Here’s what happened in crypto today



The United States Securities and Exchange Commission (SEC) is suing Hex founder Richard Heart on allegations of unregistered crypto security sales. Meanwhile, several stable pools on Curve Finance were exploited on July 30 due to a reentrancy vulnerability in certain versions of the Vyper programming language. Losses topped $52 million, leading to a plummeting of Curve’s native CRV token. Amid the chaos, an ethical hacker managed to retrieve $5.4 million worth of Ether (ETH) from an exploiter and returned it to the decentralized finance (DeFi) protocol. 

Hex founder faces SEC complaint over unregistered securities offering

Controversial crypto entrepreneur and investor Richard Heart faces a lawsuit from federal regulators over an alleged unregistered securities offering.

In a July 31 filing, the United States Securities and Exchange Commission (SEC) claimed that Heart had raised more than $1 billion through the unlawful sale of Hex, PulseChain (PLS) and PulseX (PSLX). According to the complaint, Heart made claims of “grandiose wealth for investors” in marketing the tokens. The Hex founder faces charges related to federal securities violations and defrauding retail investors.

Like other crypto assets, Hex surged in popularity in 2021, reaching an all-time high around $0.48. The token is currently trading at around $0.00616, having declined over 28% on the day.

It has been speculated that Heart was aware that a federal complaint was incoming. Heart appears to have removed certain references from Hex and PulseChain in his social media profiles in the months leading up to the SEC complaint.

Ethical hacker retrieves $5.4M for Curve Finance amid exploit

An ethical hacker managed to retrieve $5.4 million worth of Ether from an exploiter and return it to DeFi protocol Curve Finance amid a recent hack. 

A maximal extractable value bot operator with the username “c0ffeebabe.eth” used a front-running bot against a malicious hacker to secure almost 3,000 ETH. The funds were then returned to the Curve deployer address, which looks to be its rightful custodian.

Curve Finance pools exploited due to reentrancy vulnerability

Several stable pools on Curve Finance using Vyper were exploited on July 30, with losses reaching over $52 million.

The cause has been pinned on a malfunctioning reentrancy lock, affecting pools using Vyper 0.2.15, 0.2.16 and 0.3.0. At least four liquidity pools on the Curve Finance protocol have been impacted.

“The short answer is that everything that could be drained was drained. The targeted pools are aETH/ETH, msETH/ETH, pETH/ETH and CRV/ETH. All remaining pools are safe and unaffected by the bug,” Curve Finance said on Discord.

Vyper is a contract programming language designed for the Ethereum Virtual Machine (EVM). It is considered one of the most widely used Web3 programming languages, which means the bug in three of its versions could have an impact on several other protocols.

The attack has affected a number of DeFi projects, with Alchemix’s alETH/ETH pool reporting outflows of $13.6 million, PEGd’s pETH/ETH pool drained of $11.4 million, Metronome’s sETH/ETH pool hacked for $1.6 million and over 32 million CRV tokens worth over $22 million drained over the past few hours.

The BNB Smart Chain (BSC) has reportedly suffered copycat attacks, with around $73,000 worth of cryptocurrencies on BSC across three exploits also stolen.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.





Source link

Comments are closed.