According to the United States Department of Justice, Manhattan Federal Court today charged John McAfee and his team’s executive adviser Jimmy Gale Watson Jr for fraud and money laundering conspiracy crimes. 

McAfee has been charged with securities fraud, touting, and wire fraud among other offenses stemming from the fraudulent promotion of crypto that federal law recognized as securities.

On 6 October last year, United States watchdog, Securities Exchange Commissions (SEC) charged the founder of the McAfee antivirus software firm for allegedly making over $23 million in the process of shilling seven initial coin offerings. Jimmy Gale Watson Jr. was also charged for violating Securities’ law in real-time on Twitter for shilling the ICOs along with McAfee. 

The ICOs reportedly raised $41 million in the process with half of those proceeds pocketed by McAfee. 

Manhattan US Attorney Audrey Strauss alleged that the duo exploited social media and “enthusiasm” among investors in the “emerging crypto market” to make millions through “lies and deception.” She further claimed: 

…[McAfee and Watson] allegedly used McAfee’s Twitter account to publish messages to hundreds of thousands of his Twitter followers touting various cryptocurrencies through false and misleading statements to conceal their true, self-interested motives.

The investors of these ICOs allegedly concealed the fact that they were compensating McAfee and his team for their promotional tweets through funds raised from public ICO investors.

While McAfee is currently detained in Spain on separate criminal charges filed by the DoJ’s Tax Division. Watson was arrested on 4 March in Texas and will be presented before a federal magistrate judge in the Northern District of Texas, today. 

Checkout PrimeXBT
Trade with the Official CFD Partners of AC Milan
Source: https://ambcrypto.com/john-mcafee-faces-more-charges-connected-to-money-laundering-and-wire-fraud

Paid Network, a DeFi platform aimed at real-world businesses, has been exploited today in an “infinite mint” attack that has sent PAID token prices plunging upwards of 85%.

While the exploit netted nearly $180 million in PAID tokens at the time of the attack — what would have comfortably been the largest exploit of a DeFi protocol — the hacker’s payday will end up being far less. One observer noted that the attacker’s wallet only converted some of their tokens to wrapped ether, leaving the rest in rapidly-devaluing PAID tokens: 

Summary of $PAID incident:

Total PAID swapped to WETH: 2079.603371141493
= $3,104,887.33

Total PAID left in account: 594,717,455.71
= $24,313,147

Total amount in attacker account = $27,418,034.33

Stay Safe. pic.twitter.com/Lz93qGKAq0

— vasa (@vasa_develop) March 5, 2021

The attacker’s wallet still has over 57 million PAID tokens worth $37 million. 

The exploit is conceptually similar to an attack on insurance protocol Cover that took place in late December last year. In that instance, the team took a “snapshot” of holders prior to the attack and issued a new token, returning the supply of the token to pre-exploit levels.

The team confirmed on Twitter that they are currently planning for a snapshot and restoration:

We are investigating the issue. We pulled liquidity, are creating a new smart contract, & will be restoring everyone’s original balances to before the hack.

Those with staked, Lpool & UniFarm $PAID will have their tokens be sent to them manually.

We will share more updates soon

— PAID NETWORK (@paid_network) March 5, 2021

However, token holders anxious for a resolution may be out of luck. Some in the community are speculating that the attack on PAID wasn’t an exploit at all, but instead a “rugpull” — a colloquial term for an insider designing contracts to specifically make them exploitable and swiping user funds. 

Nick Chong of Parafi Capital noted on Twitter that Paid’s deployer contract, an externally controlled account, transferred ownership of the deployer to the attacker shortly before the mint, indicating that a member of the team either rugpulled, or errantly allowed the attack to take place with a security lapse:

Paid Network’s deployer, an EOA, transferred ownership of a contract to the attacker 30 mins before the minthttps://t.co/h14GdV4fCf

— Nick Chong (@n2ckchong) March 5, 2021

Additionally, a DeFi risk analysis account @WARONRUGS warned of exactly this exploit in late January, noting that the contract owner can mint PAID tokens at any time:

❌ Scam Advisory #86- PAID Network $PAID (0x8c8687fC965593DFb2F0b4EAeFD55E9D8df348df)

Reason: The owner can mint tokens and did mint tokens to fresh wallets who never bought the presale. Contract is behind a proxy.

Likeliness of losing all funds: Very High

DYOR. #WARONRUGS❌ pic.twitter.com/YQunjpWuxY

— #WARONRUGS❌ (@WARONRUGS) January 25, 2021

An on-chain note sent to the attacker has ominously warned that “the LAPD will be in contact with Kyle Chasse very shortly.” Kyle Chasse is the CEO of Paid Network.

Paid Network did not respond to a request for comment by the time of publication. 

Checkout PrimeXBT
Trade with the Official CFD Partners of AC Milan
The Easiest Way to Way To Trade Crypto.
Source: https://cointelegraph.com/news/paid-network-exploiter-nets-3-million-in-infinite-mint-attack