Last week, SentinelLABS revealed that more than $1 million was stolen from crypto users through fake MEV (maximal extractable value) trading bots.
The scam used AI-generated YouTube tutorials on aged channels to lure victims into deploying malicious smart contracts. Targets were told to fund the contracts with ETH and call a “Start()” function, but their funds were rerouted to hidden attacker wallets.
Campaign Details
Scammers uploaded AI-created videos showing avatars and synthetic voices to reduce costs and take out content at large. These tutorials appeared on long-standing YouTube accounts filled with unrelated posts.
Some videos were set as unlisted and shared through Telegram or direct messages. Comment sections were also manipulated to look genuine, giving users false confidence in the bots.
Victims followed step-by-step guides to deploy a smart contract via the Remix tool. In reality, the code included hidden routines that sent incoming ETH to attacker-controlled addresses.
The fraudsters used very basic methods. They applied XOR operations to scramble data and changed decimal values into long hexadecimal strings to hide destination addresses.
Even if users never called the main function, fallback code let attackers drain any deposited funds.
Attackers’ Gains
Analysis by SentinelLABS found that most attacker wallets netted between $10,000 and $99,999. One wallet, linked to an alias “Jazz_Braze,” collected over $900,000.
Also Read: Blockchain Security Firm SlowMist Warns of Fake Telegram Groups Running Phishing Scams
They noted, “Each contract sets the victim’s wallet and a hidden attacker EOA as co-owners. Even if the victim doesn’t activate the main function, fallback mechanisms allow the attacker to withdraw deposited funds.”
After starting withdrawals, funds were shifted in huge amounts to secondary accounts to break up the money tracking. Overall, the total stealing crossed $1 million, showing how a few large hauls can drive major losses.
Wider Industry Impact
This scam underscores growing risks in the crypto space as more users experiment with manual contract deployment.
SentinelLABS cautioned that free bots promoted on social media often carry hidden traps. The firm urged traders to review and even testnet code before using it on mainnets, since identical tactics can jump across blockchains.
Lucie, the official marketing lead for Shiba Inu, posted an alert on X (Twitter) to warn the SHIB community about similar scams.
She reminded followers that phishing emails and fake videos can look authentic, using real logos and familiar language to trick users. Her message stressed the need for extra vigilance when handling digital assets.
As these types of scams grows, one thing worth noticing is the ways and types of scammers committing these crimes are also evolving. Therefore, people should be very careful about who are they talking to online.
Also Read: Crypto Investigator Warns Against Fake HyperLend Ads On Google That Could Lead to Phishing Scams