Blockfence: A Scammer Creates Thousands of Tokens Within a Year, Successfully Executing Rug Pulls Worth Over 30 Million Pounds
Cryptocurrency Scam Must Read 

Blockfence: A Scammer Creates Thousands of Tokens Within a Year, Successfully Executing Rug Pulls Worth Over 30 Million Pounds

Security firm Blockfence has revealed that they have uncovered a complex and ongoing fraudulent scheme in which the scammer has created over 1,300 tokens across multiple chains and has profited nearly $32 million through market manipulation and malicious code modification.

Contents:
Toggle
Fraud team makes millions in a year
How the fraud is carried out: Initial setup and funding
How the fraud is carried out: Market manipulation and deception
Specific malicious techniques
Blockfence: Possibly the work of one person
RugPull projects keep coming
Security team

Blockfence, in a report released on the 18th, stated that their employee, Pablo Sabbatella, discovered a token called “Blockfence” on the chain that was issued by a scammer.

The investigation revealed that this was a massive and automated fraudulent scheme known as Rug Pull, which has occurred over 1,300 times since April 2023 on the Ethereum, BSC, and Arbitrum networks. It is estimated that there have been 42,000 victims who have lost a total of $32 million.

Advertisement – Continue reading below

In theory, the token contracts of Rug Pull projects should be flagged as high-risk in some market monitoring or fraud detection tools. However, the scammer has managed to bypass these detectors by using the following methods.

First, the scammer starts by sending 10 to 20 ETH from their own wallet (which is destroyed after 3 months) to a “newly created and never interacted with” wallet, and then uses that funding to create a fraudulent token.

The scammer creates the token contract, and the deployer receives the complete supply.
Typically, the token name will be highly related to current trends or unreleased tokens of popular crypto projects, such as project names like DreamFi or meme coin trends like AIPEPE, with clear characteristics of a “honeypot scam” that take advantage of victims’ fear of missing out (FOMO).

Next, the scammer will relinquish ownership of the contract to mislead RugPull monitoring tools into marking it as “safe,” allowing victims to enter the trap with a false sense of security.

Ownership of the token contract is transferred to 0x00, also known as the burn address.

Then, the scammer deploys the token contract on UniSwap and injects liquidity. At the same time, they manipulate the market through wash trading to create the illusion of real trading activity, attracting victims to believe that this is a popular token that is about to rise.

Victims buy the fraudulent token in the Uniswap liquidity pool.

Additionally, the scammer uses the “lock()” function to lock LP tokens until December 30, 2024, to make monitoring tools and victims believe that their investment is safe and that the scammer will not redeem their LP tokens and execute a Rug Pull.

However, once the scammer has accumulated enough funds, they can drain all the liquidity from the market and reduce the value of the token to nearly zero.

The scammer executes a Rug Pull.

Even though the scammer has relinquished ownership of the contract and locked the LP tokens, they still manage to dump a large amount of tokens. Specifically, they do this through the following methods:

User balance manipulation: When someone buys the fraudulent token, the scammer uses another unauthorized malicious contract to change the victim’s account balance to 1 (effectively destroying it), preventing them from selling the tokens. It is reported that this malicious contract is highly related to all previously issued and Rug Pulled fraudulent tokens.

The scammer sets the victim’s balance to 1 using an external malicious contract.

Unlimited token minting: The scammer also calls another malicious contract’s “dissort” function to forge the scammer’s token holdings, allowing token holders to evade detection tools and successfully sell a large amount of tokens for profit.

The external contract forges the scammer’s token holdings.

Hiding malicious contracts: The scammer uses a special number and total token supply that are hardcoded into the code to dynamically transform and generate the address of the malicious contract, avoiding detection.

The scammer hides and obfuscates the malicious contract in the token contract.

Lower profit targets: It is worth mentioning that the scammer sets lower profit targets for each fraudulent token, approximately 5 to 20 ETH, to avoid detection and attention.

In summary, despite passing the monitoring of various security tools, each token contract of this scammer still retains malicious functionality, capable of destroying user tokens and even falsifying the deployer’s token holdings and supply.

Regarding the above fraudulent techniques, Blockfence believes that most of the interactions and operations of this scammer were carried out in close time intervals and amounts, suggesting that this fraudulent scheme may be the work of one person through automated programs. Investigator Sabbatella also warns and advises:

“I recommend not relying on just one contract or fraud detection tool, but using multiple different tools and evaluating the results comprehensively. Additionally, I would never buy assets that I don’t fully understand.”

Rug Pull incidents are widespread in the cryptocurrency industry, from the meme coin frenzy in April last year to the Base chain “BALD” rug pull in August and the token speculation of AI “Grok” named after Musk. These incidents highlight the high risks and various illegal activities in the crypto market.

Previously, ChainNews reported on multiple repeat Rug Pull offenders, indicating that the same team may continue to create multiple Rug Pull projects to deceive investors.

(Rug Pull Habitual Offender! Magnate Finance on Base Chain Exposed for Third Rug Pull, Profiting $6.5 Million)

(Rug Pull Habitual Offender! Lendora Protocol Behind the Team RugPull, Profiting Over $10 Million)

Therefore, investors should remain cautious, especially when it comes to hot trends, as exaggerated marketing tactics and the lure of high returns can blind most people. Making rational decisions and managing risks is the only solution.

Rug Pull
wash trading
cryptocurrency fraud
fraud

You May Also Like

Taipei District Prosecutor's Office Presses Charges Against ACE Cryptocurrency Exchange Founder for Alleged Fraud Involving Over NT$300 Million in Virtual Currency Transactions

Taipei District Prosecutor’s Office Presses Charges Against ACE Cryptocurrency Exchange Founder for Alleged Fraud Involving Over NT$300 Million in Virtual Currency Transactions

Telefónica Collaborates with Chainlink to Mitigate "SIM Card Swap Attacks"

Telefónica Collaborates with Chainlink to Mitigate “SIM Card Swap Attacks”

Does Warcraft Understand Rug Pulls? Official Ballers NFT Project Token "BALL" Crashes 99%

Does Warcraft Understand Rug Pulls? Official Ballers NFT Project Token “BALL” Crashes 99%

Leave a Reply

Your email address will not be published. Required fields are marked *