It is also alleged that AMP GPT defrauded more than 3,000 investors in Mexico through a crypto trading bot scam. Giggle Academy, which was founded by former Binance CEO CZ, suffered a hack that compromised its X account. On the bright side, Thala Labs on the Apotos blockchain was able to successfully recover $25.5 million stolen from its liquidity pools.
Hack Drains $12 Million from Polter Finance
Polter Finance, a decentralized non-custodial lending and borrowing platform, stopped its operations after a hack drained $12 million of its total value locked (TVL). The incident happened on Nov. 17, and prompted the platform to pause its services and notify investors on X while launching an investigation into the exploit. The stolen funds were traced to wallets on the crypto exchange Binance.
The breach can be attributed to a faulty oracle price-related flash loan attack, which targeted Polter Finance’s newly launched SpookySwap (BOO) market. According to Web3 security firm TenArmor, the exploit resulted in a loss of $12 million. Polter Finance has not yet confirmed the specific nature of the attack but reached out to the hacker through an on-chain message, proposing negotiations and offering immunity. However, the hacker has not responded just yet.
The pseudonymous founder of Polter Finance, who is known as Whichghost, filed a police report with Singapore authorities on the same day, confirming the loss of over 16.1 million Singapore dollars, equivalent to $12 million. This included $223,219 in personal losses.
Interestingly, community members on X are a bit skeptical about the incident. Some even speculated about the possibility of insider involvement. Critics questioned whether the filing of the police report might be an attempt to divert scrutiny away from internal issues.
In response to the incident, Polter Finance announced a partnership with the Security Alliance Information Sharing and Analysis Center (SEAL-ISAC) to help track down the attacker.
Before the exploit, Polter Finance managed a market size of $12 million, which consisted of $7.87 million in Fantom (FTM), $1.03 million in wrapped USD Coin (USDC), $251,000 in Magic Internet Money (MIM), and $2.1 million in Stader sFTMX, among other assets. Despite its attempts to try and recover the stolen funds, the incident cast doubt on the platform’s security measures and operational integrity.
AMP GPT Scam Leaves Thousands Without Funds
Polter Finance was not the only recent victim of crypto crime. A suspected crypto trading bot-themed scam reportedly left more than 3,000 people in the Tehuacán and Puebla regions of Mexico out of pocket. The company at the center of the allegations, AMP GPT, is accused of defrauding investors through promises of guaranteed returns through cryptocurrency trading bots.
Initially, investors reported receiving payouts, but these quickly stopped, and withdrawals on the AMP platform became impossible. Investors claim they were then asked to pay “verification fees” to access their funds, which only exacerbated their losses.
AMP GPT had offices in Tehuacán and Puebla, but they have since been abandoned, leaving customers without answers. Some people identified as company “leaders” have also claimed to be victims, and denied any knowledge of the alleged scheme. Complaints have been filed with public prosecutors, and around 100 affected individuals formally signed complaints in an attempt to get justice.
Victims reported that the company encouraged them to buy crypto trading bots for set periods and promised big daily payouts. However, these promises quickly unraveled as cash payouts were delayed and communications from the company became more sporadic. Earlier this month, AMP GPT issued a statement that blamed the delays on a “Shopping Festival” event, which it claimed will offer rewards. The company also introduced a supposed “Crypto-VISA” card, which promised payouts in exchange for high-priced stakes.
The scheme reportedly collapsed after an influx of new users, which was driven by promises of returns as high as double or triple their initial investments. As the number of participants grew, so did delays in the payouts, which culminated in the shutdown of AMP GPT’s withdrawal channels, WhatsApp groups, and other communication lines.
Some of the marketing materials from the company referenced well known crypto assets like Bitcoin (BTC) and Dogecoin (DOGE), as well as people like Elon Musk and major platforms like Binance and Crypto.com, to add some legitimacy to its claims.
AMP GPT stated that it is cooperating with authorities to clarify the situation. However, for many, the damage has already been done.
CZ’s Giggle Academy Targeted in Cyberattack
Giggle Academy, an educational initiative that was founded by former Binance CEO Changpeng Zhao (CZ), also recently fell victim to a hack that compromised its official X account. The breach was confirmed by CZ on Nov. 16.
The incident involved hackers spreading phishing links and false information, including fabricated claims about a “new CEO” for the organization. These posts contained malicious links that were designed to trick users into verifying the false announcement, potentially compromising their accounts. CZ quickly warned the public to avoid interacting with the compromised account.
Giggle Academy offers free online courses for grades 1 to 12, and covers core subjects alongside emotional intelligence, finance, and blockchain, to empower underserved communities through accessible education.
According to blockchain security firm CertiK, phishing-related losses in 2024 have exceeded $800 million. This was able to happen because of increasingly sophisticated techniques like wallet-draining schemes and address poisoning. CertiK documented 247 phishing incidents this year alone, and the first quarter recorded the highest number of attacks at 82 cases. The second quarter led in financial losses with $433 million stolen.
Hackers have been refining their methods, and combining traditional phishing techniques with more advanced tools like Angel Drainer and Pink Drainer. Wallet-draining scams exploit permissions granted by unsuspecting users, which makes it possible for attackers to access funds.
Thala Labs Recovers $25.5M After Hack
On the bright side, the decentralized finance platform that is operating on the Apotos blockchain, Thala Labs, successfully recovered $25.5 million in stolen liquidity pool tokens after a security breach in its v1 farming contracts. The breach took place on Nov. 15, and was attributed to an isolated vulnerability that allowed the hacker to withdraw liquidity tokens.
Thala acted very quickly by pausing affected contracts and freezing $11.5 million in assets. With the assistance of law enforcement and blockchain investigators like Seal 911 and Ogle, the hacker was identified and persuaded to return the stolen funds within just six hours of the attack.
In exchange for the return of user assets, Thala negotiated a $300,000 bounty with the hacker. Although the identity of the attacker is still unknown, Thala assured its users that no further action is required on their part, as all affected positions will be fully restored. While the platform’s front end resumed operations, farming is still paused as Thala conducts a comprehensive review and re-audit of its protocol to ensure future security.
Unfortunately, the hack still had some major financial repercussions. Thala’s native token, THL, dropped by 35% to $0.51 after the breach as about $2.5 million worth of THL tokens and $9 million in Move Dollar (MOD) stablecoins were stolen. Additionally, the platform’s TVL decreased from $240 million to $199.4 million, according to DefiLlama.
Thala TVL (Source: DefiLlama)
In October alone, $130 million was stolen from victims. Radiant Capital suffered the largest single loss of $54 million. Over Q3 2024, hackers exploited DeFi platforms in 28 incidents, collectively stealing $460 million, according to cybersecurity firm Hacken.
This article was originally Posted on Coinpaper.com
