A Rocky Start: Fallen Victim to Spoofed Upbit & Bitfinex Emails
0xB520
November 18th, 2021
https://commonwealth.im/knoxedge/proposal/discussion/2484-are-centralized-exchanges-good-or-bad-for-knx-token-should-we-list-it-on-cex-why-or-why-not
https://commonwealth.im/knoxedge/proposal/discussion/2484-are-centralized-exchanges-good-or-bad-for-knx-token-should-we-list-it-on-cex-why-or-why-not

Dear Knoxers, we would first like to thank everyone for your early support and participation in governance week to decide the future of KnoxEdge DAO, but we have some bad news to share today. Pressured by KNX price decline & KNX airdrop distribution this week, we wanted to apply for KNX listing on Tier 1 centralized exchanges so that KNX would be listed on CEX before KNX airdrop. Unfortunately, we have fallen victim to spoofed emails by sophisticated scammers impersonating Bitfinex & Upbit Global.

Bitfinex

On Nov 1, we submitted a listing application to listing@bitfinex.com. On Nov 3, listing@bitfinex.com informed us that we were shortlisted and asked us to proceed to the next step of listing. We joined their telegram, submitted our ticket ID for confirmation, and further pitched them on telegram.

On Nov 5, listing@bitfinex.com informed us that we were accepted and sent a contract to us. We double checked the email address + domain (@bitfinex.com) and confirmed everything was legit. So we signed the contract with them and sent them a “refundable” security deposit of 170,000 USDT + marketing fees of 189,000 USDT:

Upbit Global

We were hoping for a concurrent double CEX listing. In the same period of time, we submitted our application to Upbit Global. Similar to Bitfinex, we received a ticket ID from listing_sg@upbit.com for further discussion and pitching on their Telegram. On Nov 5, we received a contract from listing_sg@upbit.com. To proceed with the listing, we signed the contract and sent them $250,000 security deposit & liquidity deposit respectively + 500k KNX: https://etherscan.io/tx/0x303f5c354ae48879ac029170e46770e24f8d5801ca00552285c9ad13f8839916

The red flag came when we saw they market dumped the 500k KNX hours later at 10PM EST on our low-liquidity KNX-USDC Uniswap V3 pool (https://etherscan.io/address/0x876ae9b570022967be853af15f9cc0d0bcc378f4#tokentxns). We realized that something is not right although the emails were indeed sent from listing_sg@upbit.com! We immediately removed and re-added liquidity on Uniswap V3 to make sure CoinMarketCap is showing the correct KNX price on Ubeswap, where most KNX liquidity is provided.

Discovering the Truth

We then contacted Bitfinex and Upbit customer services to validate our listing process with listing@bitfinex.com & listing_sg@upbit.com. They informed us that those sophisticated scammers have spoofed their email address to look like we’re dealing with their official listing team. Upbit customer services then guided us on how to spot a spoofed email, which shared the same exact official sender’s email addresses: listing@bitfinex.com & listing_sg@upbit.com!

Our hearts sank when we saw the seemingly real listing@bitfinex.com & listing_sg@upbit.com addresses with legit domains were actually ‘not designated as the permitted sender’. We were not aware hackers can gain access to an official email domain even though they don’t own them, e.g. @bitfinex.com!

We are currently working with authorities to track the funds and identify the hackers. Their wallets have TXs in/out Coinbase & Binance. It might be possible to doxx the hackers to prevent future scams.

Message from the Team

We were hoping to list KNX on these two leading centralized exchanges in November to satisfy community request to list on top tier 1 exchanges for visibility and traction boost. But instead, we have disappointed the community and lost some DAO funds to hackers impersonating listing_sg@upbit.com & listing@bitfinex.com.

We are deeply sorry for what has happened, and our mistakes are inexcusable. We sincerely ask for your forgiveness. We received a lot of scammy telegram messages right after KNX listing on Coingecko. We muted telegram because of this, but still we fell victim to spoofed emails that share the same exact official email domains: listing_sg@upbit.com & listing@bitfinex.com.

We hope our mistakes will raise awareness on the ugly scams and shills that are happening in crypto right now not just to new users, but also to new projects/founders. This is exactly why we are building a Learn2Earn platform to help educating and preventing people from falling into scams. We will learn from our mistakes and continue to build knowledge DAO tools for the Web3 community. To compensate for the loss of DAO fund, 7,000,000 KNX will be transferred from KnoxEdgeLabs allocation to the DAO treasury. Lastly, we sincerely ask all Knoxers for your forgiveness.

Website | KnoxMarket | Mirror | Discord | Telegram | Instagram

Arweave TX
q2_L-57juGp5AnNioHqRNa5nAbia5kJ8DrHZk7B96h0
Ethereum Address
0xB52093Eb79BBAa599C0De56FD58ceF84656ec987
Content Digest
4Mz0xkygKK1jVWPDdlWeFXeo9wulZOhX1YwxOrxk4fI