Cryptohack Roundup: Investors Sue Binance

Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Binance, ASX and Google were sued; Solana users were targeted; McDonalds’ X account was hacked; Mango Markets and the SEC settled; China updated its AML law; a sentencing was made in the HTSB case; an arrest was made in the BitConnect case; Australia shuttered 615 scams; and Malaysia adopted Worldcoin and arrested crypto thieves.

See Also: OnDemand | NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation

Binance and former CEO Changpeng Zhao face a putative class action lawsuit from three crypto investors who claim they couldn’t recover stolen assets due to the exchange’s failure to prevent money laundering. Filed in U.S. District Court for the Western District of Washington, the lawsuit alleges that thieves laundered the stolen crypto through Binance and that the crypto firm’s role in the money laundering process violates the Racketeer Influenced and Corrupt Organizations Act. Bill Hughes, a senior counsel at Consensys, said the suit’s success is doubtful, but it puts Binance in a difficult position, especially concerning the effectiveness of blockchain analytics and on-chain asset recovery. Zhao last year pleaded guilty to violating U.S. money laundering laws, resigned as CEO and paid a $4.3 billion fine. He is currently serving a four-month prison sentence.

Decentralized exchange aggregator Jupiter said it identified a malicious Google Chrome extension, called Bull Checker, which hackers use to drain Solana user wallets. The extension claimed to help users view holders of specific memecoins but was actually designed to steal funds by modifying transactions in a way that bypassed standard security checks. The extension requested user permissions, such as the ability to read and write data. Legitimate extensions typically require read-only permissions. The company did not specify the number of victims or the stolen amount, but said that it did not find any vulnerabilities in Solana’s major decentralized applications or wallets during its investigation.

Hackers breached McDonald’s Instagram and X account to promote a fake digital currency and claimed that they executed a rug pull worth $700,000.

A screenshot circulating on social media shows the McDonald’s Instagram page altered to read: “Sorry mah n***a you have just been rug pulled by India_X_Kr3w thank you for the $700,000 in Solana,” alongside an emoji of the Indian flag. The hackers promoted a fake meme coin called Grimace on the Solana blockchain, and its value reportedly surged from zero to $25 million within 30 minutes of the McDonald’s post before collapsing again – a classic fraud in which creators disappear after draining liquidity from the coin. The fast-food chain acknowledged the incident in a statement to Bloomberg. The attack also affected Guillaume Huin, McDonald’s senior marketing director, whose social media accounts were hacked to promote the fake coin. The fast-food giant has deleted the posts.

Solana-based decentralized finance platform Mango Markets is considering a settlement with the U.S. Securities and Exchange Commission regarding allegations that it violated securities laws. The platform’s governing body, Mango DAO, initiated a vote on an SEC Settlement Offer Proposal, which includes paying the agency $223,228 in fines, destroying the DAO’s MNGO token holdings and seeking delisting from trading platforms. The proposal aims to settle the SEC’s claims without admitting or denying any wrongdoing. It has already reached a quorum with unanimous approval.

This settlement offer follows reports of regulatory scrutiny earlier this year, ahead of Avraham Eisenberg’s trial for draining over $110 million from the platform in 2022. While the proposal addresses the SEC’s concerns, it does not cover potential probes by the Department of Justice and the Commodity Futures Trading Commission. Once a leading DeFi protocol on Solana, Mango Markets has struggled since the exploit. Eisenberg, who claimed his actions were a legal trading strategy, was found guilty of commodities fraud, commodities manipulation and wire fraud, although he is seeking to overturn the conviction and obtain a new trial.

China’s top legal authorities classified the use of virtual assets for transferring illicit funds as a method of money laundering. The interpretation identifies virtual asset trading as a means of disguising or concealing the source and nature of criminal proceeds under the country’s criminal law, in a bid to streamline the investigation and prosecution of crypto-linked money laundering cases.

Liu Honglin, founder of the Shanghai-based Man Kun law firm, said the interpretation does not equate cryptocurrency trading with money laundering. Instead, it provides clearer legal grounds for law enforcement to target specific illegal activities rather than cracking down on all crypto transactions. Shao Shiwei, a fintech lawyer, said that the interpretation could increase legal risks for stablecoin merchants, especially if they receive illicit funds through crypto trading.

Kansas man Shan Hanes was sentenced to 24 years in prison for embezzling tens of millions of dollars in a cryptocurrency scheme while serving as the CEO of Heartland Tri-State Bank. The 53-year-old pleaded guilty to one count of embezzlement by a bank officer and admitted to transferring $47.1 million of the bank’s funds to a cryptocurrency wallet between May and July last year. The scheme involved transferring the funds to multiple cryptocurrency accounts controlled by unidentified third parties. Hanes’ actions led to the bank’s shutdown and caused a $9 million loss for investors. The Federal Deposit Insurance Corp., which insured the bank, absorbed the full extent of the embezzled funds.

Indian law enforcement arrested a man for allegedly kidnapping two individuals linked to the defunct crypto platform BitConnect, in an attempt to recover his lost investment. The Enforcement Directorate of Ahmedabad said Shailesh Babulal Bhatt allegedly kidnapped two BitConnect employees and extorted 2,091 bitcoin, 11,000 litecoin and $1.7 million for their release. Police said Bhatt also paid an unknown number of his accomplices a total of $34 million for their involvement in the crime. Authorities said they’ve recovered assets worth $52 million so far. BitConnect, which collapsed in 2018 – two years after its launch, is one of the largest Ponzi schemes in crypto history, with global losses estimated at $2.4 billion.

The Australian Securities and Investments Commission sued the Australian Securities Exchange Ltd., the country’s largest cryptocurrency market operator, for allegedly making misleading statements about a blockchain project intended to replace its aging Clearing House Electronic Subregister System. The securities watchdog claims that ASX’s February 2022 announcements falsely stated that the project was “on track for go-live” by April 2023 and was “progressing well,” despite the project facing significant challenges. In November 2022, ASX paused the project after an Accenture review highlighted major issues, leading to a $166 million write-down. ASIC alleges that ASX had no reasonable basis to suggest the project was on schedule and accused the company of misleading and deceptive conduct. In response, ASX acknowledged the seriousness of the proceedings, expressed its cooperation with ASIC’s investigation and is now reviewing the allegations.

The Australian Securities and Investments Commission said it has removed 615 cryptocurrency investment scams over the past year as part of a broader effort to combat investment fraud. Since July 2023, ASIC has taken down more than 7,300 scam websites, including those associated with cryptocurrency. An Australian Competition and Consumer Commission report showed that investment scams led to losses of $1.3 billion last year.

A Florida woman is reportedly suing Google for taking three months to remove a fraudulent crypto app that stole $5 million. Maria Vaca said she deposited $4.6 million in the app, called Yobit Pro, between February and July last year. When her holdings reached $7 million, the app demanded an additional $500,000 for “taxes” and later requested $2 million for “verification.” When she refused to pay, Vaca allegedly received death threats from unidentified criminals. Filed in California’s Santa Clara County Superior Court, her complaint accuses Google of making misleading claims about the safety and security of apps on its store. She also claims Google’s delayed response allowed other users to be defrauded.

Malaysians will soon be able to verify their humanity using Worldcoin technology, following the release of a memorandum of understanding between the Worldcoin Foundation, parent company Tools for Humanity, and the Malaysian government. This agreement allows Malaysians to access human verification through an iris imaging technology developed by Tools for Humanity for the Worldcoin project. Project backers say they aim to ensure the future integrity of the internet by distinguishing between human and nonhuman actors. Participants receive World IDs after agreeing to an iris scan and are rewarded in WLD cryptocurrency tokens.

Despite privacy and data management concerns and bans in several countries, Worldcoin has formed partnerships with nations such as Austria. The agreement also allows the possibility of manufacturing the orbs used for iris scans in Malaysia and exploring a connection between Worldcoin’s World Chain protocol and Malaysia’s blockchain infrastructure.

Malaysian authorities arrested seven individuals with no prior criminal records for allegedly conducting bitcoin mining operations that involved electricity theft, local media reported. The arrests of three local residents and four foreign nationals are part of a crackdown on illegal bitcoin mining activities linked to power theft. Police reportedly seized 52 bitcoin mining rigs and other electronic equipment valued at about $57,000. Deputy Energy Minister Akmal Nasrullah Mohd Nasir previously said that crypto miners in Malaysia had stolen $777 million worth of electricity between 2018 and 2023. With China’s 2021 ban on cryptomining, operations have shifted to the United States and Asian regions such as Malaysia, Indonesia, Laos and Thailand.