Hey everyone, I’ve been seeing those “SOL Bot that earns 10 ETH every week!” sponsored posts on YouTube for a while now (not sure why YouTube seems to ‘allow’ them), and today I thought I’d poke around and see exactly how they “work.”
I am not going to link to the most recent video I just watched, but they are all pretty much the same. “Hey let’s use AI to write us a script that makes us a bunch of money! It’s super easy!”
Extra funny because in the video I watched, he literally goes to ChatGPT and asks for the script… to which ChatGPT instantly starts explaining how it can’t be done… I guess they don’t expect you to actually read anything 🙂
Well, I am sure the point is to get you to just go to the description and hopefully find code that you can copy and paste, and sure enough he has a handy link to the full code that will make anyone a millionaire! How nice!
Well, let’s use ChatGPT (in my case Claude) against him. Copy and paste that code and ask the AI what the “true intentions” are and…
This code is actually a cryptocurrency scam contract disguised as a “1inch Slippage Bot”. Here’s the technical analysis of its true purpose:
Deceptive Presentation:
The code presents itself as a trading bot that supposedly interacts with Uniswap/1inch for arbitrage It includes many functions with legitimate-sounding names like findNewContracts, checkLiquidity, etc. Most of these functions are actually smokescreens that don’t perform real trading operations
True Functionality:
The core functionality is in the start() and withdrawal() functions Both functions ultimately do the same thing: transfer all ETH in the contract to a hardcoded address that’s assembled from pieces scattered throughout the code The fetchMempoolData() function concatenates several strings that, when decoded, form the attacker’s wallet address
Key Malicious Components:
The contract uses string manipulation to obscure the destination address Multiple functions like getMempoolShort(), getMempoolLog(), etc. each return parts of the attacker’s address The startExploration() function converts these hex strings into an Ethereum address getBa() retrieves the contract’s entire balance for transfer
This is a variant of a common cryptocurrency scam where malicious actors create contracts that look legitimate but actually just steal deposited funds. The complex code and legitimate-sounding function names are meant to make the contract appear genuine to casual observers or less experienced developers.
Ah, so tricking the user into sending their own funds. How nice…
Now for the fun and sad part… Since we have the code, we have the scammer’s address. Simply ask AI to extract it (don’t even need AI, it’s literally just the strings in the code), plop that into a chain explorer, and what do we find? As of writing, that address is sitting at a balance of ~2.11 ETH, almost $5,300 USD.
It’s crazy to see how much these scams rake in. People on this subreddit probably know better than to fall for this, but let’s spread the word. Share this info, report those YouTube channels
submitted by /u/Ripe_
[link] [comments]