How scammers manipulate smart contracts to steal crypto

Scammers can hide fees or other tricks in smart contracts, while hackers look for vulnerabilities to exploit.

In 2021, scammers made off with $14B in ill-gotten crypto. So, a lot.

According to Check Point Research, the research arm of cybersecurity company Check Point, many scammers manipulate tokens’ smart contracts — contracts that exist and run automatically as code on the blockchain.

Here’s an example of a scam

In a typical transaction, you might be charged a fee when you buy or sell tokens.

Oded Vanunu, Check Point’s Head of Products Vulnerabilities Research, told The Hustle that usually fees should be no more than 12% of the total transaction amount.

But a scammer might hide a 99% buy or sell fee in the token’s smart contract that wipes all your money. Or, they could hide a function that blocks you from selling your coins at all.

Scam tokens are often hyped on social media channels…

… like Twitter, Discord, or Telegram by anonymous accounts to inflate the coin’s value.

Once the coin is popping, the scammers pull out all their money, delete the accounts, and disappear. That’s known as a “rug pull” scam.

Remember SQUID, the “Squid Game”-inspired token? It boomed to $2.8k+ per coin, then plummeted after the developers claimed they were hacked, sold their coins, deleted their socials, and bounced with an estimated $3.3m.

Speaking of hackers…

If a legit smart contract has a vulnerability, hackers could exploit it.

For example, a hacker exploited a mistake in The Zenon Network to destroy 26.4k+ coins, causing the price of wZNN to dramatically increase. The hacker then drained the pool for $814.5k+.

So, how do you avoid scams?

Vanunu said the current state of crypto is too complex and has too many moving parts for the average user to completely understand it — though we may soon see technologies geared to help.

For now?

“My main recommendation is to go after the tokens with a large amount of holders — [at least] a few thousand,” Vanunu said.

Get the 5-minute roundup you’ll actually read in your inbox​

Business and tech news in 5 minutes or less​

RECENT POSTS

Psst

How'd Bezos build a billion dollar empire?

In 1994, Jeff Bezos discovered a shocking stat: Internet usage grew 2,300% per year.

Data shows where markets are headed.

And that’s why we built Trends — to show you up-and-coming market opportunities about to explode. Interested?