investigation

IRS tax bill will swipe creditors of any ‘meaningful recovery,' says FTX

FTX Trading said the firm “never earned anything anywhere near the amount” that would justify a $24 billion tax bill.

A proposed $24 billion tax bill from the United State IRS will likely suck up any “meaningful recovery” that was meant for victims of FTX, according to the bankrupt crypto exchange.

The United States tax authority has been trying to chase tax arrears from the crypto exchange and its sister firm Alameda Research since May this year. The IRS initially claimed $44 billion across 45 separate claims against FTX and its subsidiaries in May. 10, but recently brought that number down to $24 billion.

However, in a Dec. 10 filing to a Delaware-based bankruptcy court, FTX said the claims put forth by the Internal Revenue Service were “meritless” and would also impact the funds meant to reimburse impacted FTX users.

IRS tax bill will swipe creditors of any ‘meaningful recovery,’ says FTX

FTX Trading said the firm “never earned anything anywhere near the amount” that would justify a $24 billion tax bill.

A proposed $24 billion tax bill from the United States Internal Revenue Service (IRS) will likely suck up any “meaningful recovery” that was meant for victims of FTX, according to the bankrupt crypto exchange.

The United States tax authority has been trying to chase tax arrears from the crypto exchange and its sister firm, Alameda Research, since May. The IRS initially claimed $44 billion across 45 separate claims against FTX and its subsidiaries on May 10 but recently brought that number down to $24 billion.

However, in a Dec. 10 filing in the U.S. Bankruptcy Court for the District of Delaware, FTX said the claims put forth by the IRS were meritless and would also impact the funds meant to reimburse affected FTX users.

FTX and Alameda Research cash out $10.8M to Binance, Coinbase, Wintermute

The latest transfer was spread across eight tokens: StepN (GMT), Uniswap (UNI), Synapse (SYN), Klaytn (KLAY), Fantom (FTM), Shiba Inu (SHIB), Arbitrum (ARB) and Optimism (OP).

Wallets linked to defunct crypto trading firms FTX and Alameda Research moved $10.8 million to accounts in Binance, Coinbase and Wintermute using eight cryptocurrencies.

Blockchain analysis firm Spot On Chain spotted the movement, estimating that the defunct entities have transferred $551 million since Oct.

#FTX and #Alameda moved out $10.8M worth of 8 assets to #Wintermute, #Binance, and #Coinbase in the past 11 hrs:

10M $GMT ($2.58M)
407K $UNI ($2.41M)
5.23M $SYN ($2.25M)
8.76M $KLAY ($1.64M)
3.87M $FTM ($1.18M)
77.77B $SHIB ($644K)
and small amounts of $ARB and $OP.

Note… https://t.co/UZkn8bmQ89 pic.twitter.com/0jb5ZMHvC7

— Spot On Chain (@spotonchain) December 1, 2023

The latest transfer of $10.8 million was spread across eight tokens: $2.58 million in StepN’s GMT (GMT), $2.41 million in Uniswap’s UNI (UNI), $2.25 million in Synapse’s SYN, $1.64 million in Klaytn’s KLAY, $1.18 million in Fantom’s FTM (FTM), $644,000 in Shiba Inu (SHIB) and small amounts of Arbitrum’s ARB and Optimism’s OP.

On Oct. 24, the FTX and Alameda wallets transferred $10 million to a single wallet address, which was later redistributed to Binance and Coinbase accounts. 1, a similar transaction occurred between the parties involving $13.1 million being moved to Binance and Coinbase accounts.

The funds’ movement dates back to March, when FTX and Alameda began the process of recovering assets for investors.

Binance launches internal investigation following KYC bypass rumors

Following allegations that Binance employees and volunteers have helped users bypass KYC protocols, the crypto exchange says it is launching an internal investigation.

A recent CNBC investigation claimed that Binance employees and volunteers were assisting Chinese users in bypassing Know Your Customer (KYC) and other security protocols.

Speaking to Cointelegraph, a spokesperson from Binance stated that employees are “explicitly forbidden” from supporting users in circumventing any laws or policies. The spokesperson also said the company is taking action following the recent allegations.

“We have launched an investigation into employees who may have violated our internal policies including wrongly soliciting or making recommendations that are not allowed or in line with our standards.”

They went on to say that Binance has implemented “advanced detection tools” that allow the exchange to crack down on users in restricted jurisdictions, along with actively blocking VPNs from said areas.

According to the exchange, it is “extraordinarily rare” for workarounds to be possible. Binance claims to have “multiple manual and AI-driven processes” that help prevent users from bypassing critical security procedures.

“Furthermore, users who are found to have used any sort of workaround to avoid local law are restricted immediately.”

Changpeng Zhao, the founder and CEO of Binance, has made no comment on the situation at the time of writing, despite his regular commentary on social media. Previously, Zhao took to Twitter to address rumors that had spread via the Chinese messaging platform WeChat.

Prior to this incident, Binance had announced in February that it would delist low-trade-volume nonfungible tokens that were listed before the implementation of its new KYC rules.

In October 2022, the exchange was hit with allegations that it had “swerved scrutiny” from regulators in the United States and the United Kingdom.

Previously, Binance has been open about its employee policies. In January, the exchange confirmed that its employees must adhere to a 90-day period prior to trading any digital assets to prohibit insider trading.

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

Euler Finance hacker sends 100 ETH to red-flagged North Korean address

While Chainalysis suspected the involvement of North Korea in the Euler Finance hack, it highlighted the possibility of misdirection by other hackers.

Ever since Euler Finance fell victim to the biggest decentralized finance (DeFi) hack of 2023, the crypto community closely followed the $197 million loot on-chain — hoping to track down the attacker. Out of the series of transfers made by the hacker, one transaction of 100 Ether (ETH) was allegedly sent to an address associated with North Korea-linked actors.

Blockchain investigator Chainalysis identified that 100 ETH from Euler’s stolen funds was transferred to an address flagged in an older hack with links to North Korea.

100 ETH stolen in Monday’s #Euler Finance hack have moved to an address associated with a previous hack carried out by #NorthKorea-linked actors. This may mean the Euler hack is the work of #DPRK too, or could be misdirection by other hackers. We’ll share more details as possible https://t.co/DxvGsc90Z8 pic.twitter.com/5QPphNTyYY

— Chainalysis (@chainalysis) March 17, 2023

The hacker also transferred 3,000 ETH to Euler’s deployer account without disclosing their intent. However, no other transfers were made after that at the time of writing. In both cases, it was unclear whether the hacker was trolling or if they genuinely considered accepting Euler Finance’s bounty reward of $20 million.

While Chainalysis suspected the involvement of North Korea in the Euler Finance hack, it highlighted the possibility of misdirection by other hackers.

Euler Labs CEO Michael Bentley shared his displeasure with the $197 million hack as he revealed that ten separate audits conducted over two years assured its security.

Euler has always been a security-minded project. The Euler smart contracts, including the vulnerable lines of code, were audited.https://t.co/SvNeoKEGuY

— Michael Bentley (@euler_mab) March 16, 2023

As Cointelegraph previously reported, blockchain security firms, including Halborn, Solidified, ZK Labs, Certora, Sherlock and Omnisica, conducted smart contract audits on Euler Finance from May 2021 to September 2022.

Euler Finance hacker starts returning stolen Ether

Chances that the hacker will return the entire loot of $197 million remain slim, as no more outbound transactions — other than the 3,000 ETH — were recorded at the time of writing.

The recent attack that drained $197 million from Euler Finance was dubbed the biggest decentralized finance (DeFi) hack of 2023 so far. However, this may not hold for much longer as the hacker reportedly had a change of heart.

On March 18, roughly 3,000 Ether (ETH) ($5.4 million) were returned to Euler Finance’s deployer address from the Euler Finance hacker’s address. Blockchain investigator PeckShield identified three transactions that were used to send the funds.

https://t.co/4OBksAu9od pic.twitter.com/Zb3MIyex2f

— PeckShield Inc. (@peckshield) March 18, 2023

Cointelegraph confirmed that the hacker transferred 1,000 ETH per transaction to Euler’s deployer account. However, chances that the hacker will return the entire loot of $197 million remain slim, as no more outbound transactions were recorded at the time of writing.

On March 16, Euler Finance announced a $1 million reward to track down the hacker and retrieve the funds.

Today the Euler Foundation is launching a $1M reward in the hope that this provides additional incentive for information that leads to the Euler protocol attacker’s arrest and the return of all funds extracted by the attacker.

— Euler Labs (@eulerfinance) March 15, 2023

The exploiter was able to drain $197 million through multiple transactions and later used a multichain bridge to transfer the funds from the BNB Chain to Ethereum.

Soon after a $1 million bounty was announced, the stolen funds were moved into the crypto mixer Tornado Cash.

#PeckShieldAlert @eulerfinance exploiter on the move
~1,000 $ETH into Tornado Cash through intermediary address 0xc66d…c9ahttps://t.co/LAkY66YpoF pic.twitter.com/0XhQV1nbgn

— PeckShieldAlert (@PeckShieldAlert) March 16, 2023

Euler Finance demanded that the hacker return 90% of the funds within 24 hours to avoid possible jail time.

USDC investor shells out $2M to receive $0.05 USDT trying to evade crash

While the crypto market responded with a massive sell-off, not all USDC investors were lucky enough to walk away with their funds amid the uncertainty.

Soon after Circle revealed that Silicon Valley Bank did not transfer $3.3 billion of its USD Coin (USDC) reserves, the market responded with a massive sell-off — depegging the stablecoin from the U.S. dollar. However, not all investors were lucky enough to walk away with their funds amid the uncertainty.

To cut losses, investors started selling their USDC tokens in exchange for other stablecoins, such as Tether (USDT). Unfortunately, one transaction highlighted by Crypto Twitter member, BowTiedPickle, shows a USDC investor paid over $2 million to receive $0.05 of USDT.

With USDC insolvency fears rampant, users are fleeing to safety in other stables. Not all of them are going to make it there in one piece, however.

Here’s how one unlucky user paid $2,080,468.85 to receive $0.05 of USDT. pic.twitter.com/R8YdudWfsV

— BowTiedPickle.eth | Solidity Shipper (@BowTiedPickle) March 11, 2023

On-chain investigations revealed that the user had stored the assets in a liquidity pool (LP) — a popular method to earn passive income in cryptocurrencies. The user could have sold his LP tokens for USDT for a 6% slippage. However, they chose to go for a “questionable ” method. As explained by BowTiedPickle:

“The unfortunate soul used the KyberSwap aggregation router to dump a large clip of 3CRV (DAI/USDC/USDT) LP token into USDT.”

Given the race against time, the USDC investor forgot to set his slippage, which allows investors to set an exact price of the token for the transaction to go through. He explained the nuances that eventually led to a maximal extractable value (MEV) bot netting $2.045 million in profit after paying $45 in gas and $39,000 in MEV bribes.

*Crypto Twitter member BowTiedPickle provides an overview of how a USDC investor lost over $2 million. Source: Twitter*

The above episode highlights how human error can result in a permanent loss of funds. While cashing out USDC for fiat or other cryptocurrencies, Cointelegraph advises investors to recheck the information and methods of transfer.

Soon after Circle confirmed that $3.3 billion was stuck with Silicon Valley Bank, a resultant sell-off of USDC caused the stablecoin’s value to drop below its $1 peg.

1/ Following the confirmation at the end of today that the wires initiated on Thursday to remove balances were not yet processed, $3.3 billion of the ~$40 billion of USDC reserves remain at SVB.

— Circle (@circle) March 11, 2023

At the time of writing, USDC has lost over 10% of its value and trades at $0.8774.

Terraform Labs co-founder Do Kwon gets probed by Singaporean authorities

Local police in Singapore sent an email on Monday saying they have begun a probe connected to Do Kwon’s Terraform Labs.

Local authorities in Singapore announced they had begun a probe connected to Do Kwon’s Terraform Labs.

According to a Bloomberg report, Singaporean police sent an email on March 6, which said, “investigations have commenced in relation to Terraform Labs.” The email also added that the inquiries are “ongoing,” and Do Kwon is not currently in the city-state.

Last month, on Feb. 16, the United States Securities and Exchange Commission (SEC) accused Kwon and Terraform Labs of fraud in a new lawsuit.

Some voices in the crypto space have criticized the lawsuit as a way for the SEC to go after stablecoins with future lawsuits. Lawyers in the industry have even called the SEC’s comparisons of assets “wild.”

Meanwhile, the SEC probe uncovered that Kwon removed around 10,000 Bitcoin (BTC) from the Terra platform and the Luna Foundation Guard, which he eventually converted to fiat. In total, the SEC alleges Kwon has laundered over $100 million worth of Bitcoin since the initial collapse of the platform.

At the time of writing, Kwon has made no comment. The Terraform Labs co-founder has been active on social media throughout the scandal. However, he has not tweeted since the beginning of February.

This entire saga has its roots back in May 2022 when the Terra USD (UST) stablecoin lost its peg to the U.S. dollar. The subsequent collapse of the Terra ecosystem caused a major implosion in the digital asset market, with losses of nearly $40 billion.

Terraform Labs has also been investigated by authorities in South Korea, where a warrant was issued for Kwon’s arrest. South Korean police traveled to Serbia in their efforts to locate Kwon.

On Feb. 15, South Korean prosecutors requested a warrant to arrest a local e-commerce executive who they accused of accepting Terra (LUNA) for promoting Terra Labs.

Voyager is selling crypto assets through Coinbase, suggests on-chain data

Since Feb. 14, Voyager has sent crypto assets to Coinbase on an almost daily basis, alleges on-chain analyst Lookonchain.

Voyager Digital, the centralized finance (CeFi) platform that filed for Chapter 11 bankruptcy in July 2022, is reportedly selling assets through the Coinbase crypto exchange. On-chain data suggest that Voyager received at least $100 million in USD Coin (USDC) in three days, starting Feb. 24.

Since Valentine’s Day, Feb. 14, Voyager has sent crypto assets to Coinbase on an almost daily basis, alleges on-chain analyst Lookonchain. The investigation shows that Voyager transferred millions of dollars using a mixed bag of cryptocurrency tokens, including Ether (ETH), Shiba Inu (SHIB) and Chainlink (LINK).

1/ It seems that #Voyager is selling assets through #Coinbase.

We noticed that #Voyager has received 100M $ USDC from #Coinbase in the past 3 days.

And #Voyager has sent assets to #Coinbase almost every day from Feb 14.https://t.co/VW8o8dBQtq https://t.co/qbHt0r7VNG pic.twitter.com/kfxF6rwHFk

— Lookonchain (@lookonchain) February 26, 2023

Lookonchain revealed Voyager’s use of 23 tokens, valued at over $100 million. The image below shows a list of tokens with their value in U.S. dollars. However, Coinbase has not yet responded to Cointelegraph’s request for comment to confirm the claim’s legitimacy.

*List of tokens sold by Voyager on Coinbase. Source: Lookonchain*

Despite the sell-off, Voyager holds nearly $530 million in crypto, with the largest shares in Ether ($276 million) and Shiba Inu ($81 million).

Amid the alleged sell-off of funds, the United States Securities and Exchange Commission (SEC) objected to Binance.US’ move to acquire over $1 billion of assets belonging to Voyager.

In a Feb. 22 filing submitted to the U.S. Bankruptcy Court for the Southern District of New York, the SEC stated:

“However, the Debtors (Binance.US) have yet to demonstrate that they would be able to conduct such sales in compliance with the federal securities laws.”

The filing highlights concerns over the lawfulness and ability to undertake planned asset restructuring through the acquisition. It also questions whether Voyager debtors can recoup some of their assets following the firm’s bankruptcy.

Aussies revealed as prime targets of Israel crypto scam syndicate

Evidence found that Australians were among the top countries targeted in a sophisticated cryptocurrency investment scam network, which has suspected kingpins in Israel.

Australian residents have been identified as the primary targets of a sophisticated network of cryptocurrency call-center scammers — suspected to be run by Israel-based crime bosses.

Evidence uncovered after a full-scale raid of four Serbian call centers and 11 residences by Serbian, German, Bulgarian and Cypriot authorities found that Australians were among the top countries being targeted. The news came from a Feb. 23 report by The Australian.

The raids saw fifteen people arrested and $1.46 million in cryptocurrencies seized.

Dramatic police raids in Belgrade, Bulgaria and Cyprus, following investigations in Germany, have uncovered evidence Australia is in the top tier of countries being targeted: https://t.co/zWv7I3N5Kg pic.twitter.com/k98CPDxwz7

— The Australian (@australian) February 23, 2023

According to the report, scammers from these call centers allegedly used advertisements on social media to lure in victims and offer promising investment opportunities with lucrative returns.

Private investigation firms told the outlet that Australians were particularly sought after by scammers because of their relative wealth and a purported history of weak investigative efforts by federal and state authorities:

“Australia’s wealth combined with a long history of state and federal authorities being unwilling or unable to investigate online investment fraud has made the country a sitting duck for the international crime syndicates behind the scams.”

Mark Solomons, Senior Investigator at IFW Global, a private intelligence firm, explained that because many Australians are “friendly” and “open-minded,” they’re more likely to pursue online relationships — particularly “if the right buttons are pressed.”

“Australia and Canada vie for the top spot. They are rich countries with a low likelihood of a disciplined investigation or detection.“

Solomons said much of the stolen cryptocurrencies are being used to fund the scammer’s lavish lifestyles:

“There are Israelis getting very, very rich by ripping off Australians and sucking superannuation and retirement savings out of the Australian economy.”

“We’re talking about individuals who fly around in private jets, who have significant assets, real estate, fancy cars and cash. They are traveling freely around the world, they’re buying yachts,” Solomons added.

While Europol has reported $3.1 million to have been stolen by the multinational operation, they believe the true figure “may be in the hundreds of millions of euros.”

Compared to other “well-resourced” nations, Solomons urged the Australian government to up its enforcement efforts at the state, federal and international levels to make targeting Australian investors less appealing to these scammers.

While some reports say Australians lost up to $2 billion from investment scams in 2021, the Australian Competition and Consumer Commission (ACCC) reported Australians to have lost $323.7 million, which increased a whopping 75.6% to $568.6 million in 2022, according to the consumer watchdog’s Scamwatch database.

$221 million of those scam losses came through the use of crypto payments, according to the ACCC.

*Amount (in Australian dollars) lost and number of reports due to scams: Source:* *Scamwatch.*

Victims have also lost an additional $53.4 million in the first month of 2023.

To fight the issue, the Australian Securities Investment Commission released a list of the “top-10 ways to spot a crypto scam” in November to raise awareness of the issue.

In July 2022, the ACCC began trialing a cybersecurity service that automatically takes down scam websites. The trial saw early success, with several crypto scam sites being knocked offline relatively quickly.