SlowMist Reports Surge in Diverse Crypto Security Incidents for the Week of September 17-23, 2023

Key Takeaways

Total security incidents reported: 7

Estimated financial loss: Approximately $380,600

Notable trend: Increase in phishing attacks and rug pull tactics

New attack methods: DNS hijacking, contract vulnerability, and phishing attempts

Breakdown of Incidents

Phishing Attacks:

Unimevbot users were targeted through malicious MEV bot codes on the website. The exact loss remains undisclosed, but funds were transferred to the hacker’s on-chain address.

Coinbase Wallet also fell victim to a phishing attack that exploited the Web3 messaging network protocol. The exact financial impact is yet to be reported.

Contract Vulnerabilities:

Linear Finance exposed its $LUSD token to an exploit attack due to a contract vulnerability. No specific loss has been reported.

Rug Pulls:

BNBpay and YZER were involved in rug pull incidents, with losses amounting to approximately $114,000 and $28,600, respectively, following significant liquidity removals.

DNS Hijacking:

Balancer was targeted in a DNS hijacking attack by a phishing group known as AngelDrainer, resulting in a loss of around $238,000.

Infrastructure Vulnerability:

An unspecified infrastructure vulnerability led to significant funding and team token loss for a project named “None.” The exact financial impact remains undisclosed.


The Slowmist report underscores the increasing complexity and diversity of attacks in the crypto and blockchain landscape. SlowMist urges users to remain vigilant and adopt comprehensive security strategies.

Image source: Shutterstock


Tagged : / / / / / / / / / / /

WSB Token Team Member Allegedly Dumps Coins

The world of cryptocurrency has seen its fair share of volatile market movements, but none quite as eventful as the launch of the WSB Coin token project. Launched on May 2, by moderators of the popular trading subreddit r/WallStreetBets, the token claimed to be the official memecoin of Wall Street Bets. This subreddit gained notoriety after the GameStop short squeeze, which sent hedge funds reeling in January 2021.

The creators of the WSB token claimed that there would be no allocation for the team and that 10% of the coins would be reserved for the subreddit. The website touted it as the “fairest launch memecoin you will find with no team allocation and no presale. Just a free airdrop and some coins for the community. 10% of the $WSB supply is reserved as a treasury for the r/wallstreetbets sub to do with as they please.”

However, just days after the launch, the cryptocurrency community was hit with shocking news that one of the token’s team members had started dumping massive amounts of tokens. On May 4, on-chain detective ZachXBT tweeted that “zjz.eth,” who runs the moderation bots for the subreddit, had allegedly pulled the rug on WSB investors. According to on-chain data, zjz.eth had sold WSB coins in exchange for 334 Ether (ETH), worth around $635,000 at the time of writing.

The market reacted accordingly, and the token price plummeted from an all-time high of $0.00067279 to an all-time low of $0.00004827 in just two days. Community members were quick to warn others not to buy the dip as the moderators still had access to 10% of the total supply. The incident has raised concerns among the community members, who feel betrayed by the moderators of the subreddit.

Meanwhile, another moderator who goes by the name WSBmod, has threatened to report those involved in the dump to the police and the FBI if they don’t come forward. The moderator urged zjz.eth to return the money and claimed that they had identified the team member responsible for the dump. However, the identity of the team member is still unknown.

This incident is a stark reminder of the risks involved in investing in cryptocurrencies, especially when dealing with new tokens that are not yet widely accepted. The WSB token project had gained a significant following due to its association with the popular subreddit, but the rug pull has left many investors feeling cheated. It remains to be seen what actions the moderators of the subreddit will take to address the situation and regain the trust of their community.

In conclusion, while the cryptocurrency market may offer lucrative opportunities for investors, caution is advised, especially when investing in new and untested tokens. The WSB Coin dump is a clear example of the potential pitfalls that can arise when investing in such projects, and serves as a cautionary tale for investors in the cryptocurrency market.


Tagged : / / / / /

Youtuber and alleged thief publicly refuses to return investors’ funds after $750k rug pull

On Wednesday, American Youtuber and “internet detective” Coffeezillaa published a recorded interview of himself and disgraced Youtuber Paul “Ice Poseidon” Denino. During the session, Denino allegedly confirmed that he made off with $750k worth of his investors’ money through rug pulling a crypto project dubbed “Cxcoin.”

The ordeal started last July, when Denino created the Cxcoin for streamers and content creators on the Binance Smart Chain. Denino then allegedly promoted the coin to his community of followers, telling them that “don’t worry, no rug [pull] here all the money is locked [in a smart contract] lol, my wallets are pinned.” However, Denino abandoned the project just two weeks later, saying:

It’s pretty simple. Basically, the coin was inactive for a long time; the crypto market is crashing, and obviously, I’m not going to let $300k [locked] in the liquidity pool go to waste, so I took what wasn’t necessary in there.”

In addition to the $300k taken from the liquidity pool, another $200k from the Cxcoin token presale and $250k from a marketing wallet are reportedly missing, yielding a total of $750k worth of investors’ funds. Denino allegedly returned a small portion of the misappropriated funds to the smart contracts after public outrage. However, the majority of the capital has not been returned. Later on, when asked by Coffeezillaa as to how much money he made off the “scam,” Denino cited 55% of the money going to himself, while 45% going to developers, leaving him with a cut of approximately $300k.

Regarding the whereabouts of the funds, Denino allegedly purchased a Tesla only days after the capital went missing. With comments on his Twitter account suspended, many users took to Youtube and Discord to voice their dissatisfaction, with Discord user 3840x2160p#3258 writing:

He lived off donators’ money his whole grown life pretty much, then his twitch comeback gets denied, and so since his career is stagnant, he decides to scam his fans and investors.

Ice Poseidon originally rose to prominence as a Twitch streamer playing the fantasy MMORPG Runescape. In 2017, he was permanently banned from the platform after a viewer called in a bomb-threat hoax as he boarded an airplane. During at least one instance in his Twitch streams, Denino allegedly admitted to credit-card fraud while on air.