HashDit is a Web3 Security Firm , our security scanner has been integrated to numerous prominent applications, like PancakeSwap, TrustWallet, BSCscan, etc.
Safeguarding Your Web3 Journey: The HashDit Extension
Main Takeaways When the market stirs, so too do scammers and attackers. Their efforts can be surprisingly effective, even against experienced users. HashDit Extension is a complimentary, open-source Web3 security tool designed to shield you from a variety of cyber threats and phishing scams.The HashDit Extension is available in the Chrome Web Store now: https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi. How Does The HashDit Extension Protect You? The HashDit Extension is designed to serve as an extra layer of protection when interacting with websites that involve digital assets. It works by sitting in between websites and extension-based wallets like TrustWallet and MetaMask, analyzing transactions, identifying risk factors, and alerting you to potential threats. This approach employs a multi-layered defense mechanism to safeguard your online interactions. Let's take an example of a mining website that seems normal at first glance. Without HashDitâs protection, this is what you see:
However, hereâs a view of the SAME phishing website with HashDit protecting you:
Workflow: Hereâs a visual of how our multi-layered defense mechanism keeps you safe.
Layer1: Real-time Scanning (Phishing) Before Connecting to the Website The HashDit extension proactively identifies new risky websites and alerts you of any phishing or scam websites before interacting with them, thereby preventing any accidental divulgence of your sensitive information or funds. Potential wallet drainers can connect and clean out your wallet before you even realize it. The HashDit Extension patrols your wallet perpetually, identifying potential threats before they can connect to your wallet.
Layer2: Well-Rounded Detection Before Completing Transactions & Signatures The HashDit Extension combines the website, transaction, contract and receipt address information in order to compile a well-rounded detection. This detection is then complemented with an analysis of the threat by generating warnings about risky transactions or suspicious signatures. Thus, the HashDit Extension ensures that you are aware of potential harm before proceeding with any transaction.
The HashDit Extension Pop Up - A Deep Dive Not all users are familiar with transactions and signatures, especially new users to the crypto. Often, Web3 phishing websites entice users to participate in high-return projects. However, when users connect their wallets and click the receive button, the website asks users to approve unlimited USDT to an EOA (Externally Owned Account) address. This âapprovalâ process is an ERC20 standard - a method of allowing any other address to withdraw funds from the owner without further permissions until the specified limit. This means that this EOA address can empty the user's wallet at any time. This is one of the most common phishing methods, and our transaction detection will detect this risk and promptly warn users. Example 1:
Example 1: Function name and dApp URL risk analysis
Example 1: Contract risk analysis
Example 1: Function detail
Example 1: Involved risk addresses highlight in function detail
Example 1: Overall risks
Example 2: An attacker creates a vanity address that is very similar to the victim's address. They then send very small amounts of cryptocurrency to the victim's address, hoping when victims see a transaction for a token they typically interact with in their transaction history, victims might copy the recipient address (thinking it is their own) and then send funds to that address. This is also called Address Poisoning.Â
Example 2: Transfer value and recipient risk analysis
Example 2: Overall risks HashDitâs Extension goes beyond just warning users. It provides easy-to-understand insights into transactions and signatures, increasing usersâ knowledge and awareness. This is especially helpful for newcomers in the crypto world who are at risk of being exploited by scammers.                           Â
While maintaining your safety is important, maintaining your data privacy is equally important and is one of our primary concerns. The HashDit Extension has been engineered to never access your seed phrase or private key. We cannot, and will not ever, access your wallet directly. We aim to give you peace of mind and secure browsing in one single package. Currently, HashDit Extension supports Ethereum and BNB Chain, with plans to include more chains like Polygon and opBNB in the near future. Type of Risk Detected by the HashDit Extension
HashDit - A Background HashDit is a Web3 Security Firm focused on providing a safe ecosystem for both protocol users and smart contract developers on BNB Chain. Our Goals: Our central objective is to furnish crucial threat intelligence to empower everyday DeFi investors in making well-informed decisions. Navigating this intricate DeFi landscape poses challenges even for seasoned investors, let alone newcomers. HashDit aims to bridge this knowledge gap by offering timely and comprehensive threat intelligence on DeFi projects. Our Partners: HashDit's API integration extends its influence to numerous prominent applications, anchoring active measures to safeguard users from the clutches of fraudulent activities. PancakeSwap: This leading DEX on the BNBChain, with a substantial $1.3 billion in TVL, seamlessly incorporates HashDit's solution. Automated scans of tokens within the PancakeSwap framework offer users discernible risk scores. This feature empowers users with real-time insights into potential transactional risks, bolstering informed decision-making amid their DeFi interactions. TrustWallet: HashDit's API takes center stage within TrustWallet, an industry vanguard Web3 Wallet. Serving as a protective layer within the user experience, HashDit's threat intelligence suite preempts elevated risks by promptly notifying users before they connect to the dApp or execute transactions. This proactive approach ensures users operate with heightened vigilance, fortifying their engagement within the dynamic DeFi landscape. BSCscan: A prime example of HashDit's impact unfolds through its collaboration with blockchain explorers, most notably BSCscan. Integrating risk alerts within the explorer's interface bolsters user prudence and caution. Users are empowered to tread warily when engaging with projects or addresses displaying suspicious or high-risk attributes. This measured approach fosters an environment of cautious exploration, preventing undue exposure to potential risks. Disclaimer Although the HashDit Extension can scan and detect a large number of threats, one should never solely rely on a single app to ensure personal security. Your most crucial defense is your personal digital and crypto security knowledge. Secure your assets by applying as many security and crypto best practices as possible. #DYOR
TLDR: Always be wary of sites offering free tokens as airdrops or free tokens sent to your account by airdrop and require you go to a website to claim them. We recently saw the site âclaimusdtboxâ trending high in member interactions. Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via scam contracts and deceptive functions.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #USDT #BTC #ETH #TrendingTopic #security How this phish works: The site is set up to look like a claimable tether airdrop of 50 USDT.They automatically request a wallet connection on landing on the page.Clicking âClaim 50 USDTâ launches a transaction calling the function âdisperseEtherâ.This interaction leads to a fund loss by the contract sending your bnb to the scammers destination addresses.Always remember there is NO âFree Moneyâ.
Scam Contract: https://bscscan.com/address/0xf8c8fb8931f62273ff7c6b13ebb9a999eeb19466Destinations: 0x677e65e2c5cd4ac83fc75f6001ae36e66cc1b936, 0xd5022536e85a91c38f98b16812ca221d84ec50f3Sample tx : https://bscscan.com/tx/0x551343cc3122d13e67a65a0fbbfc080e039ebcdb7c3967f303804045e35f2018Always #DYOR! Review your transactions before signing and if in doubt do not take decisions on fomo basis.
HashDit team noticed a new website âksc rocksâ has been seeing a rapid rise in interactions. Our Advice: Stay Away! It seems to be a Fake Ponzi Scam posing as an investment and trading website aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #TrendingTopic #BTC #ETH #memecoinđđđ Concerning Facts: The website provides no information about the project.As soon as you land at the website an auto connect feature is triggered automatically logging you in.Many of the site's features are slated to be âcoming soonâ. Red Flags: Once signed up you need to to purchase an "investment package" [%5-100].They promise a daily 2.5% income from the investment amount.They promise staking income in the range of .25 to 250%.You are required to build up a team via referrals on a 12 level system[100-50k referrals].They offer multiple income streams:Direct bonus [30%]Level bonus [.05-.5%]Daily bonus [2% company turnover after 2 referrals]Royalty bonus[5% company turnover]Salary income [100-5000$ based on business generated] etc.They also claim to have trading and mining features and promise airdrops of the KSC.You are also required to also continuously top up the account with higher amounts.The scheme seems to be based on getting new members to join/be referred as well as you continuously topping up your account.This will fall apart once new members stop joining. This is the hallmark of all ponzi scams, promising very high returns but never actually providing any to anyone other than themselves. Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!
HashDit team noted âeth-am.comâ trending high up in member interactions. Always do your due diligence before interacting with quick investment sites. Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via approval phishing. How this phish works: The site is set up to look like an automated trading platform mixed with a staking aspect. As soon as you land on the page it automatically requests a wallet connection.Clicking the word âOpenâ or interacting with the supposed trading page triggers the phish. The transaction asks you to sign an approve function for the spender address.Looking at the transaction value,you can see that it is set at an almost unlimited value.The destination address is also a personal address, which is another red flag.Approving this would lead to a loss of all funds from the victim's wallet.If the approval is not revoked, anytime funds are added in, the scammer can transfer them out resulting in ever greater losses. Address: https://etherscan.io/address/0x8Cb9b8fa576C5480BeD7838db8808EEc072b410C Eg tx : https://etherscan.io/tx/0xc710bdb022b15fc1f554a94564d2c1d093338685c451dbf21872038d96552290
Looking at the above you can see that the approver calls a transferFrom(address from, address to, uint256 _value) function to move funds from the victims address to one of his choice. Always #DYOR! And review your transactions before signing and if in doubt do not take decisions on fomo basis.
Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
Always do your due diligence before interacting with any site claiming to allow you to generate passive/active income easily. We have seen an increase in interaction with a phishing site âdefiminingfarmâ. Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via approval phishing. #TrendingTopic #BTC #ETH #memecoinđđđ How this phish works: The site is set up to look like a mining platform active globally. They falsely claim to be partnered with sites like CMC,coinGecko etc.The site automatically requests a wallet connection as soon as the page is loaded.You are required to âactivate the accountâ to start, by clicking âEarn Ethâ and âconfirmâ.This calls an approve function to an EOA that gives them access to all your funds.The scammer then calls a transfer which will lead to a loss of all funds in your wallet.Â
Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
A new website âmtcfund.ioâ has been seeing a rise in interactions. Our Advice: Stay Away! It seems to be a Fake Investment Scam posing as a staking website aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #TrendingTopic #BTC #ETH #memecoinđđđ Concerning Facts: The website is poorly designed and none of the links actually work.They provide no information about the team or any documentation projectwise. Red Flags: To sign up you need to have a referral and if you do not you need to get one via telegram.To sign up you need to interact with their contract, which calls a registration function. The function is unclear as the contract is unverified and unpublished. Once you sign up, you see that the actual returns from staking are very low.To earn income you need to buy into a package and be part of a multi level program.You are required to build up a team via referrals and each level requires at least 5 referrals of the previous level eg: Platinum level requires 5 F1 golds.They offer multiple incomes from:A global money pool30-40% from a registration pool 20-30% from a 1 million locked token,$50k worth NFT.The scheme seems to be based on new members joining up continuously and will fall apart once this stops. This is the hallmark of all ponzi scams, promising very high returns but never actually providing any to anyone other than themselves.
Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!
HashDit team noticed a site âzedxion.siteâ aiming to phish users by claiming to be a presale fan token of âChiliz Labsâ. Our Advice: Stay Away! Itâs a phishing scam!!!  Scam Contract [BSCScan]: 0x2a68Ef2850300e42dC2E7733a489C6f1aFFc3d1AWe suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #TrendingTopic #BTC #ETH #Presale #memecoinđđđ RED Flags: The site is badly set up, to look like a presale of a new token. The favicon and imagery on the site refers to another coin. Clicking the âClaim 240000 CHILIZâ triggers the wallet connection and requires you use the BNB chain to transact.This automatically triggers the transaction calling a âbuyâ function.The result of the transaction is a worthless toke and a waste of your funds.Clicking âSwapâ leads to the page âhttps://zedxion[.]site/swap/â which resembles low cost cross chain swap sites that phish users.It calls the âSending BNBâ function and transfers out your funds.Beware rushing to claim presales and airdrops of tokens without doing your research!
Always #DYOR! FOMO can lead to rash and regrettable decisions!!!
HashDit team noticed that a few new websites âspccoin.inâ,âspctoken.inâ have been seeing a rise in interactions. Our Advice: Stay Away! It's a Fake Investment Scam posing as a staking website aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #BTC #ETH #TrendingTopic #memecoinđđđ Concerning Facts: They claim to be a token designed to offer various payment services for SPC ecosystem projects.They claim to provide two platforms to earn unlimited amounts. Red Flags: To sign up you need to pay an activation fee [10 - 50 usdt].Once you sign up they promise you multiple sources of income.Direct Income: 5-10% your direct referrals activation fee.Level Income: requires a minimum of a 30, upto 50 usdt activation.They also promise a direct sponsor bonus of 10% with upto 16 levels of referral.They round it off, they promise a staking bonus of .30% - .60%.This scheme is built up around referring new members and having them purchase memberships.As soon as members stop joining or existing members stop funding the scheme it will fall apart. This is the hallmark of all ponzi scams, promising very high returns but never actually providing any to anyone other than themselves.
Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!
Always do your due diligence before interacting with sites claiming to offer airdrops of new tokens. We recently received a report regarding âbase-brett.xyzâ claiming to be the original and then actually stealing user funds. Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via approval phishing.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #BTC #TrendingTopic #ETH #memecoinđđđ How this phish works: The site is set up to look like the original and offers tokens presale/airdrops. Clicking on the claim rewards button launches a connect wallet dialogue.The site then asks to sign an approval with the spender being a contract. The scammer then makes a âmulticallâ to the contract resulting in a transfer from function from the victims address to the destination address(es) dictated by the scammer. This then leads to a loss of all tokens in the victim's wallet. Contract: https://etherscan.io/address/0x0f2fcdb446FB157A684F51a970Dd88CEf6430B71 Eg tx : https://etherscan.io/tx/0xadf9684612d3dd0b3aaaedb9dd470076fc47437dff954333991c81b7d19d81b6
Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!
Security Alert: Beware of Phishing Websites Imitating the Popular "Hamster Kombat" Project
HashDit team noticed a series of fake sites âallocation-hamster.comâ,âciaim-hamsterkombat.comâ, âclaimhamster.pages.devâ aiming to phish users by targeting a new popular project âHamster Kombatâ. Our Advice: Stay Away! Itâs a phishing scam!!!  Actual Social Media Links:Website: hamsterkombat.ioTwitter/X: @hamster_kombatTelegram: t.me/hamster_kombatWe suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #BTC #ETH #TrendingTopic #memecoinđđđ RED Flags: The sites copy the layout of the original website but change key parts to deceive the user.Another trick to be wary of is that the url âallocation-hamster.comâ redirects you to âallocation-hamsterkombat.comâ without a redirect dialogue/notification. The Play Now button is changed to Claim Now / Claim Token.Clicking on the button triggers the wallet connection dialogue and an automatic triggering of the transaction.This aims to drain your wallet by using functions like âsending BNBâ to withdraw your funds. The site âciaim-hamsterkombat.comâ also implements a wallet check mechanism to deny low value wallets from interacting, asking them to top up first.Once topped up the scammer would then drain the entire balance leaving you with nothing. Always #DYOR! FOMO can lead to rash and regrettable decisions!!!
TLDR: Beware sites claiming to be airdrops of new tokens. We recently received a report regarding âbasedbrett.claimsâ and âscotty-theai-io.web.appâ offering airdrops and claims but actually stealing user funds.  Our Advice: Stay Away! These are Phishing websites meant to deprive you of your funds. Fake Contract[BscScan]: 0x0000d169F98E078B60bFb09A69D145e72dBE0000Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #BTC #ETH #TrendingTopic #memecoinđđ How this phish works: The sites are set up to resemble the original, with a similar name and layout. Once the page loads they either automatically call the wallet connection dialogue or have you click to connect your wallet. Once you connect they call a function CLAIM.The idea is to make the user believe that they are claiming a token.However if you observe the amount deducted, it's the entire wallet balance.If you try to cancel the transaction, the site automatically retries the transaction to get the user to confirm it. Closing the page and then rejecting the transaction is the only way to stop the dialogue.The contract is unverified and any transactions will only lead to a loss of user funds.Always #DYOR before transacting on any site.
TLDR: Token impersonations of popular and fast climbing projects are on the rise and we have seen a contract impersonating the recently launched Notcoin and using social media apps to trick users into buying it via pancakeswap. Fake Token(Notcoin - BSCSCAN): 0xc71f74b62d827638513d4eb90021527eed2c622c / 0x6f24daa874e65ab70b25bbb4f1fe8f4398ab893a Our Advice: It's a Scam! Always DYOR. This contract will steal your funds. We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] Actual Token Info:Binance launched Notcoin for trade on 2024-05-16. Please do your own research to ensure safety of your funds!Token Address: EQAvlWFDxGF2lXm67y4yzC17wYKD9A0guwPkMs1gOsM__NOTProject Website:Website: âhttps://notco.inâTwitter/X: @thenotcoin #TrendingTopic #PancakeSwap #BTC #ETH #memecoinđđđ
How these scams usually work: Popular platforms usually post information about projects with an upcoming presale/going live.Scammers view these posts and use social media apps to create fake support groups, impersonating the company and try to use fake websites/contract addresses to trick users. Once you have connected to the site or decide to transfer to the contract, the scammers try to get you to place or approve increasingly large orders or ask you to send funds to an address post which they will send you tokens.Once the user has confirmed the transaction, the funds will never be seen again. Always do your own research! If it looks too good to be true, it probably isn't!
Red Flags: Beware being added to any support groups promoting or offering you investment advice or fast profits!! Contracts that are usually unverified/unpublished,to hide their functions. Case Of the Day: Exploiting FOMO Binance posted an article introducing Notcoin (NOT) on the Binance Launchpool!.Scammers referenced the article and convinced users via a popular social media app, that they could purchase via Pancakeswap using their Binance Web3 wallets for a profit.Post launch we still see users getting scammed via fake tokens. Always Interacting with this contract resulted in users losing their hard earned funds to a scammer.Â
TLDR: Beware sites claiming to offer low cost cross chain swaps. We recently received a report regarding âcremepieswap.siteâ but it's actually stealing user funds. Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds. It works by calling a new deceptive function disperseEther.Fake Contract[Polygonscan]: 0xb0d3FFF0946990508a7Ca5A156324b1f3e2a3c3fKeep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #TrendingTopic #BTC #ETH #memecoinđđđ How this phish works: The site claims to be a cross chain swap site and is similar in layout/pattern to other fake swap sites. Connecting your wallet to the website requires you to manually change the chain in your wallet first. Post this the site throws up a couple of toast notifications saying you can now swap.Swapping leads to a function disperseEther being called which leads to the wallet being drained. Reviewing the contract shows that it is an unverified contract. Always be wary of such contracts.#DYOR before transacting on any site.
TLDR: Beware sites claiming to offer airdrops of new tokens. We recently received a report regarding âconnect-solanatokens-secure01c.comâ claiming to offer airdrops but actually stealing user funds. Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via swap phishing.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #TrendingTopic #BTC #ETH #memecoinđđđ How this phish works: The site claims to be an airdrop site offering tokens presale/airdrops. Connecting your wallet to the website leads to it calling a swapEthForExactTokens function.This works by using swap providers like SushiSwap to swap your selected wallet token to as many output tokens as possible, determined by the path before sending the final token to the scammer's address.  A twist to this method is the scammer can set up the structure to route funds to a brand new address each time a transaction is called.A swap like this where the final destination doesn't match the sender is risky. Always examine your transactions before confirming.Â
Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!
TLDR: A new website ânewunity.ioâ,âapp.newunity.ioâ has been seeing a rise in interactions. Our Advice: Stay Away! It's a Fake Investment Scam aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #TrendingTopic #ETH #BSC #Memecoins #hashdit Concerning Facts: They claim to be âA private crowdfunding community united for change powered by blockchain technologyâThey claim to be âFounded on the principles of transparency, security, and inclusivityâ Red Flags: When joining you require a referral and have to pay a $40 contribution per entry.Post Joining they mention multiple ways to earn:Fast start Donation: $5 everytime your referral contributes an entry.Unilevel builds: .50$ upto 10 levels of your referrals.Global build: 1.25$ upto 10 levels.They claim that you can make $10k+ just from the unilevel build as each level has unlimited referrals options.They claim you can make 25k+ from the global build as it is a dual matrix build.  They claim that you can also earn an additional 25K+ from your referral's global build. They also have a 10% deduction to automatically contribute to new entries.This scheme is guaranteed to fail as soon as new members stop joining or existing members stop funding the scheme. This has all the hallmarks of a scam promising very high returns but never actually providing any.Â
Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!
TLDR: A new website âpanthers.liveâ or âusdt.panthers.liveâ has been seeing a rise in interactions. Our Advice: Stay Away! It's a Fake Investment Scam aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #TrendingTopic #ETH #BTC #PancakeSwap Concerning Facts: They claim to be âthe foremost networking platform globallyâThey also claim to provide âunparalleled security and efficiency for users worldwideâ.The entire website is generic content about blockchains and cryptocurrency. Red Flags: To join you are required to pay 10-80 USDT as a starter fee under their L1matrix.They claim that there is an automatic activation of levels and the next levelâs cost is automatically deducted. The cost of the next level is double the previous level. Post Joining they mention multiple ways to earn:40% Direct sponsor bonus.55% Level Sponsor bonus2% Leadership CLub bonus 3% Royalty incomeThey also claim that you make both active and passive income. However all the above requires you to build at least a 10 level team. They also have an L2 Matrix that charges 10-164k USD to start. This follows the standard 2 referral downline pattern promising 20-50%This scheme is guaranteed to fail as soon as new members stop joining. This has all the hallmarks of a scam promising very high returns but never actually delivering any.Â
Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!
HashDit team has detected a trading/mining site âertudite.comâ engaged in a pig butchering scam.Â
Our Advice: Stay Away! Itâs definitely a scam!!! We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #Memecoins Concerning Facts: The site claims that its âfull range of products help you play with web3 encryption currencyâThe website name doesn't match its URL and was recently created. The reviews listed on the main page are all fake.They claim to be partners of Metamask/Trust Wallet and many other famous companies.They offer AI/Quantitative trading options to entice users into investing funds. Red Flags: If you interact with the contracts on their pages, it creates an off chain signature request[a permit request]. This signature can be used later to deprive you of your assets.The spender in this request is an Externally Owned Account.Spender: 0x4dac76e68e71250bb982b292ee30968575fbe4c9 [Etherscan]Reviewing the transaction history of the spender we can see a large number of permit calls authorizing the address to spend USDC.The trick used by the scammer here is that the scammer employs multiple wallets to send minor amounts of funds to the victims wallet simulating profits generated. This entices the victim to add/spend more funds leading to huge losses for them.The loss is only realized once large amounts have been spent in âtradingâ or more accurately, stolen by the scammer.Â
E.g.: https://etherscan.io/tx/0xdfb311735c3855d8ba0b007d472f8c22b04731eddbe77cd2cb7aca13cd64481b0x4DaC76e68e71250bb982B292ee30968575fbE4C9 is authorized to spend 100 trillion USDC until the deadline of 2,625,150,269,000.
Some examples of the scammers supportive Wallets: 0x3d3ba959ae229b2a1992925c0c5e2309e51fc474,0x1eA195af7903D295Fa4F2Cc9dEA43424D5a24F17 Hashdit Warning:
Always #DYOR! FOMO can lead to rash and regrettable decisions!!!
HashDit team has been seeing an increase in phishing content this year and a new one that seems to be trending recently is âmavia.buildersâ.Â
Our Advice: Stay Away!! Itâs a phishing website that will result in a loss of funds for you. We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
Actual Social Media Links:Website: mavia.comTwitter/X: @MaviaGameUpdates to be Aware Of: Maviaâs Ruby Marketplace release On May 5th! Don't fall prey to early release profit scams. #TrendingTopic #BTC #ETH #MemeCoinsSeason #Memecoins RED Flags: The site promotes a fake airdrop by Mavia.Content on the site is not clickable.Clicking anywhere leads to a âconnect walletâ dialogue opening up that is entirely different from the actual site.Once you connect your wallet, unless you have a large amount of funds in the wallet you will receive a âNot Eligibleâ message.This trick is commonly employed by phishing websites to get you to connect wallets with large amounts of funds in order to completely drain them. The website is only 5 days old, being created on 2024-04-06All registrar details have been hidden with privacy protection services.Â
Always #DYOR! And before confirming any transactions always double check the actual details!!!
HashDit team has observed a website âcatino-app.pages.devâ being populated via social media groups. Our Advice: It's a Phishing Scam! Stay Away! Its designed steal your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi] #TrendingTopic #BTC #ETH #memecoinâ â â â #MemeCoinsBullRun Red Flags: The site url is âcatino-app.pages.devâ , a hosted site. Recently there has been a trend of phishing sites being created via pages.dev. The social media links do not work. Clicking anywhere on the page leads to a wallet connection dialogue popping up. You are required to connect a solana wallet and then claim tokens, leading to a loss of funds.@CatinoWorld is the actual Catino art creator and tweeted that the Catino crypto is not his and is fake - https://twitter.com/CatinoWorld/status/1774632986006200621
It can never be stressed enough: Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!
Explore the latest crypto news
âĄïž Be a part of the latests discussions in crypto