- The first three days of August have been beset by a multitude of negative stories in the land of crypto.
- Hackers stole millions of dollars worth of tokens from investors, while the Securities and Exchange Commission is clamping down on crypto Ponzi schemes.
- The developments add to an already torrid year for the crypto market, which has seen huge declines as fears around tightening monetary policy set in.
It has been a rough month for the crypto sector, and it’s only the third day of August.
From cross-chain bridge hacks draining hundreds of millions of dollars in customer funds to the Securities and Exchange Commission coming after crypto Ponzi schemes, this corner of the market can’t catch a break.
The developments add to an already torrid year for the crypto market, which has seen huge declines as fears around tightening monetary policy and a lack of liquidity set in.
The flood of news is difficult for even insiders to track, so here’s a rundown of what you’ve missed since Monday.
The Securities and Exchange Commission on Monday filed a civil complaint charging 11 people in the creation and promotion of an allegedly fraudulent crypto-focused pyramid scheme that raised more than $300 million from investors.
The scheme, called Forsage, claimed to be a decentralized smart contract platform, allowing millions of retail investors to enter into transactions via smart contracts that operated on the ethereum, tron and binance blockchains. The SEC alleges that for more than two years, the setup functioned like a standard pyramid scheme, in which investors earned profits by recruiting others into the operation.
In the SEC’s formal complaint, Wall Street’s top watchdog calls Forsage a “textbook pyramid and Ponzi scheme,” in which Forsage aggressively promoted its smart contracts through online promotions and new investment platforms, all while not selling “any actual, consumable product.” The complaint adds that “the primary way for investors to make money from Forsage was to recruit others into the scheme.”
The SEC said Forsage operated a typical Ponzi structure, wherein it allegedly used assets from new investors to pay earlier ones.
“As the complaint alleges, Forsage is a fraudulent pyramid scheme launched on a massive scale and aggressively marketed to investors,” Carolyn Welshhans, acting chief of the SEC’s Crypto Assets and Cyber Unit, wrote in a news release.
“Fraudsters cannot circumvent the federal securities laws by focusing their schemes on smart contracts and blockchains.”
Forsage, through its support platform, declined to provide a method for contacting the company and did not offer comment.
Four of the 11 people charged by the SEC are founders of Forsage. Their current whereabouts are unknown, but they were last known to be living in Russia, the Republic of Georgia and Indonesia.
Three of the 11 people are U.S.-based individuals charged as promoters who endorsed Forsage on their social media platforms: Samuel D. Ellis, of Louisville, Kentucky, Mark F. Hamlin, of Henrico, Virginia, and Sarah L. Theissen, of Hartford, Wisconsin. Ellis and Theissen, neither of whom admitted nor denied the allegations, agreed to settle the charges, subject to court approval.
Forsage was launched in January 2020. Regulators around the world have tried a couple of times to shut it down. Cease-and-desist actions were brought against Forsage first in September 2020 by the Securities and Exchange Commission of the Philippines. In March 2021, Montana’s commissioner of securities and insurance tried the same. Despite this, the defendants allegedly continued to promote the scheme while denying the claims in several YouTube videos and by other means.
Crypto startup Nomad lost almost $200 million in a devastating security exploit. Nomad is known as a “bridge,” where users can transfer tokens from one blockchain to another. Hackers exploited a security flaw that let users enter any value into the system and siphon off the funds, even if there weren’t enough assets available in Nomad’s deposit base.
The nature of the bug meant that users didn’t need any programming skills to exploit it. Others caught on and deployed armies of bots to carry out copycat attacks.
“Without prior programming experience, any user could simply copy the original attackers’ transaction call data and substitute the address with theirs to exploit the protocol,” said Victor Young, founder and chief architect of crypto startup Analog.
“Unlike previous attacks, the Nomad hack became a free-for-all where multiple users started to drain the network by simply replaying the original attackers’ transaction call data.”
Blockchain bridges are a popular way of moving tokens off networks such as ethereum, which has gained a reputation for slow transaction times and high fees, into cheaper, more efficient blockchains. But sloppy programming choices have made them a prime target for hackers seeking to swindle investors out of millions. More than $1 billion worth of crypto has been lost to bridge exploits so far in 2022, according to blockchain analysis firm Elliptic.
“I can only hope that developers and projects will learn that they are running a critical piece of software,” Adrian Hetman, tech lead at Web3 security firm Immunefi, told CNBC.
“They need to keep the security first, be security first at every business decision because they are dealing with people’s money; a lot of that money is locked in those contracts.”
Nomad said it’s working with crypto security firm TRM Labs and law enforcement to trace the movement of funds, identify the perpetrators behind the attack and return stolen tokens to users.
“Nomad is committed to keeping its community updated as it learns more in the coming hours and days and appreciates all those who acted quickly to protect funds,” the company said in the statement.
Saylor has been the CEO since he launched the company in 1989. MicroStrategy went public in 1998.
MicroStrategy’s stock is down over 48% this year. Bitcoin is down over 51% during that same time period.
“I believe that splitting the roles of Chairman and CEO will enable us to better pursue our two corporate strategies of acquiring and holding bitcoin and growing our enterprise analytics software business,” Saylor said in a news release. “As Executive Chairman I will be able to focus more on our bitcoin acquisition strategy and related bitcoin advocacy initiatives, while Phong will be empowered as CEO to manage overall corporate operations.”
The news came as the company announced its second-quarter earnings, in which its total revenues dropped by 2.6% compared with a year ago. The company also reported an impairment charge of $918 million on the value of its digital assets, presumably primarily bitcoin.
MicroStrategy may technically be in the business of enterprise software and cloud-based services, but Saylor has said the publicly traded company doubles as the first and only bitcoin spot exchange-traded fund in the U.S.
“We’re kind of like your nonexistent spot ETF,” Saylor told CNBC on the sidelines of the Bitcoin 2022 conference in Miami in April.
Late Tuesday, early Wednesday
And then on Tuesday night, unknown attackers came after hot wallets connected to the solana blockchain.
Nearly 8,000 digital wallets have been drained of just over $5.2 million in digital coins, including solana’s sol token and USD coin, according to blockchain analytics firm Elliptic. The Twitter account Solana Status confirmed the attack, noting that as of Wednesday morning, approximately 7,767 wallets have been affected by the exploit. Elliptic’s estimate is slightly higher at 7,936 wallets.
Solana’s sol token, one of the largest cryptocurrencies after bitcoin and ether, fell about 8% in the first two hours after the hack was initially detected, according to data from CoinMarketCap. It’s currently down about 1%, while trading volume is up about 105% in the last 24 hours.
Starting Tuesday evening, multiple users began reporting that assets held in “hot” wallets — that is, internet-connected addresses, including Phantom, Slope and Trust Wallet — had been emptied of funds.
Phantom said on Twitter that it’s investigating the “reported vulnerability in the solana ecosystem” and doesn’t believe it’s a Phantom-specific issue. Blockchain audit firm OtterSec tweeted that the hack has affected multiple wallets “across a wide variety of platforms.”
Elliptic chief scientist Tom Robinson told CNBC the root cause of the breach is still unclear, but “it appears to be due to a flaw in certain wallet software, rather than in the solana blockchain itself.” OtterSec added that the transactions were being signed by the actual owners, “suggesting some sort of private key compromise.” A private key is a secure code that grants the owner access to their crypto holdings.
The identity of the attacker is still unknown, as is the root cause of the exploit. The breach is ongoing.
“Engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on solana,” according to Solana Status, a Twitter account that shares updates for the entire solana network.
The solana network is strongly encouraging users to use hardware wallets, since there’s no evidence those have been impacted.
“Do not reuse your seed phrase on a hardware wallet — create a new seed phrase. Wallets drained should be treated as compromised, and abandoned,” reads one tweet. Seed phrases are a collection of random words generated by a crypto wallet when it is first set up, and it grants access to the wallet.
A private key is unique and links a user to their blockchain address. A seed phrase is a fingerprint of all of a user’s blockchain assets that is used as a backup if a crypto wallet is lost.
The solana network was viewed as one of the most promising newcomers in the crypto market, with backers such as Chamath Palihapitiya and Andreessen Horowitz touting it as a challenger to ethereum with faster transaction processing times and enhanced security. But it’s been faced with a spate of issues lately, including downtime in periods of activity and a perception of being more centralized than ethereum.
Correction: This story has been updated to name the three defendants the SEC is charging as U.S.-based promoters who endorsed Forsage on their social media platforms. A previous version incorrectly said these defendants were not named in the SEC’s press release that announced the charges.