Mining/dApp Scam

Mining scams actually like phishing attacks pretending to be "mining" or "liquidity pools", but instead tricks you into authorizing unlimited withdrawals from your cryptocurrency wallet.

They may come with a 24/7 "customer service" chat that give you deceiving explanations.

Stock Exchange

Mining Pools

Traditionally, there are 2 forms of mining pools found on blockchain networks:

1) Liquidity mining pool whereby those who supply liquidity to decentralized exchanges (ex: Uniswap on Ethereum) are given a portion of fees levied on users of the pool. This is done by providing equal value of two different coins/tokens (ex: $100 worth of ETH, $100 worth of BITC).

 

2) Proof of Work mining pool. Proof of Work is the consensus mechanism utilized by Bitcoin as well as a few other blockchain networks. Those who wish to generate rewards for themselves in the form of new coins can provide computing power to a Proof of Work blockchain. Those who do this on a small to medium scale typically pool their computing power together in order to smooth out rewards over time, rather than letting luck determine the winners.

The Scams

The mining scams are actually more like phishing attacks that ask you to click a button to join the pool, but instead tricks you into authorizing permissions on smart contract that allow access to your USDT at any time. You cancel the permissions by paying another network fee through a third-party site like Etherscan. Everything the scammers and the site’s customer service claim about the actual mining pool is a lie. This includes all numbers about ETH and USDT, as well as taxes owed and/or pool rules that have been violated.

 

When you create a self-custody crypto wallet, (e.g. Coinbase Wallet or Metamask) you obtain a "public key" and a "private key". The private key is intended for you the owner and is safeguarded through encryption. This is equivalent to the series of words known as a “seed phrase” that the crypto wallets ask you to take note of upon creation. When a victim clicks on the link to join the mining pool, they are clicking a button which will request somewhere between $10-$50 of ETH for a “gas” fee aka network fee. This initial purchase is merely a front that allows unlimited access to the USDT in your wallet via the USDT smart contract. It's a way to obtain your digitally signed authorization.

Who placed the deceptive smart contract? Do scammers own it?

A smart contract is a set of code instructions that could really be anything. It takes some good subject-level expertise and knowledge of the Solidity programming language to uncover exactly what the terms of the contract are.

 

In this case the Tether company has established the contract for decentralized finance. Some functionalities of the contract allow access to the USDT token, and this is intended for legitimate financial transactions. The scammers use this functionality to steal funds and initiate withdrawals of funds at any time. The funds will transfer to an unknown account they control. Unfortunately once you give authorization access, you have pre-agreed to these conditions which outline how the money will flow from your account to theirs.

-edited by IceToad

Phone emoji

Screenshots provided by the victims

Phone emoji

How to revoke contract with Coinbase

Fell for this scam? Report here

Why report here?
 

  • Join a community who really knows what you experienced

  • Find others scammed by same scam platforms or thru third party platforms for group cases or class action