Cryptohack Roundup: Q2 DeFi Hacks, FTX and SBFAlso: CFTC Charges California Company Justby and Its CEO
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. This week, hacks and scams cost DeFi platforms $204 million in Q2 2023, FTX debtors released a second bankruptcy report and a judge denied dismissal of charges against Sam Bankman-Fried. Also, JokerSpy infiltrated a Japanese exchange, a California crypto company and its CEO are in the CFTC's crosshairs in an alleged pig-butchering case, the IMF said a crypto ban will not curb risk, Binance reportedly rolled back its decision to delist privacy coins in Europe, and EU lawmakers agreed on capital requirements for banks holding crypto.
Q2 DeFi Hacks
Hackers and scammers stole more than $204 million from decentralized finance platforms in the second quarter of 2023, Web3 portfolio app De.Fi said Wednesday in a report. The number initially stood at over $208.5 million, but $4.5 million was recovered through prosecutions, deals with hackers and other recovery methods, it said.
Hackers preferred to steal most of the funds - $75.8 million - by gaining unauthorized control of crypto wallets. The second most common method was exploits, totaling $55.3 million.
The value of the stolen funds in the period soared nearly sevenfold year-over-year. The number of incidents increased from 17 to 117 in the corresponding period in 2022.
In the first half of 2023, hackers stole $665 million from DeFi platforms alone, De.Fi said. CertiK pegged the value of funds stolen from DeFi hacks and scams in Q1 at around $320 million (see: Sharp Decline in Crypto Hacks in Q1 2023 Unlikely to Last).
FTX's Bankruptcy Report; Judgment in SBF Case
Now-defunct crypto exchange FTX owed customers about $8.7 million, an investigative report, detailing the company's commingling and misuse of customer deposits, says. John J. Ray III, CEO and the new chief restructuring officer of the FTX Debtors, aka its new management, said, "From the inception, the FTX Group commingled customer deposits and corporate funds and misused them with abandon at the direction and by the design of previous senior executives." The latest report is similar to one released in April, which detailed control failures by FTX Group's previous management team in critical areas including finance and accounting, digital asset management, information security and cybersecurity. The FTX debtors expect to publish the third report of the series in August.
Meanwhile, District Judge Lewis Kaplan of the U.S. District Court for the Southern District of New York on Tuesday denied Sam Bankman-Fried's motion to dismiss or sever most of the criminal charges against him, calling the motions "moot or without merit." Bankman-Fried faces a maximum of more than 100 years in prison if convicted on all charges, including fraud related to misappropriation of customer funds. Currently under house arrest, Bankman-Fried is scheduled to stand trial in October.
JokerSpy Backdoor Infiltrates Japanese Exchange
An unknown threat actor deployed an Apple macOS backdoor dubbed JokerSpy to infiltrate an undisclosed Japanese cryptocurrency exchange. Researchers at Elastic Security Labs named the "active intrusion" REF9134. They said hackers appear to have installed Swiftbelt, a Swift-based enumeration tool inspired by an open-source utility called Seatbelt. The "sophisticated" toolkit designed to breach macOS systems ran programs written in Python and Swift and had the capability to gather data and execute arbitrary commands on compromised hosts. The report does not specify the impact on the Japanese crypto exchange but says a detailed report is in the works.
California Crypto Company & CEO in CFTC Crosshairs
The U.S. Commodity Futures Trading Commission on Thursday filed a civil enforcement action against California resident Cunwen Zhu and his company, Justby International Auctions, for allegedly misappropriating more than $1.3 million of its customer funds. This is the agency's first case involving a growing crypto romance scam called pig butchering, in which fraudsters develop an online relationship with the victims, primarily through social media platforms, and convince them to participate in fake financial schemes. The company and its CEO allegedly misappropriated the funds from 29 customers from April 2021 through March 2022, the CFTC said, seeking restitution for the victims, disgorgement of ill-gotten gains, civil monetary penalties, trading bans and a permanent injunction against further violations of the Commodity Exchange Act and CFTC regulations (see: 'Pig Butchering' Online Scam Sweeping English Speakers).
IMF on Crypto Ban
The International Monetary Fund does not believe that banning crypto is the most effective way to manage risks associated with the digital asset in the long term. Discussing central bank digital currencies in Latin America and the Caribbean, the IMF said that the region should focus on "improving transparency by recording crypto asset transactions in national statistics" and focus on mitigating risk while "leveraging the potential benefits of the technological innovation associated with crypto assets."
Binance's Decision to Delist Privacy Coins Rolled Back
Binance reportedly rolled back its decision to delist all privacy coins from France, Italy, Poland and Spain. It will instead change how it classifies privacy coins, which allows the company to continue to list Decred, Dash, Zcash, PIVX, Navcoin, Secret and Verge but restrict trading in some other coins such as Beam, Monero, MobileCoin, Firo and Horizen, the company told The Block. "After carefully considering feedback from our community and several projects, we have revised how we classify privacy coins on our platform to comply with EU-wide regulatory requirements,” a Binance spokesperson told the publication.
Capital Requirements for EU Banks Holding Crypto
The European Union is set to help banks holding crypto manage risk. Lawmakers on Tuesday agreed to implement capital requirements for financial institutions holding digital assets until the Basel Committee - the primary global standard setter for banks - finalizes reforms for the Web3 industry. The capital requirements aim "to make sure that banks will have to disclose their exposure to crypto assets," the committee said. The European Parliament Committee on Economic and Monetary Affairs said details of the measure will follow.