$243M Crypto Heist Uncovered

BananaGun Exploited | Drift Raises $25M

The Launchy Team
September 20, 2024

📢 Sponsor | 💡 Telegram | 📰 Past Editions

Good Morning.

Marco and Karon are in Singapore for Token 2049. This issue is written by the Launchy Team.

The Fed made the first rate cut since 2020, the price has been on an upward trajectory over the last 3 days, starting around $62K and reaching a high near $63.9K. A slight pullback was observed on the most recent day, with the price currently consolidating around 63.5K, hinting at possible indecision in the market's next move.

In Today's Email:

What Matters: Banana Gun goes offline as $1.4M stolen 🦹
Founders Highlight: Leonid Bashlykov of Revolut X 🛠️
Deal Flow: Drift raises $25M to build DeFi superApp 💰️

You read and share. We listen and improve. Send us feedback at [email protected].

Narratives: The Fed made the first rate cut since 2020

For daily market updates and airdrop alphas, check out our telegram!

Want to keep tracks of crypto metrics such as app store ranking, sentiment, and altcoin market cap? Check out our new tg channel.

WHAT MATTERS

Banana Gun Goes Offline as $1.4M Stolen

@BananaGunBot Seems like there is already 36 victims with almost 563 #ETH stolen "so far" on mainnet. The last one was drained an hour ago, but there is more rumour that drains started on #SOL too.
I wouldnt say that @BananaGunBot itself got hacked, not enough victims.
— yannickcrypto.eth (@YannickCrypto)
10:10 AM • Sep 19, 2024

State of play: Banana Gun, a popular Telegram-based trading bot, is investigating reports of compromised user wallets with drained funds. The team has taken the bot offline and suspects a front-end vulnerability as the cause.

According to yannickcrypto.eth, 36 victims reported unauthorized transfers from their wallets, totalling 563 ETH ($1.4M).
Banana Gun claimed that the number of users affected is fewer than ten users.
Banana Gun confirmed the hacker likely accessed less than fifty Telegram accounts and withdrew funds through them, matching the pattern of drained wallets.
Banana Gun has enabled $6B worth of trading volume from nearly 272,000 users, making this a notable incident.
The team is actively seeking information from the community to assist in the ongoing investigation.

Why it Matters: Security remains a major concern for crypto products, with hacks and exploits occurring almost weekly, making them seem like routine events in the crypto space.

For builders and investors: Builders should ensure robust front- and back-end security, conduct regular audits, and educate users on safe practices like securing private keys and using multi-factor authentication to prevent breaches.

BUILDER-INVESTOR HIGHLIGHT

Leonid Bashlykov of Revolut X

Intro: Leonid Bashlykov is the head of product of Revolut X, a standalone crypto trading platform by Revolut available to its UK retail customers.

Previous background: Leonid started his career as an investment analyst. He then moved to the Indian startup scene with UCHi.RU, an ed-tech startup with 40M+ MAU. In 2022, he joined Revolut to develop a crypto exchange.

The big idea: Leonid and the founders of Revolut aim to compete with leading crypto exchanges by offering easy on/off-ramping and low fees for professional traders.

Take a peek at our referral reward at the bottom of this issue. Share this newsletter and receive our list of 500 crypto VC individuals 👇

INSIGHTS

$243M Crypto Heist Uncovered

1/ An investigation into how Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano) stole $243M from a single person last month in a highly sophisticated social engineering attack and my efforts which have helped lead to multiple arrests and millions frozen.
— ZachXBT (@zachxbt)
1:03 PM • Sep 19, 2024

State of play: ZachXBT revealed how hackers Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano) executed a sophisticated social engineering attack to steal $243M from a single victim.

The operation involved impersonating support representatives and exploiting vulnerabilities to gain access to personal accounts.
Law enforcement has made multiple arrests and frozen millions of stolen funds.
The attack occurred on August 19, 2024, when the perpetrators spoofed Google and Gemini support numbers to manipulate the victim into revealing sensitive information.
Victims were directed to reset their 2FA and share screens via AnyDesk, leading to leaked private keys from their Bitcoin wallets.
The stolen funds were quickly funnelled through multiple exchanges and converted into cryptos, including BTC, ETH, and XMR.
Significant amounts of stolen funds were linked to lavish spending, with Greavys reportedly spending $250K-$500K per night on luxury items.
The Binance Security Team, alongside investigators, successfully froze over $9M and returned more than $500K to the victim.
Box and Greavys were arrested in Miami and LA, with their indictment recently unsealed, and the investigation continues to uncover additional leads.

DEAL FLOWS

Drift Raises $25M to Build DeFi SuperApp

Deal flows bounced slightly this week, we saw $110M+ in deals 💼

Drift has raised $25M in a Series B funding round led by Multicoin Capital, with contributions from Blockchain Capital, Folius Ventures, Maelstrom, and Primitive.

Drift plans to be the first on-chain platform to offer cross-collateral margin accounts across a suite of DeFi products, including perpetual derivatives, spot, borrow-lend, and prediction markets.
Drift aims to double its workforce from 25 to 50 employees within the next year, reflecting its growth ambitions.
Co-founder Cindy Leow envisions Drift becoming the "Robinhood of crypto."
Leow believes Solana's growing user base and seamless integration will make it a more suitable blockchain for Drift compared to Ethereum.
Drift is governed by a DAO, ensuring no single entity controls users' funds.

Deal flows in the past week:

Magicblock, $3M Pre-Seed Round
Filament, $1.1M Seed Round
Bool Network, $2M Seed Round
0xAstra, $3M Seed Round
Limitless, $3M Seed Round
Rise Chain, $3.2M Seed Round
Fermah, $5.2M Seed Round
Yellow, $10M Seed Round
Pipe Network, $10M Series A Round
Ambrus Studio, Undisclosed $ Series A
Helius, $21.75M Series B
Drift, $25M Series B Round
Ore, $3M Unknown Round
LogX, $4M Strategic Round
Vana, $5M Startegic Round
CUDIS. $5M Unknown Round
TON, $30M Startegic Round
Forge, Undisclosed $ Strategic Round
Aptos, Undisclosed $ Strategic Round
One Trading, Undisclosed $ Strategic Round
Amnis Finance, $2M Unknown Round
TrueX, $9M Unknown Round
Hemi Network, $15M Unknown Round
Velo, Undisclosed $ Unknown Round
Onboard, Undisclosed $ Unknown Round
Nametag, Undisclosed $ M&A

QUICK BITES

SEC settles charges with Rari Capital.
Judge dismisses Consensys lawsuit against SEC.
Federal Reserve makes first rate cuts since 2020.
Worldcoin testing facial recognition for its World App.
US spot bitcoin ETFs logged $52.8M in net outflows.
CertiK’s new venture firm unveils $45M investment plan.
Solana Saga successor 'Seeker' surpassing 140,000 presales.
Louisiana joins growing list of US States that accept Bitcoin payments.
Terraform Labs gets sign-off from a US judge to begin winding down.
Hong Kong may approve Ethereum staking for local spot ETFs this year.
Scaramucci says crypto advocates working to move Harris away from Gensler.

NOTEWORTHY READS

Ignas’s read on Bitcoin
Louis’s read on The Deaf ETH L2 Debate
Omer’s read on AI-Powered Prediction Market Oracles

— litquidity (@litcapital)
6:11 PM • Sep 18, 2024

If you enjoy reading this issue, please consider subscribing. It takes 1 minute of your time but it would mean the world to us 🙇

Disclaimer: All the information presented in this publication and its affiliates is strictly for educational purposes only. It should not be construed or taken as financial, legal, investment, or any other form of advice.