in digital assets. This week: Binance laid off two-thirds of its staff and exited Nigeria, Chainalysis reported 2023 crime statistics, Fantom will seek Multichain’s liquidation. Hackers stole $8.8M and $6M from WOOFI and Seneca, respectively. Hong Kong blocked six fake websites.
See Also: User Entity & Behavior Analytics 101: Strategies to Detect Unusual Security Behaviors
Binance Layoffs
The American arm of crypto exchange Binance laid off more than 200 employees – two-thirds of its workforce – due to a 75% decline in revenue. The U.S. Securities and Exchange Commission lawsuit against the company in June impacted trading volumes and overall business, said Christopher Blodgett, Binance.US chief operating officer, said during a December deposition released Tuesday. The SEC’s temporary restraining order prompted an immediate exodus of $1 billion in crypto and fiat assets from the platform, further exacerbating the revenue drop. Binance.US also faced difficulties finding new banking partners due to regulatory scrutiny. Binance late last year settled a separate lawsuit from the U.S. Commodity Futures Trading Commission by agreeing to pay $2.7 billion. The SEC accuses Binance, Binance.US and founder Changpeng Zhao of violating securities laws. Zhao has also pleaded guilty to violating the Bank Secrecy Act and stepped down from his leadership roles.
Binance on Nigeria’s Radar
Binance is exiting the Nigerian market and discontinuing its services involving the Nigerian fiat currency naira. It will suspend naira withdrawals from March 8 and any naira balance in Binance wallets after the deadline will be converted to the Tether stablecoin, the company said. The move comes on the heels of the Nigerian House of Representatives Committee on Financial Crimes reportedly summoning Binance CEO Richard Teng to address suspicions of terrorism financing and money laundering. The committee, led by Ginger Onwusibe, issued an ultimatum for Binance management to appear before them by March 4.
Crypto Crime Report
Darknet markets were a significant source of illicit transactions in the crypto industry in 2023, raking in $1.7 billion in revenue and marking a rebound from the previous year, when authorities dismantled the once-dominant Hydra marketplace, Chainalysis said. Although no single marketplace has obtained the heft and scope of Hydra, smaller platforms thrived by catering to specific niches and adopting specialized roles. The Mega Darknet Market led the pack with more than $500 million in crypto inflows. Darknet market revenues have not yet reached the peak levels observed during Hydra’s reign (see: Hydra Aftermath: Where Do Criminals Lurk Now?).
Fantom Foundation to Seek Liquidation of Multichain
Decentralized finance platform Fantom Foundation said it will seek the liquidation of the Multichain Foundation, after obtaining a default judgment against Multichain in a Singapore court. Approximately one-third of the $210 million exploited from the cross-chain protocol Multichain bridge last July came from Fantom’s ecosystem. Following this ruling from the High Court of Singapore, the Singaporean court is expected to appoint a liquidator who will assess the damages incurred by Fantom due to Multichain’s security breach and facilitate the recovery and distribution of the missing or frozen assets. Fantom has also proposed a class action lawsuit against Multichain, allowing affected users to participate in seeking redress.
$8.8M WOOFi Hack
Decentralized finance platform WOOFi experienced an $8.75 million exploit on the Arbitrum network. The attack occurred when an unidentified hacker manipulated WOOFi’s Synthetic Proactive Market Making algorithm using flash loans. The company suspended the WOOFi Swap smart contracts to prevent further losses and offered the attacker a 10% white hat bounty for the return of the stolen funds.
$6M Seneca Hack
Hackers stole $6 million from the Seneca stablecoin protocol across the Ethereum and Arbitrum networks by exploiting a bug in the protocol’s smart contract approval mechanisms, BlockSec said. Seneca’s contracts lacked code that would allow the team to pause them. Instead, users had to revoke permissions. The hacker transferred the stolen assets, totaling more than 1,900 ETH, from the project’s contract to external addresses. The Seneca team asked users to revoke previously granted permissions to prevent further unauthorized transactions.
Hong Kong Blocks More Fake Websites
Hong Kong’s financial regulator blocked fake websites posing as major local cryptocurrency exchanges. The counterfeit domains impersonated two licensed exchanges in Hong Kong: OSL Digital Securities and Hash Blockchain Limited, also known as HashKey. The SFC took action against a total of six websites: hskexpro.com
, hskex.com
, hskexs.com
, hskexit.com
, oslexu.com
and oslint.com
. Users reporting difficulties in fund withdrawals and excessive fees and commissions. In collaboration with the Hong Kong Police Force, the Securities and Futures Commission added the new websites to its alert list, which includes crypto exchanges like MEXC.