Lightnews — Scholar-powered news

web3 is going just great @web3isgoinggreat.com · 17h

it was also a huge spam problem
bsky.app/profile/web3...

web3 is going just great @web3isgoinggreat.com · Oct 17

Reddit abandons blockchain-based Community Points

October 17, 2023
https://web3isgoinggreat.com/?id=reddit-abandons-blockchain-based-community-points

Reddit abandons blockchain-based Community Points
Reddit's attempt to blockchainify their signature Reddit karma has come to an end as the company has decided to pull the plug on the feature. The idea was that users could "own a piece of their community" (what?) by racking up points for their positive contributions, which they could then spend on perks like custom badges.
Reddit attributed the decision to scaling difficulties, regulatory uncertainty, and the quantity of resources the company found itself having to put into the feature. The tokens were only used on a handful of subreddits, and the team had migrated them from the Ethereum blockchain to the Arbitrum Nova L2 chain, but despite that scaling continued to be a problem.

The news caused a massive dive in the prices of $MOON and $BRICK, the two Reddit tokens, as holders tried to exit their positions before the tokens became useless. Some angrily accused Reddit of rug-pulling, threatening legal action. One wrote, "I wish you guys knew how reckless this decision is and how many people you've hurt." Some accused subreddit moderators of selling when they learned about the decision an hour before it was made public. Others were delighted at the news, however. One wrote, "Thank the effing Lord. This moons caused so much shit tier spamming for over a year."

1 16

web3 is going just great @web3isgoinggreat.com · 17h

Hyperliquid user loses $21 million to private key leak

October 10, 2025
https://www.web3isgoinggreat.com/?id=0x0cdc-theft

Hyperliquid user loses $21 million to private key leak
An attacker apparently obtained access to a victim's private key, enabling them to drain $21 million in various crypto assets. The attacker quickly bridged the stolen funds to ETH, then bounced through various addresses in hopes of disguising their origin and making the funds more challenging to recover.
Some originally feared that the theft was enabled by an exploit on Hyperliquid itself, shortly after another Hyperliquid-based project was compromised, but the theft appears to have been a key leak rather than an exploit on the protocol.

2 4 48

web3 is going just great @web3isgoinggreat.com · 18h

Reddit shuts down its NFT avatars project

August 28, 2025
https://www.web3isgoinggreat.com/?id=reddit-shuts-down-nft-avatars

26 100 570

web3 is going just great @web3isgoinggreat.com · 9d

Abracadabra loses more "Magic Internet Money" to third hack in two years

October 4, 2025
https://www.web3isgoinggreat.com/?id=abracadabra-exploit-3

Abracadabra loses more "Magic Internet Money" to third hack in two years
In their third major hack in two years, the Abracadabra defi lending project lost $1.8 million of their Magic Internet Money stablecoin. An attacker took advantage of a bug in the project smart contracts to borrow more than their provided collateral would normally allow. The attack was funded via Tornado Cash, and the exploiter then swapped the stolen tokens for ETH and laundered them back through Tornado.
The project disclosed the theft, describing the exploit as affecting "some deprecated contracts". They downplayed the theft, saying they'd bought back the stolen assets using treasury funds.
Abracadabra previously suffered a $13 million theft in March 2025, and a $6.5 million theft in January 2024.

2 7 59

web3 is going just great @web3isgoinggreat.com · 13d

SBI Crypto likely suffers $21 million theft

September 24, 2025
https://www.web3isgoinggreat.com/?id=sbi-crypto-theft

SBI Crypto likely suffers $21 million theft
Crypto sleuth zachxbt observed $21 million in "suspicious outflows" from SBI Crypto, a crypto mining subsidiary of the Japanese SBI Group. The money was quickly laundered through instant exchanges and Tornado Cash, in ways zachxbt observed were similar to tactics of North Korean crypto thieves.
SBI Crypto has not made any public statements addressing the apparent theft.

2 5 50

web3 is going just great @web3isgoinggreat.com · 14d

Griffin AI exploited for $3 million one day after launch

September 24, 2025
https://www.web3isgoinggreat.com/?id=griffin-ai-exploit

$Griffin AI exploited for $3 million one day after launch One day after Griffin AI launched its GAIN token on Binance Alpha, an attacker minted 5 billion fake GAIN tokens on the Ethereum blockchain, then exploited a cross-chain endpoint to trick the bridge to the Binance chain into recognizing them as the real thing. The attacker was only able to sell a small fraction of their tokens, but they made off with approximately $3 million as the token plunged in price. According to CEO Oliver Feldmeier, the exploit was enabled by "a misconfigured layer Zero (cross-chain messaging) set-up and compromised key". Griffin AI promises to allow customers to "build, deploy, and scale autonomous AI agents for crypto finance". These are essentially AI-powered bots that perform various functions — some of Griffin's advertised examples include a "robo-adviser" to provide "tailored investment strategies", and bots to do arbitrage trading or manage staked assets.$

3 13 91

web3 is going just great @web3isgoinggreat.com · 14d

Before Futureverse bought Candy Digital, sports company Fanatics had sold its majority stake in the company, saying that "it has become clear that NFTs are unlikely to be sustainable or profitable as a standalone business. ... [W]e realize[d] things aren’t working."

Sports company Fanatics jettisons its majority stake in NFT company Candy Digital

"Over the past year, it has become clear that NFTs are unlikely to be sustainable or profitable as a standalone business," wrote CEO Michael Rubin in an internal email explaining the decision to sell ...

www.web3isgoinggreat.com

1 1 25

web3 is going just great @web3isgoinggreat.com · 14d

Futureverse announces restructuring two years after raising $54 million

September 29, 2025
https://www.web3isgoinggreat.com/?id=futureverse-announces-restructuring

Futureverse announces restructuring two years after raising $54 million
In 2023, there was no shortage of buzzy press coverage for Futureverse, which promised to build a metaverse and gaming-focused blockchain. They partnered with Ready Player One author Ernest Cline to build the "Readyverse". They partnered with the estate of Muhammad Ali to build an "AI-powered" boxing game (with NFTs!) They partnered with Rebook to build a "virtual sneaker design experience", where customers could design sneakers to equip to their Fortnite or Roblox characters. That year, the company had raised $54 million in a Series A round led by 10T Holdings and Ripple Labs. They made even more money from token sales to retail investors.
As recently as this year, Futureverse was earning spots on "most innovative company" lists. In April, they announced they'd be acquiring Candy Digital, an NFT company created by Mike Novogratz, Gary Vaynerchuk, and others (which itself had raised a $100 million series A in 2021

But now, Futureverse has announced they've "made the difficult decision to begin a restructuring of the business". Focusing only on the AI portion of their business, and conspicuously omitting any mention of blockchains, NFTs, or metaverses, the company says they "recognize that adjustments are needed to ensure the long-term sustainability of our vision." Futureverse locked comments on the post, likely to try to dodge angry community members who accused the company of stealing from them or rug-pulling.

3 4 39

web3 is going just great @web3isgoinggreat.com · 14d

Hypervault rug pulls for $3.6 million

September 26, 2025
https://www.web3isgoinggreat.com/?id=hypervault-rug-pull

Hypervault rug pulls for $3.6 million
Only days after the Hypervault yield farming platform announced on Twitter that they'd surpassed $5 million in total value locked, the platform suddenly shut down its website and social media accounts. Simultaneously, the crypto security firm PeckShield observed an "abnormal withdrawal" of a large quantity of various crypto assets priced at around $3.6 million, which were swapped to 752 ETH (~$3.1 million) and laundered through Tornado Cash.
The project had attracted customers by advertising yields of 76–95%.

3 12 54

web3 is going just great @web3isgoinggreat.com · 22d

Seedify launchpad project suffers bridge exploit

September 23, 2025
https://www.web3isgoinggreat.com/?id=seedify-bridge-exploit

Seedify launchpad project suffers bridge exploit
An attacker exploited bridges for SFUND, the token issued by the Seedify launchpad and incubator. It appears the exploiter has profited around $1.7 million from the theft. Seedify issued a statement announcing the theft, and said the bridge contracts that were exploited had been deployed for three years. The SFUND token crashed in price by around 80% before recovering somewhat.
Seedify has been a launchpad for blockchain games, NFT projects, and other web3 products. The team has recently has embraced "vibe coding" — a practice in which people rely heavily on AI to generate code.

5 31

web3 is going just great @web3isgoinggreat.com · 22d

UXLINK exploited for around $28 million, then hacker gets phished

September 22, 2025
https://www.web3isgoinggreat.com/?id=uxlink-exploit

UXLINK exploited for around $28 million, then hacker gets phished
The "AI-powered web3 social platform" UXLINK was exploited by an attacker that gained control of the project's multisignature wallet, then minted billions of the project's UXLINK token. Though the tokens were worth hundreds of millions of dollars on paper, low liquidity and a crashing token price means the attacker cashed out around $28 million.
Shortly after the hack, the attacker apparently approved a phishing contract, perhaps in their rush to swap tokens before the price crashed further or before exchanges could freeze the tokens. Around 542 million of the UXLINK tokens were sent to a phishing address as a result, though it doesn't appear the phishing wallet has been able to sell the tokens.

1 6 42

web3 is going just great @web3isgoinggreat.com · 29d

Yala stablecoin depegs after theft

September 14, 2025
https://www.web3isgoinggreat.com/?id=yala-stablecoin-depegs

Yala stablecoin depegs after theft
The YU bitcoin-backed stablecoin list its intended dollar peg after what they described as "an attempted attack", later writing that there was an "unauthorized transfer of funds". Although they initially wrote that "All funds are safe", they later stated that they "identified the stolen assets on-chain and are actively working with law enforcement to pursue recovery." Research firm Lookonchain observed a large mint of the YU token that may have been related — if so, the attacker successfully stole at least 1,501 ETH ($6.75 million), and holds a substantial quantity of YU they still haven't sold.
Despite the project's attempted reassurances, the YU stablecoin lost its $1 peg, plummeting as low as around $0.20. As of writing, about a day later, the stablecoin is still well below its peg, at around $0.94.

3 4 46

web3 is going just great @web3isgoinggreat.com · Sep 15

Thorchain founder exploited for $1.35 million

September 9, 2025
https://www.web3isgoinggreat.com/?id=thorchain-founder-exploited

Thorchain founder exploited for $1.35 million
John-Paul Thorbjornsen, the founder of Thorchain and Vultisig, suffered a wallet drain, reportedly after experiencing a video meeting scam from an attacker who had exploited the Telegram account belonging to one of his friends. According to JP, the scammer used a malicious video call link to place malware on his computer, which then exfiltrated private keys for one of his crypto wallets. Some questioned whether he had made up the story, as he immediately began using the story to promote his Vultisig product.
Later that week, Thorbjornsen apparently suffered another loss — this one confirmed on-chain to be around $1.35 million.
According to crypto sleuth zachxbt, the attackers appeared to be a part of North Korean crypto hacking operations. "JP is one of the people whose has greatly benefited financially from the laundering of DPRK hacks/exploits. So it’s a bit poetic he got rekt here by DPRK," he wrote.

3 36

web3 is going just great @web3isgoinggreat.com · Sep 15

Shibarium bridge hit with $2.4 million flash loan attack

September 12, 2025
https://www.web3isgoinggreat.com/?id=shibarium-bridge-hit-with-2-4-million-flash-loan-attack

Shibarium bridge hit with $2.4 million flash loan attack
A bridge for Shibarium, the layer-2 network for the Shiba Inu project, was exploited for approximately $2.4 million in funds. The attacker bought 4.6 million BONE tokens (the governance token for Shibarium) using a flash loan, then used compromised validator signing keys to take control of the majority of validator power. Then, they used that control to drain around 225 ETH and 92.6 billion SHIB, together priced at around $2.4 million at the time of the theft.
The project has paused staking on the network, freezing the BONE tokens borrowed by the attacker, which may limit the attacker's profits.

2 29

web3 is going just great @web3isgoinggreat.com · Sep 9

$41.5 million stolen from SwissBorg in Kiln API exploit

September 9, 2025
https://www.web3isgoinggreat.com/?id=swissborg-exploit

$41.5 million stolen from SwissBorg in Kiln API exploit
Thieves stole 192,600 SOL (~$41.5 million) from a wallet belonging to the Swiss cryptocurrency exchange SwissBorg. The attack is being blamed on a vulnerability in the API of Kiln, a staking partner used for SwissBorg's "Earn" program.
SwissBorg announced that they would be reimbursing impacted customers using treasury funds, and working with security firms and law enforcement to try to recover the stolen assets.

1 1 31

web3 is going just great @web3isgoinggreat.com · Sep 8

Massive NPM supply chain attack puts crypto transactions at risk

September 8, 2025
https://www.web3isgoinggreat.com/?id=massive-npm-supply-chain-attack-puts-crypto-transactions-at-risk

Massive NPM supply chain attack puts crypto transactions at risk
After a JavaScript developer's NPM account was compromised in a phishing attack, attackers used it to upload malicious versions of heavily used JavaScript color and debugging libraries, as well as simple utilities that do things like strip-ansi or determine if a variable is-arrayish. Altogether, the packages get around two billion downloads per week, and the compromise is being called the largest the "largest supply chain attack in history".
Once the malicious code is injected, it then intercepts network traffic and API calls, scanning for cryptocurrency transactions across numerous blockchains. When a network request is made to transfer crypto, the malicious code intercepts it and replaces the destination with wallets controlled by the attackers.

Various prominent people in crypto have warned about the attack, with Ledger CTO Charles Guillemet tweeting: "If you use a hardware wallet, pay attention to every transaction before signing and you're safe. If you don't use a hardware wallet, refrain from making any on-chain transactions for now."

3 28 99

web3 is going just great @web3isgoinggreat.com · Sep 8

Nemo Protocol exploited for $2.4 million

September 7, 2025
https://www.web3isgoinggreat.com/?id=nemo-protocol-exploit

Nemo Protocol exploited for $2.4 million
The Nemo Protocol on the Sui blockchain suffered a $2.4 million exploit. The defi yield infrastructure protocol acknowledged the theft shortly after, explaining they had paused the protocol smart contracts as they investigated the theft. It appears the thief was able to manipulate a price oracle, siphoning $2.4 million in USDC from the project. They then bridged the funds from Arbitrum to Ethereum.

1 4 28

web3 is going just great @web3isgoinggreat.com · Sep 2

Venus Protocol user exploited for $13.5 million

September 2, 2025
https://www.web3isgoinggreat.com/?id=venus-protocol-user-exploited

Venus Protocol user exploited for $13.5 million
A user of the Venus Protocol borrowing and lending platform was successfully phished by an attacker who gained access to their account and drained $13.5 million in stablecoins and wBETH. The user signed a malicious transaction, approving the attacker's address for token withdrawals.
Venus paused the protocol as they investigated the theft. The project then proposed a vote to force liquidation of the attacker's wallet and recover the stolen funds.

5 45

web3 is going just great @web3isgoinggreat.com · Sep 2

Bunni decentralized exchange exploited for $8.4 million

September 2, 2025
https://www.web3isgoinggreat.com/?id=bunni-exploit

Bunni decentralized exchange exploited for $8.4 million
The Bunni decentralized exchange was exploited for approximately $8.4 million across the Unichain Ethereum layer 2 network and the Ethereum mainnet. Bunni acknowledged the theft and paused the protocol shortly after the attack.

1 4 35

web3 is going just great @web3isgoinggreat.com · Aug 27

BetterBank exploited, some funds returned

August 27, 2025
https://www.web3isgoinggreat.com/?id=betterbank-exploit

BetterBank exploited, some funds returned
The PulseChain-based defi project BetterBank was exploited by an attacker who took advantage of a vulnerability that allowed them to mint arbitrary tokens, some of which they then swapped for ETH. The attacker later returned around $2.7 million of the stolen assets, having cashed out around $1.4 million.
The vulnerable smart contract had been audited by cybersecurity firm Zokyo, which claimed they had flagged the issue during an audit. BetterBank responded by claiming that the auditors had either not identified or failed to communicate the true severity of the flaw.

1 18

web3 is going just great @web3isgoinggreat.com · Aug 24

Bitcoiner socially engineered out of $91 million

August 19, 2025
https://www.web3isgoinggreat.com/?id=bitcoiner-socially-engineered-out-of-91-million

Bitcoiner socially engineered out of $91 million
A bitcoin holder reportedly fell for a social engineering attack after receiving communications from scammers posing as customer support for a crypto exchange and hardware wallet provider, according to crypto sleuth zachxbt. The thieves stole 783 BTC (~$91 million), which they then transferred through the Wasabi mixer to complicate tracing.

1 10 92

web3 is going just great @web3isgoinggreat.com · Aug 14

Odin.fun bitcoin memecoin launchpad exploited for more than $7 million

August 12, 2025
https://www.web3isgoinggreat.com/?id=odinfun-exploit

Odin.fun bitcoin memecoin launchpad exploited for more than $7 million
Odin.fun, a bitcoin-based memecoin launchpad sort of like the popular pump.fun, was exploited for 58.2 BTC (~$7 million). The attacker had apparently manipulated the price of various tokens, then withdrew bitcoin based on the inflated prices.
A team member suggested they were unsure of the total amount stolen, "but as of right now, our company treasury isn't big enough to cover the losses".

2 8 36

web3 is going just great @web3isgoinggreat.com · Aug 12

Monero faces 51% attack

August 12, 2025
https://www.web3isgoinggreat.com/?id=monero-51-attack

Monero faces 51% attack
Monero, a privacy-focused blockchain network, has been undergoing an attempted 51% attack — an existential threat to any blockchain. In the case of a successful 51% attack, where a single entity becomes responsible for 51% or more of a blockchain's mining power, the controlling entity could reorganize blocks, attempt to double-spend, or censor transactions.
A company called Qubic has been waging the 51% attack by offering economic rewards for miners who join the Qubic mining pool. They claim to be "stress testing" Monero, though many in the Monero community have condemned Qubic for what they see as a malicious attack on the network or a marketing stunt.

Though Qubic has claimed to have achieved 51% of the Monero hashrate, these claims have been disputed. However, they do appear to be very close if not there already, and there have been multiple chain reorganizations — including a 6-block reorganization — suggesting that Qubic has established significant control over Monero mining.

4 10 64

web3 is going just great @web3isgoinggreat.com · Aug 11

Memecoin promoters allegedly responsible for throwing sex toys at WNBA games

August 7, 2025
https://www.web3isgoinggreat.com/?id=wnba-sex-toy-incidents

Memecoin promoters allegedly responsible for throwing sex toys at WNBA games
A group of crypto enthusiasts promoting a memecoin have claimed responsibility for a string of incidents in which neon green sex toys were thrown onto professional women's basketball courts during at least six WNBA games since July 29. The group described the stunts as coordinated "pranks" intended to draw attention to the coin, in an ecosystem where memecoin prices are often heavily tied to virality.
The incidents have been widely condemned as both dangerous and misogynistic by players, coaches, and the league, which has since implemented penalties including immediate ejection, a minimum one-year ban, and possible felony charges for offenders. "It's super disrespectful," said Chicago Sky player Elizabeth Williams. "The sexualization of women is what's used to hold women down, and this is no different," stated coach Cheryl Reeve of the Minnesota Lynx. "The intent is to sexualize and demean the women players b

"This is empowering to every fucking crypto community to start thinking outside the box. Get creative and fucking do something that makes people actually laugh," said a member of the memecoin community, cheering the incidents for their virality and the subsequent impact on the coin price. The meme was even amplified by Donald Trump Jr., who posted to Instagram a photoshopped image of President Trump dropping one of the green sex toys off the roof of the White House and onto a group of women playing basketball below.

7 53

web3 is going just great @web3isgoinggreat.com · Aug 11

Traders lose $1 million to malicious "trading bot" software

August 7, 2025
https://www.web3isgoinggreat.com/?id=mev-bot-scam

Traders lose $1 million to malicious "trading bot" software
Scammers using AI-generated YouTube videos to promote supposedly profitable crypto bot software have convinced crypto users to deploy what is, in reality, malicious code that allows scammers to siphon funds from their wallets. The free software supposedly allows anyone to run MEV bots to profit from arbitrage strategy, but the obfuscated code people are encouraged to download and deploy is actually malicious.
Researchers at Sentinel Labs have estimated that more than $1 million has been drained from various wallets via these malicious contracts.

7 50