Crypto Kleptocracy and the Scammers Paradise

By Mark Hays

Cryptocurrency promises a high-tech opportunity to make buckets of money, but like most get-rich-quick schemes, rip-offs are ubiquitous. The crypto industry is rife with scams, hustles akin to stock swindles, cyberbreaches, and other crimes that can easily separate investors and consumers from their money.

The gauzy promotions of the industry, which touts itself as an alternative to traditional finance that uses technology to sidestep banks and brokers and offers new ways to democratize wealth-building, don’t pass the laugh test. Most of the industry contends that crypto doesn’t need meaningful government oversight because its technological innovation (blockchain ledgers, cryptography, smart contracts, and other sophisticated computer programming) makes it more secure and resilient.

But these platforms, from the centralized crypto platforms like FTX to so-called decentralized finance (DeFi) crypto markets (like Uniswap or Aave), have been a cesspool of greed, conflicts of interest, market manipulation, blind spots, and recklessness with few meaningful regulatory guardrails to protect investors. Ultimately crypto offers the worst of both worlds — all the fraud and exploitation found in the non-crypto financial world, but with fewer tools and less regulatory oversight to hold bad actors accountable.

Hacks and Scams: Hackers frequently exploit the widespread computer coding flaws of DeFi crypto tokens, programs, and platforms to defraud or steal from investors on a large scale. One study estimated investors lost $1.95 billion in crypto assets on DeFi platforms due to hacks, theft, or exploits in 2023 alone. Investors only recovered about 10 percent of those losses. Some common tricks include:

• Rug-pulls: Developers or insiders push false or misleading hype about a crypto investment opportunity to lure in investors, then use their insider platform access to suddenly withdraw all project funding and pocket the proceeds, leaving investors holding tokens with little or no value.
• Access control attacks or phishing scams: Hackers trick users into revealing login or credential information, or exploit weaknesses in software permission or access rights to gain control of investors’ funds to steal or misuse them.
• Oracle attacks: Hackers manipulate the programs (known as oracles) that provide external price data to feed false price information to DeFi programs, tricking them into executing automatic trades or other actions based on fake information — leading to errors, fraud, theft, and investors’ financial losses.
• Flash loan attacks: Scammers borrow large amounts of crypto (without collateral) they then use to manipulate market prices or exploit software bugs to extract wealth from the unsuspecting investors on the other side of these trades.

While some of these swindles show up in traditional finance, there are regulators on the beat to protect investors and these scams are less common and less successful. There are rules against uncollateralized loans, required disclosures, strong custodial rules, credible systems that provide accurate price information, anti-fraud and manipulation rules, and more. The crypto industry — especially DeFi —has resisted being subject to these same rules, suggesting that regulation would undermine the industry’s innovative potential. But exempting the industry from regulatory oversight, or allowing it to craft its own rules, simply leaves investors subject to actual and substantial losses.

Market Manipulation: DeFi exchanges face major market manipulation problems that expose crypto investors to fake and expensive market swings. Crypto traders often secretly buy and sell the same asset to themselves (a practice known as wash trading) to manipulate prices by deceptively drumming up demand. This dupes investors into buying assets with inflated values, selling assets too early, or making risky bets based on false information. A recent study found that nearly 70 percent of the liquidity pools operating on Ethereum-based DeFi exchanges executed wash trades that manipulated the price of 20,000 tokens worth $2 billion. The real losses across the industry are likely far higher. This week, U.S. prosecutors charged 18 people as well as four major crypto companies (Gotbit, ZM Quant, CLS Global, and MyTrade) with market manipulation for wash trades, seized over $25 million in crypto, and deactivated trading bots that drove millions of wash trades.

These kinds of wash trades are banned on traditional stock markets but the DeFi proponents say they don’t need that kind of regulatory oversight and that these decentralized platforms should not be held accountable for widespread market manipulation. But smaller investors will always be patsies in a market where wealthy investors, insiders, or bad actors can manipulate prices without any accountability.   

Crypto facilitates illicit finance: Crypto plays a significant role facilitating illicit finance that harms individuals and communities worldwide. Criminals love the anonymity, portability, and cross-border nature of crypto to hide and launder their illegal earnings. DeFi platforms play unique roles in illicit finance. For example:

• DeFi’s cybersecurity flaws can make them vulnerable to money launderers who hack into smart protocols to launder crypto associated with illicit activities.
• DeFi exchanges often skirt anti-money laundering compliance requirements that traditional financial actors (and even some centralized crypto exchanges) are obligated to meet.
• Decentralized applications like mixers obscure transaction trails between users or across crypto exchanges that simplifies money laundering. For example, the Tornado Cash mixing app facilitated money laundering, including the 2022 Ronin Bridge hack of $540 million that was attributed to North Korea’s Lazarus Group.

What is the DeFi industry’s reply to hundreds of millions of dollars being lifted by North Korea? It insists that anti-money laundering laws are outdated, that these rules don’t fit DeFi, or even claim that preventing their platforms from being used to facilitate illicit finance unacceptably infringes on free speech. But explicitly refusing to combat illicit finance only makes it more attractive to criminals.

The near total lack of guardrails and the rapidly growing crypto industry’s stubborn resistance to meaningful oversight makes the crypto universe a Wild West of scammers. The purported promise of decentralized and democratized finance shows its true colors when investors get hacked and when crypto’s “most obvious and ready use is indeed for drug dealing and money laundering,” as Nobel Laureate Paul Krugman recently summarized.

The crypto industry is now pouring money into the election — currently $119 million and nearly half of all corporate money, according to Public Citizen — hoping to stave off the kinds of enforcement that could protect investors and keep bad actors out. Congress and the regulators should stand up to the monied crypto interests and not get hoodwinked by an industry crawling with scammers, hucksters, and swindlers.

###