host:

• Haseeb Qureshi, Managing Partner, Dragonfly
• Robert Leshner, CEO and co-founder of Superstate
• Tarun Chitra, Managing Partner, Robot Ventures
• Tom Schmidt, General Partner, Dragonfly

Crypto Circus Never Ends: Hacks, Grifts, and Kanye’s Coin?

Air Date: February 24, 2025

Summary of key points

This issue discusses:

• Bybit hack incident:
  • Bybit suffered the largest cryptocurrency hack in history, with a loss of $1.5 billion, suspected to be carried out by the North Korean Lazarus Group.
  • Hackers exploited a multi-signature technology vulnerability to quickly transfer funds to the Ethereum network.
  • Bybit CEO responded quickly, promising to meet users’ redemption needs and obtain bridge loan support from Binance and Bitget.
• Libra Scandal:
  • The Libra meme backed by Argentine President Javier Milei plummeted 95% due to insider trading and market manipulation scandals.
  • Exposing the operating methods behind the issuance of Meme coins, including KOL private placement and robot sniping.
• Celebrity Token Controversy:
  • Kanye West originally planned to launch the YZY token, but it was postponed due to sensitive timing.
  • Celebrity tokens have frequently exploded, such as Dave Portnoy being accused of running away from the Greed and Greed 2 projects, and directly selling them, causing investors to suffer heavy losses.
  • The industry’s attitude towards celebrity tokens has gradually turned negative.
• The decline of the meme market:
  • Meme market sentiment has been low recently, and retail investors are gradually realizing its zero-sum game nature.
  • Haseeb believes the meme cycle is over.
• Improved regulatory environment:
  • The U.S. SEC announced that it would drop its lawsuit against Coinbase and reorganize its crypto division to focus on combating digital fraud.
  • Hester Peirce proposed a regulatory policy that would collaborate with industry, sending a positive signal.
  • Brian Quintenz, the new head of the CFTC, may promote a more friendly cryptocurrency regulatory framework.
• Infrastructure construction and ecological stability
  • Solana and the Ethereum ecosystem have not been affected by the Meme downturn, and developers are focusing on infrastructure and application innovation.
  • The developer conference on Solana showed that there are still long-term builders in the market.

The largest cryptocurrency hack in history

Haseeb:

Last week we just experienced the largest cryptocurrency hack in history, with Bybit's cold wallet being hacked and losing $1.5 billion.

Bybit said they were attacked while transferring funds from cold wallets to hot wallets. This operation is a routine fund transfer performed by the exchange to meet users' withdrawal needs. Although Bybit uses multi-signature technology and relies on the multi-signature system provided by Ledger, when signing a transaction, the transaction content displayed on the front end is inconsistent with the actual transaction content seen on the signer's device.

This attack method is very similar to the previous hacking incidents against Rexerx and Radiant Capital, so the industry generally suspects that this incident may be related to the Lazarus Group. The Lazarus Group is a hacker group with ties to the North Korean government that has been involved in several large-scale cryptocurrency thefts, including the Axie Infinity hack a few years ago.

Bybit’s countermeasures and industry response

Haseeb:

Bybit's CEO Ben officially confirmed the hack on Twitter and said that the company has sufficient balance sheet to cover the loss and can fully meet the redemption needs of all users. He went live about 30 minutes after announcing the hack, marking the first time he has responded publicly so quickly to a similar situation.

In the live broadcast, he told everyone: “We are completely fine and can still meet all withdrawal requests. Although there is a liquidity crunch, we have obtained a bridge loan, and the chain shows that the funds come from Binance and Bitget.”

About 6 hours after the hack, outflows had stabilized and the market seemed relatively comfortable with Bybit’s situation. In addition, we have seen many people come out to support Bybit, including CZ and heads of some other exchanges. Many people compared this incident to FTX, but the difference is that Bybit was able to meet the redemption request this time.

The involvement of North Korean hacker groups and the aftermath of the incident

Haseeb:

This incident can be confirmed to be related to North Korea, which also means that we cannot predict what will happen next. It is unlikely that North Korea would transfer assets directly to a centralized exchange. The stolen assets are still stored on the Ethereum network and have not been further transferred. Apparently, this is because North Korea knows that these assets are being closely tracked around the world, and the amount of money is too large to be effectively laundered through privacy protocols such as Tornado Cash.

These assets initially existed in the form of mETH and stETH, which are staked Ethereum (stETH) and other related assets provided by Lido. However, they quickly converted all of these assets into Ethereum through the DeFi platform. I guess this is because Ethereum is the most liquid asset and also the least likely to be frozen. If you hold certain small currencies, you may face the risk of asset freezing due to governance issues, but this possibility is almost non-existent with Ethereum.

Despite this being the largest hack in the history of cryptocurrency in terms of U.S. dollars, no one has proposed a solution such as a hard fork. From these hacking incidents, we can find a pattern that when the stolen amount is very large, it is more difficult to escape. The irony is that if you stole $20 or $30 million, it might be easier to hide it, but if you stole a billion dollars, where would the money end up? Who can help you deal with it?

Robert:

I also don't know how they deal with the huge amount of hacked proceeds. I believe there are some online analysts who have been tracking these events for years, but my guess is that they may eventually try to convert these funds into commodities like Russian oil.

Tarun:

I remember Richard Heart was sued by an institution. He was the largest DAI holder because he got a lot of Ethereum from Pulse Chain, but because he was blacklisted by many exchanges, he converted all of it into DAI. I wonder if we’ll see something similar this time around, and it’ll be a good test to see if attackers will trust decentralized stablecoins.

Haseeb:

I don't think they're going to move all the money at once. Richard Heart’s operation was a slow process, not something that was done all at once.

Robert:

This ultimately depends on the hacker's risk tolerance and tolerance for financial volatility. Richard Heart exchanged Ethereum because he needed the stablecoin to pay for his USD expenditures.

Haseeb:

If I were North Korea, I would be thinking about how to use that money and try to transfer it to somewhere like Russia.

Robert:

They have tried to bridge some assets to Bitcoin, but there aren’t many decentralized ways to go from Ethereum to Bitcoin right now.

Haseeb:

If these assets are secured via multi-sig security, then if someone discovered that their protocol was used to process $1 billion worth of Ethereum, many people might choose to proactively report those funds, arguing that they should be confiscated and handed over to law enforcement through the governance structure. In this situation, almost no one will support North Korea.

Tarun:

We may see some really crazy on-chain activity because they have no choice. What I find interesting is the situation with Thorchain. In the past, many hackers would use Thorchain to borrow or bridge to Bitcoin, but now that validators on third-party chains have withdrawn, it has become impractical to move large amounts of money through it. Bitcoin’s cross-chain bridge technology is more imperfect than ever, which could put them in a difficult position.

Robert:

I imagined this like ancient pirates burying gold nuggets. They buried the gold nugget somewhere, drew a treasure map, and then returned to look for it thirty years later. North Korea may view the stolen cryptocurrencies as "treasure" and use them at some point in the future.

Haseeb:

This is an interesting hypothesis. Maybe they’ll come up with some sort of deal where whoever returns the assets gets a 10% reward. But I don’t know how to launder these stolen assets. North Korea, as an isolated country, makes any kind of agreement negotiation very difficult, which is a very bad situation for both customers and Bybit. While I believe Bybit’s financial position is strong enough, it would be a big problem if they cannot raise enough Ethereum to meet redemption demand.

Many people speculated whether Bybit would satisfy all redemption requests by purchasing Ethereum, as Ben mentioned in the live broadcast. Currently, they have obtained a bridge loan through Biget and Binance, which is a positive signal and stands in stark contrast to the FTX debacle. But if we assume that no one wants to do business with North Korea and no deal is possible, then Bybit may indeed need to buy Ethereum on the market. If this is true, it could be a positive for Ethereum prices as it would bring in around $1.5 billion in net buying demand, and with limited market liquidity, prices would naturally rise.

Tom:

I've noticed that the community has expressed great appreciation for Ben's communication style. He delivers information to the public quickly and directly through live broadcasts, which is very rare in the industry. Instead of using vague official terms, he told everyone clearly, "We have no problem, we will solve the problem, and this is how it is." This transparency is impressive.

Haseeb:

That's true. If we compare this incident with FTX, Bybit’s handling was exemplary, while FTX’s live broadcast was a complete farce.

Robert:

The fundamental difference is that FTX was a malicious actor running a massive fraud operation which is why they were out of funds, whereas Bybit was a trusted victim who got hacked.

Haseeb:

Totally agree. Usually in hacking incidents, we see that the victim's first reaction is to blur the issue, not confront the problem directly, and let the information spread through various channels. Bybit responded quickly within just 30 minutes of the incident, clearly explaining what happened and proactively communicating with customers to ensure everyone understood the situation.

This should become standard practice for every company when they are hacked. First, you need to control the rhythm of communication. Of course, the scale of this hack is unprecedented, but compared to Bybit’s balance sheet, the losses are not devastating. Today’s crypto market is much larger than it used to be, and even though this was the largest hack in history, the losses only accounted for a few percentage points of Bybit’s total assets.

Tom:

After the FTX incident, Bybit launched a reserve proof system, which allows users to instantly check whether their assets are included in the reserves, which greatly improves transparency. There was no fraud involved in this incident, so users do not have to worry about major gaps in their balance sheets.

Haseeb:

I was actually hoping to find some evidence that this was an inside attack. Because if it is an insider attack, the possibility of recovering assets will be greater. However, the good news is that the industry’s foundations are solid enough that they will be able to weather this crisis and ensure that the interests of all customers are not affected.

Hayden Davis & Libra Scandal

Haseeb:

The other big news is a coin called Libra. The project has the backing of Argentina's new president, Javier Milei, himself a controversial figure. This incident has been called the biggest insider trading scandal since the FTX collapse. So, what exactly happened to Libra?

Javier Milei publicly promoted the Libra token through a tweet. It all happened very suddenly, with almost no warning. Subsequently, the market value of this meme coin quickly soared to $4 billion, but then plummeted 95% in a short period of time. During the debacle, Milei deleted his tweet. At the same time, there are reports that insiders sold tokens during the market frenzy, and it is estimated that they made a profit of nearly $200 million through this wave of operations. As the incident unfolded, more confusing details gradually surfaced.

The whole controversy surrounding this project is confusing. What is Milei’s main stance? What does the Argentine government think about this? Later we learned that Milei himself did not directly profit from this Meme coin, but the project was launched by a private Argentine company. They claimed that this was for the benefit of the Argentine people or community, but the whole process was very opaque.

The central figure in this incident is a white man named Hayden Davis. After returning to Argentina, he became a businessman focusing on memes. He is more like a "coordinator" rather than the initiator or direct promoter of the project. In an interview, he mentioned that launching a Meme involves multiple roles, and his main role is to bring all parties together. He emphasized that he does not directly operate funds and does not own these assets.

In Argentina’s crypto community, Hayden Davis is considered an insider. He bragged in leaked private messages about paying funds to Milei's sister, Karina Milei. Karina is a prominent figure in Argentine politics. Hayden even mentioned his influence over Javier Milei in a tweet, claiming: "I control that guy. I send money to his sister and he will sign anything I say."

Hayden controlled more than $100 million in funds drawn from internal wallets. He later gave a series of interviews in which he tried to explain the operation. In a Twitter live broadcast, he directly admitted that he had "sniped" when Libra collapsed, that is, manipulated the market through robot trading. He said: "I don't know who the money really belongs to. I think it may belong to Argentina or KIP Protocol, the company that launched this project. I don't know who the money belongs to and I don't want it. You tell me what to do with the money, and if you don't tell me, I will throw it back into the market."

In the interview, he also explained in detail how Meme works, revealing inside information that many people have never known. He mentioned that most large memes will sell most of their tokens to KOLs and other institutional investors at prices below the market price through private transactions before they are launched. For example, projects like Melania, Libra, and even TRUMP, who he claimed had raised up to $500 million in private placements at an internal meeting in Washington, DC.

Information about these private placement transactions is often circulated among insiders, but can also be leaked to others who are not involved in the transactions. These people use this information to profit by sniping when the token is officially launched.

The meaning of "sniper" needs to be explained here. Sniping refers to the situation where when a token is first launched, some robots are able to quickly buy tokens before ordinary investors react, thereby pushing up the price. This is because they knew in advance that the token was going to be launched. When retail investors start to rush in to buy, people’s reaction speed is much slower than that of machines, and these snipers will take the opportunity to sell tokens at high prices and make a profit. Since meme coins are typically issued at low market caps with no auction or initial price clearing mechanism, this practice becomes very common.

According to Hayden Davis, “How else can you make money if you don’t attack your own tokens? Do you think there is any other way?” He feels that all teams involved in the token supply chain believe that the only way to make a profit is to become an insider manipulator. These teams hope that the popularity of the meme will last for one to two years, but the reality is that the life cycle of almost all memes does not exceed a few days. There is a widespread cynicism in these circles that the entire crypto industry is little more than a zero-sum game. In order to prevent retail investors from being sniped from outside, they believe that the best way is for the team to snipe the tokens first. In this way, they can use the proceeds from the sniping to protect the stability of the token and buy back the token after the sniping is completed.

On the day of the incident, Argentina's stock market fell by more than 5%. The opposition has now filed formal charges against Javier Milei. The incident, known as "Cryptogate," was a major political and financial scandal. I think this has caused serious damage to Argentina's reputation both internationally and domestically.

Robert:

I have seen clips of Hayden's interview, it is outrageous, each clip is more ridiculous than the previous one, he actually said publicly on the show that "crime is good".

Haseeb:

He is a typical "crypto kid" with no moral sense at all.

Robert:

Do you remember that discussion we had about nine months ago about “sanity versus madness”? Hayden may be one of the craziest characters in the history of the crypto industry.

Tom:

I agree, I feel like Hayden comes off as very ignorant when he speaks. I went skiing last week and met some Argentinians who were really excited about it. Because in their view, this could be a TRUMP-like situation. They saw this as a huge opportunity, and when they saw Milei promoting this project, they probably thought, "Oh, this is our TRUMP moment," but it turned into a huge scandal. In fact, it's a bit like if you go to a casino and lose money, who can you blame? The rule of the casino is that you are responsible for your own wins and losses.

Haseeb:

This statement is so vivid. Such a ridiculous meme can actually trigger such a huge chain reaction and even impact the entire country. The scandal has also had repercussions on the entire crypto industry. It later emerged that the team behind Kelsier Ventures was not only responsible for the Libra token, but also Melania. They also did a sniping operation when Melania was launched, which is actually a routine they use over and over again.

Latest updates on the Meteora and Solana ecosystems

Haseeb:

What’s interesting about this story is that it also affects some people in the Solana ecosystem. Meteora is the launching pad for TRUMP and Melania. Meteora has been in the spotlight lately due to some investigations that appear to be controversial with some people associated with the platform.

I need to explain that Meteora is a competing product of Jupiter. Jupiter is a large DeFi aggregator on Solana, while Meteora focuses on providing launch services for new tokens. Meteora's lead developer Ben resigned after being investigated for possible involvement in certain irregularities, such as insider trading. However, I am not sure whether these allegations are true or just suspicions raised.

Robert:

I saw on Twitter that someone dug up some of Ben's history, saying that he had violated securities laws many times in the past. Is this true?

Tarun:

I am also not sure if these allegations are true. Ben is one of the co-founders of Meteora, which was originally part of Jupiter. I actually knew Ben before the crypto boom when he was running a startup in the insurance space. I also interviewed him in 2012. He had not been involved in the crypto space before 2021. The Meteora platform has been around for a while but has never found the right market niche. Later, as FTX collapsed, Jupiter began to rise rapidly as it became the main platform for trading Solana tokens. At that time, except for FTX, most other exchanges did not support trading of SPL tokens. Meteora has gradually evolved into a platform focused on launching early projects.

Unlike Pump.Fun, the Meteora platform allows project issuers to manage and control the funding pool and liquidity to a certain extent. This design does make sniping operations easier to some extent. However, I think Ben's situation is more like a founder being kicked out by the board than an average developer being fired. If you look at this as a case of corporate governance, founders getting kicked out usually involve more complex power struggles.

The Decline of Memes

Haseeb:

I think this story casts a shadow on the entire meme. After the Libra incident, the launch of TRUMP and Melania gave people a bad impression of Meme coins. After these events, people seemed to realize the nature of the meme promoters revealed by Hayden in the interview and how these large-scale meme coin issuance games are disadvantageous to retail investors. This change has changed the atmosphere in the crypto space, raising doubts about how Meme Coin works and making it less certain whether retail investors can continue to participate in this so-called "casino."

Robert:

Everyone once thought that the Meme Game was winnable, but now that the truth has come out, everyone sees the ugly truth behind it and realizes that it is a completely manipulated game, they are victims, and there is no way they can win.

Haseeb:

In absolute terms, Pump.Fun's trading volume remains strong, but overall, market volatility is declining. The current sentiment has completely turned to aversion to memes. Previously, people would say that technology coins and venture capital coins are actually memes. Now this view seems to have lost its validity, and everyone is beginning to realize the need to rebuild real projects.

Tarun:

I think this shows that memes with less control seem to be able to survive, while meme coins that require a lot of liquidity management face more challenges. Therefore, we see that Pump.Fun's trading volume has not dropped significantly.

Robert:

I think this is a turning point where meme coins attracted a lot of money, and now that meme coins are less attractive, that money will flow into other verticals in the crypto space.

Tom:

I agree with Tarun. People like fair and transparent games, and when they feel they can no longer profit from them, the market will naturally collapse. Just like the previous ICO and NFT crazes, if people are no longer excited and think there is no opportunity, the entire market will be affected.

Haseeb:

Indeed, the difference between Pump.Fun and some managed releases is interesting. Libra can be described as a celebrity coin, although formally it is not, but in fact its relationship with Milei makes it a celebrity coin.

Controversy and hypocrisy surrounding celebrity token projects

Haseeb:

I think it’s safe to say that the celebrity token craze is over, or has cooled off quickly. Recently I heard that Kanye West also seems to be planning to launch a Meme, that is, a celebrity token, but he seems to realize that now is not a good time to launch it.

I heard he had originally planned to launch it on Monday, but it was pushed back to Friday. The team is said to be debating whether to time it too close to the Milei incident, and apparently they are somewhat tuned to the news cycle. What I find funny is that this new token is called YZY Token.

Even more outrageous is that Yeezy's CFO accidentally leaked the plan to CoinDesk. He sent an email using Yeezy's official email address, detailing the token plan and requesting CoinDesk to keep it confidential, but CoinDesk rejected the request and released the report directly.

Regarding token economics, 70% of the tokens will be held by Kanye himself, 10% will be used for liquidity, and 20% will be used for investors. Now this 20% has been sold to investors.

Robert:

Just a few days ago, he tweeted that Celebrity Coin was an exploitation of the community and had no value. As a result, just a few days later, news came out that he was going to issue his own token. This behavior is extremely hypocritical.

Haseeb:

As an industry, we must come together and not support this token. As long as no one buys it, we can completely put an end to this phenomenon.

Robert:

The problem is that once the tokens are released, they are snapped up, then sold, and only a few people profit.

Haseeb:

We have already seen similar cases, such as Dave Portnoy who launched a token called Greed, held 35% of the supply himself, and then sold it all at once, causing the price to plummet.

He then released Greed 2. After Greed collapsed, the market value of the new token reached $20 million, but soon collapsed again. He sold it again and said on Twitter Spaces that this process was a lesson to his followers. Meme is just pure exploitation. He also criticized those who traded it for being lazy and just wanting to make quick money without looking for real jobs.

Tarun:

This is actually financial dominance, even more obvious than what we have discussed before.

Haseeb:

I recently expressed a similar opinion on Twitter that I think the meme cycle is over . I mentioned on the show that this is like a casino where each slot machine is owned by a different person, and this model is simply not sustainable, with each slot machine owner doing everything they can to squeeze profits out of the players.

Regulatory developments and the future of the cryptocurrency industry

Haseeb:

I feel very tired of the recent negative news. People are tired of those memes that have no actual value and are starting to turn their attention to projects with more potential. This may be one of the reasons why the cryptocurrency market rebounded last week. However, today’s market has fallen, which has also had a certain impact on cryptocurrencies. Despite this, there is good news on the regulatory front.

We’ve been saying for a while that this could be the year crypto regulation turns around, and now there’s finally some tangible progress. The biggest news this morning is that the U.S. Securities and Exchange Commission (SEC) is dropping its lawsuit against Coinbase. This is undoubtedly a major positive for the entire industry, indicating that the changes we expect are happening.

The SEC previously sued Coinbase on the grounds that it acted as an unregistered securities broker and exchange and facilitated the trading of unregistered securities. However, now that these charges are being dropped, we may see other similar cases brought by the SEC also being dropped. There had been speculation that the case might be resolved through a narrowing of its scope or a settlement, but dropping the case altogether is clearly a more positive signal. This shows that the SEC has begun to support the development of benign participants and is willing to work with them to jointly create a healthy digital asset ecosystem.

Additionally, we saw the nomination of Brian Quintenz as the new head of the US Commodity Futures Trading Commission (CFTC). The CFTC may become the primary regulator for cryptocurrencies in the future. Quintenz was the head of crypto policy at A16Z Crypto and has been working against excessive administrative regulation for the past four years. This is undoubtedly an exciting day and also indicates that the crypto industry may usher in more positive changes in the future.

Robert:

First, the SEC reorganized its crypto unit, which originally targeted benign players, into a team focused on combating digital fraud. This means the SEC will focus more on cracking down on actual wrongdoing rather than continuing to go after companies that play by the rules. This is the change the industry has been waiting for for the past four years.

Second, SEC Commissioner Hester Peirce released a statement detailing the changes they hope to promote. We hope to work with the policy team in the crypto industry to promote the healthy development of the entire industry. The dossier covers areas such as broker-dealer rules, custody rules, trading rules, and safe harbor rules. They expressed a desire to engage in dialogue with industry to jointly develop effective policies. This constructive attitude contrasts with the inflexible stance of just a few weeks ago.

Haseeb:

Hopefully, in this context, we can see more favorable policies introduced so that benign participants like Coinbase will no longer be subjected to unnecessary attacks. At the same time, regulators can also devote more resources to combating real illegal activities. We’ve been mired in memes in the past largely because regulators, under Gary Gensler’s leadership, spent all their time and resources on hitting the biggest market players through case law and neglected to police illegal behavior in the open.

Tarun:

I attended a Solana developer conference this week and there was almost no talk of memes. This shows that there are still some people in the ecosystem who are focused on the development of infrastructure and applications, and they don’t care too much about short-term market fluctuations. I think any successful ecosystem needs such builders to exist.

Haseeb:

Currently, sentiment in the infrastructure field is relatively stable. We have not seen large-scale capital outflows from Solana, nor have we found any significant difference in trading volume on DEX between Ethereum and Solana. The volatility of the two is relatively consistent.

Tom:

I think this situation might be like when the last meme was launched, no one is willing to buy it. This depressed market sentiment may deter others. But if Yeezy is really the last celebrity coin, I can accept it.