In this issue:
NFT Integration Software Released; NFTs Used to Serve Complaint in Civil Action
US Treasury Official Signals Forthcoming DeFi Illicit Finance Risk Assessment
SEC Chairman Comments on Crypto Activities, NYAG Sues Crypto Exchange
US and International Law Enforcement ‘Takedown’ Crypto Mixing Service
Hackers Use ‘Flash Loan Attack’ to Steal $199 Million from DeFi Protocol

NFT Integration Software Released; NFTs Used to Serve Complaint in Civil Action

By Christopher Lamb

According to a recent press release, a major U.S. software company has launched a suite of tools that will allow users to “enter the Web3 and NFT space in a safe way, and buy directly from their trusted brand’s website as opposed to third-party marketplaces.” The new product reportedly includes “drag and drop tools” to help brands set up NFT collections and API integration that allows brands to access data and “link customer activity across Web2 and Web3.” According to the press release, the new tools will allow organizations to obtain “a holistic view of each customer across both physical and digital environments.”

According to a recent report, a Florida federal judge entered a default judgment in favor of a party who served “complaints to more than a dozen unidentified suspects through a non-fungible token.” According to the report, it is “possible to track the NFT when opened.” An attorney for the plaintiff in the case said allowing service through NFTs “is going to pave the way” to start suing fraudsters. The order from the Florida federal judge is reportedly the first of its kind granting a default judgment after service of a complaint through an NFT.

According to recent reports, NFT marketplaces have accounted for $73.8 billion in trading volume, but the report suggests “more than 42% of the volume is fake, with $31.2 billion attributed to wash trading.” The report notes that two popular NFT platforms have flagged 98% and 85% of their transaction volume as suspicious. The report suggests that fake NFT trading volume can “[i]nflate prices and manufactur[e] popularity of certain collections” and allow criminals to use NFTs “as a means of money laundering.”

In a final development, a recently filed class action lawsuit reportedly alleges that a popular NFT platform “illegally sold unregistered securities when it released non-fungible tokens through its own marketplace.” The complaint reportedly alleges that the “NFTs were not decentralized” and the company controlled “every aspect” of the NFTs, including the ledger that recorded their ownership. According to one report, the popular platform “started to lose out to other NFT marketplaces,” and with the decrease in demand for the platform’s NFTs, “their value tanked.”

For more information, please refer to the following links:

US Treasury Official Signals Forthcoming DeFi Illicit Finance Risk Assessment

By Robert A. Musiala Jr.

This week the U.S. Department of the Treasury published prepared remarks made by Assistant Secretary for Terrorist Financing and Financial Crimes Elizabeth Rosenberg at a meeting with banking sector representatives. The Assistant Secretary’s remarks included comments on the illicit finance risk of decentralized finance (DeFi), and she noted that “my team is actively working on and will soon publicly release an illicit finance risk assessment on DeFi.” The Assistant Secretary also expressed concern over the use of digital assets by North Korea-affiliated actors who have “conducted ransomware attacks, stolen hundreds of millions of dollars’ worth of virtual assets, and laundered their ill-gotten funds through mixers and other virtual asset service providers to fund North Korea’s illegal nuclear and ballistic missiles programs.”

In a foreign-based development, the Thailand Securities and Exchange Commission recently published notice that it is seeking public comments on a draft regulation that would prohibit digital asset business operators from (1) accepting deposits of digital assets from customers and lending, investing, staking or employing such digital assets; (2) accepting deposits of digital assets from customers and paying them regular interest or other types of benefits from their own source of funds unless those activities are in accordance with sale promotion rules; and (3) dvertising, persuading or acting in any other manner to support deposit taking and lending services. Comments on the proposed regulation are due by April 7.

For more information, please refer to the following links:

SEC Chairman Comments on Crypto Activities, NYAG Sues Crypto Exchange

By Robert A. Musiala Jr.

The Chairman of the U.S. Securities and Exchange Commission (SEC), Gary Gensler, recently published an Op-Ed article titled Getting crypto firms to do their work within the bounds of the law. Among other things, in the article, Chairman Gensler addressed “the talking point that there’s a lack of clarity in the securities laws” and said he found such claims “unpersuasive.” In paragraphs full of hyperlinks to SEC materials, Chairman Gensler cited to various prior SEC actions addressing crypto market activities including lending, staking, “listing crypto securities,” combining functions, accounting for crypto assets, disclosure obligations, and custody. Key SEC materials cited in Chairman Gensler’s article include the DAO Report; the Framework for “Investment Contract” Analysis of Digital Assets; SEC actions against BlockFi, a U.S. crypto trading platform, a major U.S. crypto exchange, Nexo, Poloniex, and EtherDelta; a prior speech made by the Chairman; Staff Accounting Bulletin No. 121; previously issued disclosure guidance; a recent SEC proposed rule; and a list of SEC crypto enforcement actions. Addressing SEC enforcement actions, Chairman Gensler said, “The goal is to get market participants into compliance with laws and rules and to protect … U.S. investors.”

In separate remarks recently covered by the news media, Chairman Gensler reportedly addressed proof-of-stake tokens and protocols. In his comments, Chairman Gensler reportedly said that staking participants are “anticipating a return … on those proof-of-stake tokens” and suggested that “a protocol that’s often a small group of entrepreneurs and developers” should “seek to come into compliance.”

In another recent development, the New York Attorney General (NYAG) announced a lawsuit against the KuCoin cryptocurrency exchange “for failing to register as a securities and commodities broker-dealer and falsely representing itself as an exchange.” According to a press release, the enforcement action “seeks to stop KuCoin from operating in New York and to block access to its website until it complies with the law.” In a notable statement, the press release stated, “This action is one of the first times a regulator is claiming in court that ETH, one of the largest cryptocurrencies available, is a security.”

For more information, please refer to the following links:

US and International Law Enforcement ‘Takedown’ Crypto Mixing Service

By Joanna F. Wasick

On Wednesday, the U.S. Department of Justice (DOJ) announced a coordinated international “takedown” of ChipMixer, an unlicensed darknet cryptocurrency “mixing” service that according to the DOJ laundered more than $3 billion worth of cryptocurrency from multiple criminal schemes involving ransomware, darknet markets, fraud, cryptocurrency heists and other hacking schemes around the world, including those perpetrated by North Korea’s Lazarus Group. According to the DOJ, ChipMixer allowed customers to deposit bitcoin, which ChipMixer then commingled with other ChipMixer users’ bitcoin in order to prevent enforcement agencies or regulators from tracing criminal transactions. ChipMixer also allegedly offered other additional features to obfuscate its criminal customers’ identities and concealed the operating location of its servers to avoid seizure by law enforcement. As part of the takedown, the U.S. government seized two domains that directed users to the ChipMixer service and one GitHub account, and charged one individual with operating an unlicensed money transmitting business, money laundering and identity theft in connection with ChipMixer’s operation. German law enforcement reportedly seized the ChipMixer back-end servers and more than $46 million in cryptocurrency. Law enforcement in Belgium, Poland and Switzerland also assisted in the criminal investigation, as did Europol.

For more information, please refer to the following links:

Hackers Use ‘Flash Loan Attack’ to Steal $199 Million from DeFi Protocol

By Robert A. Musiala Jr.

According to recent reports, “Crypto lending protocol Euler Finance suffered a loss of $199 million on the morning of March 13th, following a flash-loan attack.” The attacker reportedly exploited a flaw in one of the Euler Finance smart contracts to steal USDC, Dai, WBTC and Staked Ether, and then laundered the proceeds using Tornado Cash, a decentralized mixing service that has previously been sanctioned by the U.S. government. According to reports, blockchain data shows that an address associated with the hack sent 100 ETH to a wallet associated with Lazarus Group, a cybercrime group affiliated with the government of North Korea.

For more information, please refer to the following links: