Scammers carried out a honeypot scam using $YEAR token airdrops in a relatively easy to execute scam.
Honeypot Scam
Buyer of the token $YEAR learned a painful lesson after what they mistook as a money making opportunity turns out to be a rugpull. $YEAR token that was airdropped to users based on their Ethereum transactions throughout the previous year turns out to be part of a honeypot scam.cdn.embedly.com/widgets/media.html?type=text%2Fhtml&key=96f1f04c5f4143bcb0f2e68c87d65feb&schema=twitter&url=https%3A//twitter.com/cat5749/status/1476813266462539779&image=https%3A//abs.twimg.com/errors/logo46x38.png
The scam was carried out in less than six hours through a website called EtherWrapped that connects to a MetaMask wallet. Eligible Ethereum users will receive $YEAR tokens from the project by 0230 UTC. This airdrop was promoted through a now deleted Twitter account of the fake project.
This scam caught its unsuspecting victims because of the hype surrounding airdrops. It came after two legitimate airdrops, OpenDAO ($SOS) and GasDAO ($GAS) were successfully launched.
How the Scam Works
In a nutshell, a honeypot scam works in the following order: –
1. The attacker deploys a seemingly vulnerable contract and places a bait in the form of funds.
2. The victim attempts to exploit the flaw by placing the required amount of funds but is unable to exploit the contract.
3. The attacker withdraws the bait and the funds deposited by the victim that tried to exploit the contract.
In the case of the $YEAR token, the creator of the contract called the ‘revokeOwnership’ function and made the decentralized exchange Uniswap V2 its new owner. This effectively locked everyone out and the contract evolved into a ‘honeypot’ where it is only possible to make purchases but no sales. This resulted in the token’s price skyrocketing creating more panic buys.
Approximately more than 30 $ETHs were drained out in several transactions. In this case, the attacker hides their exploits in plain sight by masquerading as what looks like a novice coding mistake.
Caution First
In this space, scams will only get more elaborate over time. Therefore, post mortems of malicious operations must be publicly disseminated. It is no longer the case that the early bird gets the worm. A few precautions can be exercised to avoid falling victim such as: –
1. Every project must disclose their team members.
2. The team members must have good credentials.
3. Smart contract audits are no longer a luxury, it is necessary.
4. Unknown projects without proper disclosure of its backers must be avoided at all costs.
5. Responsible projects respond to inquiries and criticism
The crypto market is littered with opportunities. It is alright to miss out on an opportunity rather than to be scammed. Risk management is key.
Source: BSC News
Founded in 2020, BSCNews is the leading media platform covering decentralized finance (DeFi) on the Binance Smart Chain (BSC). We cover a wide range of blockchain news revolving mainly around the DeFi sector of the crypto markets. BSCNews aims to inform, educate and share information with the global investment community through our website, social media, newsletters, podcasts, research, and live ask me anything (AMA). Our content reaches hundreds of thousands of global investors who are active in the BSC DeFi space.
BSC NEWS is a private news network. All posts posted by this user belong 100% to bsc.news All rights are reserved to BSC NEWS for more information about BSC NEWS contact BSC NEWS HERE.