- South Korea dismantled a $102M crypto laundering network; KCS referred three suspects amid wider inspections on illicit flows.
- Saga paused SagaEVM after a $7M USDC exploit; Makina Finance faced an oracle attack with losses estimated around $4.13M–$5.1M.
- A Utah man received three years for fraud and illegal cash conversion; a reported ethereum auction bug was fixed with a $5,000 bounty.
In south korea, customs authorities say they have dismantled a cryptocurrency-linked money laundering operation worth nearly $102 million, one of several digital-asset security and enforcement developments highlighted this week. The roundup also includes a $7 million exploit that led Saga to pause its SagaEVM network, an oracle manipulation incident tied to about $5 million at Makina Finance, a three-year U.S. prison sentence for fraud and illegal cash-to-crypto conversion, and a reported software flaw that briefly enabled traders to win ethereum transaction auctions without paying the expected fees.
South Korea targets alleged crypto-linked money laundering
Customs investigators in south korea said they broke up an international network that allegedly moved close to $102 million using cryptocurrency and the country’s banking system. The Korea Customs Service (KCS) said it referred three suspects to prosecutors on alleged violations of the Foreign Exchange Transactions Act.
Authorities claim the group operated from September 2021 to June, masking illicit transfers as ordinary spending. Investigators said the suspects presented payments as costs such as cosmetic surgery and overseas education fees. To reduce the chance of being flagged, officials allege the network purchased crypto assets in several countries, moved them into wallets in south korea, converted them into won, and then spread the proceeds across many domestic bank accounts.
The case was announced as the KCS continues wider efforts focused on illegal foreign exchange activity. In January, the agency launched inspections designed to run year-round and aimed at underground money changers. Officials also pointed to a growing mismatch between trade proceeds processed through banks and goods reported through customs, saying the gap expanded to about $290 billion last year, a discrepancy they linked to worries about unlawful capital movement.
Exploits hit SagaEVM and Makina Finance
Saga, a layer 1 blockchain project, said it paused its SagaEVM network after an exploit that drained nearly $7 million in USDC. According to the team, an attacker carried out unauthorized withdrawals on SagaEVM, bridged the stolen USDC out, and then converted the funds into ether.
Saga said it stopped the chain at block height 6,593,800 after identifying suspicious activity. The company said SagaEVM will remain paused while investigation and remediation continue. It also said it is coordinating with partners, including exchanges and bridge operators, to blacklist the attacker’s address and reduce further exposure.
Early information shared by Saga described the exploit as a fast-moving sequence that combined contract deployments, liquidity shifts, and cross-chain activity. Saga said the issue was limited to SagaEVM and did not affect its SSC mainnet, the consensus layer, or validators. The team also said it found no sign of compromised keys or failures in consensus.
A separate incident involved decentralized finance protocol Makina Finance, which blockchain security firm CertiK said suffered a smart contract exploit that removed about $5 million from one stablecoin pool. CertiK attributed the attack to oracle manipulation involving a 280 million USDC flash loan used to influence pricing supporting the protocol’s DUSD/USDC Curve pool.
CertiK said the attacker put about 170 million USDC to work to distort the MachineShareOracle. The remaining 110 million USDC was then traded against a pool with roughly $5 million in liquidity, a sequence CertiK said effectively drained the pool. Makina Finance launched in February and describes itself as an institutional-grade decentralized finance execution engine. DefiLlama data listed the project at about $100.5 million in total value locked.
Loss figures varied among firms reviewing the event, with estimates ranging from $4.13 million to $5.1 million. CertiK also reported that an MEV builder captured most of the stolen assets, seizing about $4.14 million. Makina’s team has not confirmed the exploit, saying only that it is looking into a potential incident and advising liquidity providers to withdraw funds from affected positions.
U.S. sentencing and an ethereum auction bug
In the United States, prosecutors said a federal court sentenced Utah resident Brian Garry Sewell, 54, to three years in prison for defrauding investors and operating an unlicensed cryptocurrency money-transmitting business. Sewell pleaded guilty to wire fraud tied to losses exceeding $2.9 million. Prosecutors also said he illegally converted more than $5.4 million in bulk cash into cryptocurrency for third-party clients, including people linked to fraud and drug trafficking.
U.S. District Court for the District of Utah Judge Ann Marie McIff Allen ordered an additional three years of supervised release. The court also ordered $3.82 million in restitution, covering payments to defrauded investors, financial institutions, and the U.S. Department of Homeland Security.
Prosecutors said the investment scheme ran from late 2017 to April 2024 and involved misleading at least 17 investors about Sewell’s qualifications and ability to produce high returns. Separately, they said he operated Rockwell Capital Management in 2020 without required federal anti-money laundering registration or reporting.
Another disclosure focused on a flaw in software used for auctions that determine priority inclusion of transactions on ethereum, where blocks are added every 12 seconds. The researcher described how traders seeking guaranteed-profit opportunities often bid for priority, with auctions commonly pushing much of the profit to the network operator that includes transactions.
The reported bug involved timing during bid verification. The system checked for the highest payment and then, in a separate step, fetched that bidder’s transaction. In the brief interval between those actions, a malicious trader could swap a high-fee transaction for one that cost almost nothing. That could lead the system to select the trader as the winner but collect no payment, allowing the trader to keep the profit. The researcher said the tactic was not consistently reliable but could be attempted with limited risk if handled carefully.
The issue was reported in 2023. Developers addressed it by making bid verification and transaction selection a single, indivisible operation. The researcher received a $5,000 bounty for reporting the vulnerability.
Conclusion
Across enforcement actions, network pauses, protocol-level exploits, and software disclosures, this week’s developments show persistent pressure points in digital assets. In south korea, customs officials tied nearly $102 million in alleged laundering activity to crypto and domestic banking channels, while other cases underscored how smart contract design, cross-chain mechanics, and transaction-priority systems can create openings for losses or manipulation when controls fail.
Disclaimer
The information provided in this article is for informational purposes only and should not be considered financial advice. The article does not offer sufficient information to make investment decisions, nor does it constitute an offer, recommendation, or solicitation to buy or sell any financial instrument. The content is opinion of the author and does not reflect any view or suggestion or any kind of advise from CryptoNewsBytes.com. The author declares he does not hold any of the above mentioned tokens or received any incentive from any company.
Featured image created by AI
