As the use of crypto assets grows, so does the sophistication of fraudsters preying on unsuspecting investors. Recently, Lukka’s investigation team identified a trend in Miner Extractable Value (MEV) Bot scams. These bots are promoted on social media platforms, offering promises of significant daily returns—often over $1,000. Despite the established marketing and tutorials, the underlying operation is internally a well organized scam.
The Anatomy of the Scam
Fraudsters lure victims with MEV Bots or Trading Bots under the guise of easy profits. These bots are presented as automated solutions that exploit market inefficiencies, promising guaranteed returns. But, as our investigation shows, the true motive is to divert crypto funds from the victims to the scammer’s wallet.
These scams spread quickly on social media platforms, reaching a wide audience in a short period. In one instance, the scammer had over 270,000 subscribers, and their post gained over 4,000 views and 244 likes within 24 hours. The professional appearance of these campaigns, generated using AI, often mimics that of legitimate social media marketing efforts, making it difficult for unwitting victims to discern the real threat behind the promise of easy profits.
Code Research: Dissecting the Scam
Scammers provide victims with access to the Solidity code of the fake “MEV bot, which initially appears legitimate and contains technical terms such as:
- “ConnectFastestNode”
- “getMemPoolDepth”
- “SearchProfitability”
However, a deeper inspection of the code revealed several red flags. The scammer’s code includes a function called “search,” designed to transfer funds not to the user but directly to the scammer’s wallet.
A Hidden Contract: Unveiling the Deception
Further analysis revealed a Solidity contract named “Manager” hidden in 10,129 lines of code. The key function within this contract, “connectNode,” is the core mechanism for fund transfer. Instead of connecting users to market opportunities, this function funnels funds into a scammer-controlled address.
The scam’s structure is complex, and while it may appear legitimate, all interactions within the code are designed to deceive the user into initiating the transfer of their assets, often without their immediate knowledge.
Tracking the Flow of Funds: Using Lukka Blockchain Investigator
Once the scam’s methodology was uncovered, Lukka Blockchain Investigator (SaaS) was used to track the flow of funds through various wallets. The tool’s Source of Funds analysis allowed us to trace specific transactions through a chain of transfers, providing a clearer picture of how the scam was orchestrated and how the funds moved between addresses.
Our analysis revealed the following:
- The scammer’s original wallet is used to fund multiple MEV Bot Deployer wallets, which then create fake bots.
- Victims who interact with these bots unknowingly execute commands that transfer their assets to a Collecting Victims Funds account controlled by the scammer.
- The scammer’s wallet currently holds around 156 ETH, worth approximately $411,000 (as of block height 20834403), and has links to other phishing attacks.
A Breakdown of the Scam Flow
The diagram visually represents the movement of funds through the various stages of the scam:
- The Scammer provides original funding to a Funder account, which finances the MEV Bot Deployer accounts.
- The Fake MEV Bots, once deployed, are marketed on social media to lure potential victims.
- Upon interaction, victims’ funds are transferred to an account collecting the victims’ funds, which is owned and controlled by the scammer.
- The flow is completed when all collected funds are funneled back to the scammer’s wallet.
Key Takeaways and Recommendations
This MEV Bot scam demonstrates the growing refinement of fraud in the crypto asset space. Scammers are not only using advanced coding techniques but also leveraging polished marketing campaigns to mislead investors. The scam is designed to appear legitimate at every step, from the code to the social media engagement, leaving victims unaware of the trap until their funds are gone.
We strongly recommend the following:
- Always ensure the authenticity of MEV bots, trading bots, or smart contracts before engaging with them, particularly those advertised on social media platforms.
- Use tools like Lukka Blockchain Investigator to analyze any suspicious transactions or activities.
- Stay informed and cautious when interacting with platforms promising high returns with minimal effort.
Conclusion: The Role of Real-Time Blockchain Investigation
Real-time tracking tools like Lukka’s Blockchain Investigator (Saas) offer powerful protection against such sophisticated scams. Lukka’s own detailed investigation highlights the ever-growing need for real-time and automated blockchain tracking solutions in combating fraud. Lukka Blockchain Investigator (SaaS) played a crucial role in identifying the scam and tracing the movement of stolen funds across various wallets. . Its ability to trace specific transactions through consecutive transfers offers a powerful tool for individuals and organizations to protect their assets in an increasingly complex digital landscape.
If you are concerned about the legitimacy of any bot or trading platform, consider conducting a thorough investigation before deploying your funds.