Bad actors are using aged YouTube accounts to give authenticity to advertisements of a crypto trading bot that conceals a smart contract designed to drain crypto, cybersecurity firm SentinelLABS said.
The scam is “widespread and ongoing” since at least 2024 and has spread through YouTube videos shared on social media offering tips and a smart-contract code to deploy a crypto trading bot, Alex Delamottea, a senior threat researcher with SentinelLABS, said in a report on Tuesday.
After the victim deploys the smart contract, the attacker’s wallet is added, hidden by disguising it as a trading address. When the user funds the contract, the scammer has access to drain the funds. The victim must fund the contract for the scam to work.
“The cryptocurrency ecosystem is increasingly complex, and scams like these will inevitably succeed against victims who do not thoroughly analyze how related tools work by scrutinizing what the inputs and outputs are,” Delamottea said.
Over 256 Ether stolen so far
Victims are urged to deposit at least 0.5 Ether (ETH), currently worth $1,829, to cover the cost of gas fees and ensure the profits are sizable enough to be worthwhile.
Delamottea said her investigation found that “the scams have had varying degrees of success,” with the most recently identified scammer wallet receiving 7.59 ETH, another had 4.19 ETH, and a third held 244.9 ETH, collectively worth more than $939,000.
“We observed the same wallet being used across multiple weaponized smart contracts; however, there are many unique addresses in use, so it is unclear how many unique actors are behind the scam,” she said.
Videos show scam red flags
All the YouTube accounts operating the scam are older and have a history of posting crypto news, investing tips or other pop culture-related content to boost the accounts’ rank, and appear credible, according to Delamottea.
It’s unclear if the bad actors created the channels or just purchased them for the scam because old YouTube channels can be found for sale through Telegram and in search engine results.
“Several videos appear to be AI-generated based on audio and visual tells, which makes it easier for actors to create multiple scam videos without having to take on a new identity,” Delamottea said.
Negative comments to the videos are deleted, and testimonials in the comments section claim to have personally profited from the bot.
“The actors are likely managing the YouTube comment section to delete any negative comments, with more savvy users turning to platforms like Reddit for additional context on the bot,” Delamottea said.
Don’t use bots shilled on videos
Delamottea said scams like this are becoming more common because they work for the bad actors, which is why crypto users should treat trading tools promoted through unverified social media or video content with extreme caution.
Related: North Korean hackers targeting crypto projects with unusual Mac exploit
“To defend against these types of scams, crypto traders are advised to avoid deploying code shilled through influencer videos or social media posts, particularly if it’s offering a way to make money fast,” she added.
Delamottea said it’s important to research what the tool does and validate how it works before deploying it, and to avoid anything that sounds too good to be true, such as promising quick, easy profits with no effort or risk.
Magazine: India mulls new crypto ban to support CBDC, Lazarus Group strikes again