An increasing number of users are falling victim to an old trading bot scam that’s been rebranded to take advantage of the hype around artificial intelligence, says blockchain security firm SlowMist.
In an Oct. 13 Medium post, SlowMist said cybercriminals have adapted to trending topics by using OpenAI’s ChatGPT in the name of their scam bots in a bid to take advantage of the current AI hype.
The fake bots used to be marketed as a “Uniswap Arbitrage MEV Bot” but they’ve now rebranded to a “ChatGPT Arbitrage MEV Bot.”
“By slapping the label ChatGPT onto their scams, they manage to grab attention and appear more credible,” the firm wrote.
“The scammers claim that they used ChatGPT to generate the bot’s code, which helps to ease users’ doubts about any malicious intent in the code,” it added.
SlowMist explained scammers lure users with the promise of a trading bot that will help net large profits by monitoring new tokens and significant price fluctuations on Ethereum.
Victims are encouraged to create a MetaMask wallet and click on a fraudulent link on the open-source platform Remix. Once the code is copied and the bot is deployed, users are told to fund the smart contract to “activate” it.
“The more ETH they deposit, the greater their supposed profits. But when the user clicks ‘start,’ the deposited ETH vanishes — funneled straight into the scammer’s wallet via a backdoor coded into the smart contract,” SlowMist wrote.
“The outgoing funds are either transferred directly to exchanges or moved to temporary storage addresses,” the firm said.
SlowMist says they have found three scammer addresses using these techniques to rip off unsuspecting users.
One stole 30 Ether ETH$2,605.78, worth over $78,000, from over 100 victims since August. Two others stole 20 Ether, worth over $52,000, from 93 victims
SlowMist said the scammers employ a “wide-net approach” — stealing small amounts from many victims — who often don’t bother trying to retrieve the funds because the effort required to do so is greater than the amount stolen.
“Because the individual losses are relatively minor, many victims do not have the time or resources to get justice,” SlowMist wrote.
“This allows the scammers to continue their operations, often rebranding the scam under a new name,” it said
According to the blockchain security firm, the internet, particularly YouTube, has many videos promoting this type of scam.
It warns that red flags indicating the video is promoting a scam can include the video and audio being out of sync, or recycled footage from another source.
An unusually high number of comments with praise and thanks at the top of thread, with later updates calling the scheme out as a scam, can also be red flags.