GM, and welcome to RollCall by Rollfi!
Catch up on the past week in crypto in 10 mins or less. Here's what we're covering today:
- A week of hacks 🧑💻
- Other stories from the week 📰
A WEEK OF HACKS
The past week has seen several hacks across the crypto space.
First, on Thursday evening, the Binance Smart Chain was hacked for over $560M. The attacker was only able to make off with $100M of that total, thanks to the swift actions of the Binance community.
For those unfamiliar with the Binance ecosystem, aside from running the largest crypto exchange by volume, Binance has two main blockchains which serve as the home of its BNB currency. To transfer between the two chains, there is a bridge called the BSC Token Hub.
The hacker was able to create forged messages that made the BSC Token Hub mint new BNB tokens. All in, the hack created two mints of 1 million BNB, 2 million total, worth over $560M.
In a Reddit post, Binance confirmed that the community of validators quickly coordinated to suspend transactions on Binance Smart Chain. Because transactions were suspended, the hacker was only able to make off with $100M - $110M of the newly minted BNB.
For a more technical look at the hack, @samczsun on Twitter wrote a great thread detailing how the attacker may have done it.
Five hours ago, an attacker stole 2 million BNB (~$566M USD) from the Binance Bridge. During that time, I've been working closely with multiple parties to triage and resolve this issue. Here's how it all went down.
— samczsun (@samczsun)
Oct 6, 2022
Then, just yesterday, several other exploits happened across DeFi protocols. The largest of these was an exploit on a the decentralized exchange (DEX) called Mango.
Mango allows users to trade on margin. However, due to low trading volume of it's native MNGO token, a user was able to manipulate the price of the asset using two different accounts with $5M USDC in each account to go short and then long MNGO. All in, the user was able to make unrealize gains of over $420M but was only able to withdraw ~$116M due to lack of liquidity on Mango.
For a more in-depth look at this, @Joshua_j_lim breaks it down:
1/ this is how I think the mango attack played out, please let me know if I got anything wrong:
at 6:19 PM ET, attacker funded acct A (CQvKS...) with 5mm USDC collateral
— Joshua Lim (@joshua_j_lim)
Oct 12, 2022
Now, the hacker has made a governance proposal on Mango to pay the hacker a large bug bounty sum, not pursue any criminal investigations, and repay all bad debt from the Mango treasury. Of course, the vote is done with MNGO tokens and the hacker has all of the tokens they received from the exploit, so we can guess which way the vote will go:
MORE FROM AROUND THE WEB(3)
Google Partners With Coinbase to Accept Crypto Payments for Cloud Services - The tech giant will begin accepting crypto next year and will use Coinbase's custody service.
While we're talking about Coinbase, Tim Ferris sat down with Coinbase CEO Brian Armstrong to discuss the company's new documentary, the origins of the company, and more interesting topics.
Celsius’ Top Execs Cashed Out $17M in Crypto Before Bankruptcy - This news comes as court documents of thousands of Celsius customers and their holdings have been released to the public, showing exactly how much each customer was unable to withdraw from the platform.
SEC Charges Kim Kardashian for Unlawfully Touting Crypto Security - The mega star was fined $1.26M for promoting EthereumMax (EMAX) tokens on her Instagram page for payment. Interestingly enough, the SEC is calling EMAX a security, which is raising some larger concerns for those in the crypto space.
Speaking of calling tokens securities, the SEC is now probing Yuga Labs on its issuance of NFTs and Tokens.
SushiSwap's new CEO has been the subject of some pretty serious and disturbing allegations this week. The new 'Head Chef' took to Twitter to clear up all of the allegations though as they are seemingly untrue (we hope so).
Meta has announced their new VR headset, the Meta Quest Pro. The new headset costs $1,499 but Meta CEO Mark Zuckerberg is excited about its implications for the 'metaverse' as he outlined in his Instagram post yesterday.
- margin - the money borrowed from a broker to purchase an investment and is the difference between the total value of an investment and the loan amount. (Investopedia)
- validators - nodes on a blockchain that validate transactions to maintain integrity of the blockchain (PCMag)
At Rollfi, we're building the payroll & HR platform for the modern workforce.
Our platform can enable your business to seamlessly pay your teams in both cash & crypto. And your company doesn't need to have any crypto to make it happen.
Want to see the platform in action? Click the link below to book a live demo with our founding team. We're super excited to share what we've built and get feedback on how we can improve the customer experience.