Soon after the exploit, developers issued a silent fix. Meanwhile, crypto scammers are exploiting trade war fears in Canada by using fake news articles featuring government figures to promote fraudulent investment schemes. Additionally, a long-dormant Bitcoin wallet that is linked to the Nucleus darknet marketplace recently moved $77.5 million in BTC, fueling speculation about the motives behind the sudden reactivation of old wallets.
Ethereum Pectra Upgrade Faces Setback
Ethereum's latest Pectra upgrade encountered some unexpected issues during its rollout on the Sepolia testnet, one of which led to errors and an exploit that resulted in the mining of empty blocks. The upgrade was deployed on March 5, but Ethereum developer Marius van der Wijden reported on March 8 that the team quickly started seeing error messages on their geth node. The problem stemmed from the deposit contract, which triggered a transfer event instead of a deposit event, leading to incorrect processing.
A fix was quickly issued, but a missed edge case allowed an unknown attacker to exploit the system. By sending a zero-token transfer to the deposit address, the attacker managed to trigger the same error again. As a result, empty blocks continued to be mined, which prompted the developers to investigate further. Initially, they suspected a mistake from one of the trusted validators but soon realized the transaction originated from a new account funded through a faucet.
Van der Wijden explained that the ERC-20 standard does not prohibit zero-token transfers. This means that anyone—even without holding any tokens—could interact with the deposit contract. This loophole was identified and used by the attacker to disrupt block production.
To mitigate the issue, the team privately deployed a fix to select DevOps nodes, filtering out all transactions interacting with the deposit contract. The developers suspected that the attacker was monitoring their communications, so they did not publicise the fix and instead silently updated a few controlled nodes to restore normal block production.
By 2 pm, all nodes received the fix, and the problematic transaction was successfully mined. Van der Wijden shared that despite the disruption, the incident never resulted in the loss of finalization, and the issue was limited to Sepolia because it used a token-gated deposit contract rather than the standard mainnet deposit contract.
This was not the first time the Pectra upgrade encountered difficulties. Its previous testnet deployment on Holesky on Feb. 26 also faced issues. Due to these latest challenges, Ethereum developers decided to postpone the Pectra upgrade to allow for more testing.
The Pectra fork follows Ethereum’s Dencun upgrade, which was successfully deployed on March 13 of 2024. Dencun introduced improvements that reduced transaction fees for layer-2 networks and enhanced Ethereum rollup efficiency.
Scammers Exploit Trade War Fears
Attackers are not only targeting Ethereum and its Pectra upgrade. Crypto scammers are also exploiting trade war fears by using fake news articles and the likeness of government figures to deceive investors, according to securities regulators in Alberta and New Brunswick.
The Alberta Securities Commission issued an alert on March 7, warning that a fraudulent crypto investment scheme called CanCap falsely claimed an endorsement from former Prime Minister Justin Trudeau. The scam used a fake news article that was designed to appear as if it came from Canada’s national broadcaster, CBC, which stated that Trudeau supported the scheme as a response to US tariffs.
The Financial and Consumer Services Commission of New Brunswick issued a similar warning on March 5, and stated that CanCap also used a fraudulent news article claiming that New Brunswick Premier Susan Holt endorsed the platform. The fabricated article mimicked the design of a Telegraph-Journal web article, and alleged that Holt backed the investment program due to US tariff hikes. It even included a fake interview transcript and manipulated photos to make the endorsement look more authentic.
The warnings were made during a time of economic uncertainty in Canada after US President Donald Trump’s recent trade policies. His 25% tariffs on Canadian goods took effect earlier this month, only to be partially rolled back before he quickly threatened new 250% tariffs on lumber and dairy. Mark Carney, who replaced Trudeau as prime minister on March 9, strongly criticized Trump’s actions by calling them an attack on Canadian families . Carney also warned that Canada will win any trade war.
New Brunswick’s financial regulators said that the uncertainty caused by the tariffs is increasing anxiety among residents, making them a lot more vulnerable to financial scams. The commission’s communications director, Marissa Sollows, pointed out that scammers are preying on people who are in a heightened state of financial concern.
Scammers have been very quick to adapt, changing the name and appearance of their platforms to evade detection. CanCap already appeared under different names, including CanCentra and Immediate Flectinium, and has been linked to at least six other websites.
(Source: CertiK)
The scale of crypto-related fraud is huge, with global losses from scams, exploits, and hacks totaling close to $1.53 billion in February alone. This large number was mostly driven by the $1.4 billion hack on crypto exchange Bybit, according to CertiK. Even excluding the Bybit incident, losses exceeded $126 million in February, which was a 28.5% increase from the $98 million reported in January.
Wallet Linked to Darknet Marketplace Moves Millions
To make things even more risky for crypto investors, a Bitcoin wallet linked to the now-defunct darknet marketplace Nucleus reawakened after nine years by moving $77.5 million in BTC to three new addresses while leaving $365 million in the primary wallet, according to Arkham Intelligence. The wallet has been dormant since April of 2016, when Nucleus shut down and left behind 5,000 BTC in vendor and customer deposits. At the time, the stash was worth just $2.1 million.
Nucleus was one of many darknet marketplaces that facilitated the sale of illicit goods, including drugs and weapons. While the official reason for its shutdown was a hack, there was speculation that the administrators either ran an exit scam or were arrested. Like other marketplaces of its time, transactions on Nucleus were primarily conducted in Bitcoin because of its relative anonymity.
The sudden movement of funds from the dormant wallet came just a day after US President Donald Trump signed an executive order to establish a strategic Bitcoin reserve in the country. The reserve will initially be funded through seized crypto assets.
Bitcoin’s surge in price led to a wave of dormant wallets becoming active again. Since early 2023, Bitcoin has climbed from below $17,000 to an all-time high of approximately $109,000. This prompted long-inactive wallets from the 2010s to move funds.
In July of 2023, an 11-year-old wallet containing 1,037 BTC became active, while in May of 2024, three Satoshi-era wallets transferred large sums, including one that moved 687 BTC and two others moving a combined 1,000 BTC. June 2024 saw a whale transfer 8,000 BTC from a five-year-old dormant wallet, and in September 2024, five miner wallets from the Satoshi era reawakened after 15 years.
Speculation continues to grow over why these wallets are becoming active. Some experts attribute it to rising Bitcoin prices. Meanwhile, Tether CEO Paolo Ardoino suggested that advancements in quantum computing could soon pose a threat to early Bitcoin wallets.
