background
In the previous issue of Web3 Security Beginner's Guide to Avoiding Pitfalls, we analyzed common fake mining pool scams. This issue will focus on the Pixiu scam. According to legend, the Pixiu is a magical creature that is said to swallow treasures that cannot be taken out of its body. This image aptly describes the Pixiu scam: after users invest money, the price rises rapidly, triggering follow-up purchases, but eventually they find that they cannot sell and their funds are locked up.
This issue includes the reasons why users fall into the Pixiu Pan scam, the typical routines of the Pixiu Pan scam, and corresponding safety suggestions. I hope it can help everyone be more vigilant and avoid pitfalls.
Reasons for falling into the Pixiu plate
Let’s first look at some common reasons why users fall into Pixiu disk:
Imitation disk
Not only are there fake coins in the real world, but there are also fake coins in virtual currencies. Some imitation projects will copy the names and logos of well-known projects and create token contracts with the same names. Users may mistakenly enter the Pixiu market because they did not carefully check the contract address of the token, and end up in a dilemma of being unable to sell.
The “racing” mentality
Some users know that the project is unreliable, and have even noticed the suspicious aspects (the candlesticks are green in succession), but they have the fluke mentality of "running fast will be fine", and in fact, they can hardly get out once they enter. Users originally thought that they could buy quickly in the rising trend and then sell at the right time, which would be a sure win, right? But when they tried to sell, they were either completely unable to operate, or could only sell a very small amount of tokens.
Investing by scammers
Another common situation is that users are lured by the scammers' sweet talk and then invest in Pixiu. A victim of the Pixiu scam described his experience: "I asked a question in the Telegram group at the time. Someone enthusiastically answered many of my questions and taught me a lot. After we chatted privately for two days, I felt that he was a good person. So he proposed to take me to the primary market to buy new tokens and provided me with a contract address of a currency on PancakeSwap. After I bought it, the coin has been soaring. He told me that this is a golden opportunity that only comes once every six months and suggested that I increase my investment immediately. I felt that things were not that simple and did not accept his advice. He kept urging me. As soon as he urged me, I realized that I might have been deceived. I asked other people in the group to help check it out. It turned out that this was indeed a Pixiu coin. I also tried to buy but not sell. When the scammer found that I was no longer adding positions, he also blocked me."
Typical Pixiu Plate Routine
After understanding the common reasons why users fall into the trap, let's take a look at how the Pixiu scammers manipulate the scam. The scammers first deploy a smart contract with a trap, and then throw out high-profit baits through social marketing, pull-ups, and other operations to attract users to buy. Some scammers also send the tokens they hold to wallets and exchanges to create the illusion that many people are involved, or deliberately transfer coins to the addresses of crypto KOLs to create the illusion that celebrities have bought in.
After users purchase Pixiu coins, they usually see the tokens appreciate rapidly, so they want to wait until the tokens increase enough before trying to redeem them. However, the contract itself restricts users from selling in a variety of ways:
Blacklist the buyer's address
Once the victim purchases Pixiu coins, the scammers will blacklist the user's address and restrict the selling operation. Let's take the Pixiu coin GROKAI as an example to see how the scammers blacklisted the user so that the user cannot sell the token.
The address of the GROKAI deployer is 0x2052C307a5e6d50F6a908a91fF7e605Eb0e0a2EC. After the scammer created the Pixiu coin GROKAI, he changed the Router of the GROKAI token to the Aontroller contract address 0x7a85810414C3311A45486b03ceCCD3a32590E61E. Why did the scammer do this?
We looked at the Aontroller contract code and found that the contract owner can blacklist the address by calling the function, making it impossible for the user to sell GROKAI tokens.
Change the number of tokens in an address
Scammers can also manipulate the user's token balance through smart contracts, changing the user's token balance to an extremely low value and only recording it inside the contract. This operation will not update the balance on the blockchain browser, which means that users can still see their tokens on the blockchain browser, but they cannot actually sell more tokens than the number recorded in the contract.
Set sell threshold
Some Pixiu platforms allow users to sell tokens, but they have a selling threshold that requires users to exceed a set number of tokens before they can trade. Sometimes this threshold is set very high, exceeding the user's actual holdings, or a high transaction tax is added. A more cunning way is to dynamically adjust the threshold. For example, if a user has 1,000 tokens, when the user tries to sell, the minimum threshold may be set to 1,200. In order to meet the selling conditions, the user will further purchase Pixiu coins, but when the user's holdings reach 1,200, the threshold is raised to 1,400, and the cycle continues, and the user will never be able to meet the selling conditions.
Summarize
In this issue, we analyze the reasons why users fall into Pixiu trading and the typical tricks of Pixiu trading, hoping to help everyone understand and identify such scams. To avoid mistakenly entering Pixiu trading, users can take the following measures:
Understand relevant virtual currency information and evaluate the background of the project owner to improve your awareness of self-prevention. Be wary of virtual currencies that offer high returns, as super high returns usually mean greater risks.
Use MistTrack to check the risk status of related addresses, or use GoPlus's Token Security Detection Tool to identify Pixiu coins and make trading decisions.
When searching for tokens, you should search for the contract address rather than the token name to avoid falling into the copycat trap.
Check whether the code has been audited and verified on block explorers such as Etherscan and BscScan, and refer to community comments.
