ChatGPT Web3 AI Bot YouTube Scam - How scammers stole $60K funds in less than a week!

by Shankar Damodaran — on  ,  ,  ,  ,  ,  ,  , 

cover-image

A recent, highly intelligent scam in the Web3 space has surfaced, ensnaring unsuspecting individuals and resulting in the loss of thousands of dollars. This case study delves into the mechanics of this scam, aiming to educate and caution readers about the pitfalls of seemingly lucrative opportunities in the digital frontier.

Beware of the Clever Web3 Scam

In the world of web3, there’s a new trickster in town, and it’s catching people off guard, making them lose lots of money (talking about thousands of $), a sneaky scam happening in the Web3 space.

This article provides guidance on safely executing the fraudulent smart contract, identifying the scammers address, the total amount of funds stolen by them and methods to ensure security and awareness.

At the heart of this scam lies the use of Artificial Intelligence (AI) to craft content that appears remarkably genuine. Scammers have employed AI-generated human models to create YouTube videos that boast impressive metrics: likes, views, subscribers, and comments, all meticulously fabricated to lend an air of legitimacy to the scam. The scam revolves around a bot, purportedly coded using ChatGPT, that promises passive income ranging from 0.5ETH to 1ETH per day.

Scam Video Link »» https://www.youtube.com/watch?v=3z77Nd0x9es

Seriously, I fell for it at first glance!

Imagine watching a YouTube video that looks super real and of course “sponsored”. It has tons of likes, comments, subscribers and even the person talking seems genuine. They’re talking about a magical bot, made with ChatGPT, that can supposedly make you earn money while you sleep, between 0.5 (ETH) to 1 (ETH) everyday. Sounds amazing, right? But here’s where things get tricky.

Significant elements contributed to the scam’s authenticity.

Genuine number of views, likes & subscribers.

Convincing comments & positivity.

How does the Scam Work?

The operation is deceptively simple yet cunningly effective. The scam video instructs viewers to deploy a smart contract code on Remix, a popular Ethereum IDE, to gain access to a Decentralized Exchange (DEX) interface. This interface features transaction buttons such as start, stop, pause, and withdraw. The catch? To activate the bot, users are required to have a minimum of 0.2ETH in their MetaMask wallet. However, as soon as any operation is initiated, the ETH is siphoned directly into the scammer’s account.

What makes this scam really sneaky is it looks totally legit. They say it uses ChatGPT to work its magic, making you think it’s safe. Plus, the promise of making easy money can be really tempting. But remember, if something looks too good to be true, it probably is. Inspecting the smart contract for authenticity or security vulnerabilities on ChatGPT itself may not yield any findings, suggesting it appears flawless on the surface.

Digging deeper to find the scammers address.

The guide outlines a detailed process for pinpointing the scammer’s address without risking your assets. Before starting, it’s recommended to browse in incognito mode and log out of your MetaMask accounts to avoid any potential losses.

1. Copy the Smart Contract Code.

Browse to the above video from the link and copy the smart contract code from the description or you can find it here. <- I made a copy of it.

Copy the Contract

2. Create the Smart Contract on Remix Etherium IDE

Visit the website https://remix.ethereum.org , where you can create the smart contract, compile and deploy it. As you can see the image below, click on new and paste the copied smart contract code and give it a name “scam_test.sol” and paste it.

Create & Paste the Contract

3. Compile the Smart Contract Code.

Compile the code. Obviously there won’t be any errors as the code has been written very carefully. After compilation, the smart contract (DEX Interface) gets created.

Compiling the Contract

DEX Interface get created

4. Deploy the Smart Contract on VM (Important)

Once again make sure you are not signed in at MetaMask. Choose the VM Remix. Wait for the address to be created. Select the Dex Smart Contract. Deploy the Contract.

Choose the VM Enviroment & Deploy the Contract

Wait for the DEX Interface to be Created

5. Using the DEX Interface to Find the Scammer Address with the help of DEBUG mode.

We will use the DEBUG mode to find the address of scammer after we click on the transaction buttons like withdraw, start or stop.

Click on this DEX Interface below the Deploy button.

Click on Withdraw Button

The transacation is successfully created. Now click on the Debug button

The transaction hash is loaded in a debugger window. Scroll down the drop down to loaded address.

Discovering the Attacker Address.

The scammers address -> 0xd9145CCE52D386f254917e481eB44e9943F39138

$60K amount of funds Stolen.

Visiting etherscan.io (https://etherscan.io/) and subjecting the scammer’s address shows how much funds have been stolen from end-users across globe. The YouTube video is still active and people are falling for this scam.

Checking the Scammers Address at EtherScan.io

$63000 Stolen as of now

Conclusion

The emergence of this scam serves as a stark reminder of the inherent risks within the Web3 space. As technology continues to advance, so do the methods of those looking to exploit it for malicious gain. It underscores the critical need for education, vigilance, and skepticism, especially when faced with offers that seem too good to be true. This case study not only highlights the sophistication of Web3 scams but also serves as a call to action for individuals and the community at large to stay informed and cautious in their digital endeavors.

By learning from incidents such as this scam, the digital community can navigate the complexities of the digital age with greater confidence and security.

Continued Vigilance

I will be updating this space for any new scam videos or similar as I encounter, emphasizing the importance of community vigilance in combatting these fraudulent schemes. By sharing knowledge and experiences, the Web3 community can help protect each other from falling victim to these sophisticated scams. If you come across such videos and schemes, kindly update in the comments section and I shall add it to the list of scam videos.

AI Model resembling an Irish Music Band

After finding out this is a scam, I did a small research on AI human model used on this video, closest match led to an Irish Music Band named “Almost Seamus Irish Music”. Link over here

Fake AI

Original 1

Original 2

Scam Videos & Incidents

Incident #1 - ChatGPT Arbitrage MEV

  • Case Study - April 1st 2024
  • List of Scam Videos
    • https://www.youtube.com/watch?v=AfkPhQBvYiI
    • https://www.youtube.com/watch?v=3z77Nd0x9es
  • Scammer’s Address - 0xd9145CCE52D386f254917e481eB44e9943F39138
  • Funds Stolen - $63,236.79
Shankar Damodaran's photo Author

Shankar Damodaran

d.shankarnarayana@gmail.com

Inventor. Hacker. Foodie. Traveller. Biker.

Comments