A New Crypto Scam Is Here – And It’s Highly Sophisticated
In a chilling warning for the crypto community, cybersecurity experts from SentinelLABS have exposed a dangerous, ongoing scam campaign that has siphoned off over $900,000 worth of ETH from unsuspecting investors. This isn’t your typical phishing scheme or fake token launch. This operation utilizes aged YouTube accounts, AI-generated content, and sophisticated smart contract obfuscation to pull off one of the most insidious theft strategies seen in 2025.
According to senior threat researcher Alex Delamottea, users are being lured in through seemingly helpful video tutorials promoting “profitable” crypto trading bots. But instead of helping viewers automate wealth, these bots are nothing more than traps, crafted to drain wallets while hiding in plain sight.
Let’s break down how this works, why it’s so effective, and how you can avoid becoming the next victim.
How The Scam Works: From AI Videos to Vanishing ETH
The Bait: AI-Powered YouTube Tutorials
The scam begins innocently enough: a user searching for crypto arbitrage trading bots stumbles upon a YouTube video that promises high profits with little effort. These videos appear highly professional, often featuring AI-generated visuals, synthetic narrators, and step-by-step deployment guides. The videos direct viewers to an external site or GitHub repo containing smart contract code.
The viewer, thinking they’re following instructions to launch a legitimate MEV (Maximal Extractable Value) or arbitrage bot, is guided to deploy the contract via Remix IDE a legitimate Ethereum development environment.
But what they’re actually doing is activating malicious code designed to siphon their funds.
The Switch: Hidden Wallet Addresses
SentinelLABS’ investigation found that the smart contracts contain hardcoded attacker-controlled wallet addresses. These addresses are intentionally obfuscated using advanced techniques such as:
- XOR encryption
- String concatenation
- Hexadecimal encoding
- Address derivation through mathematical manipulation
This makes it extremely difficult for the average user, or even an experienced developer skimming the code, to notice the malicious payload embedded within.
The Trap: You Fund, They Steal
Once the victim deploys the contract and sends a minimum of 0.5 ETH – ostensibly to “cover gas fees” and activate the bot – the contract’s logic kicks in. Hidden fallback mechanisms then transfer the ETH to the scammer’s wallet, without requiring the user to run any additional functions.
Even more insidious? In many cases, the contract is designed to siphon funds without explicit user interaction automatically. Just funding the wallet is enough to trigger the theft.
Tracing the Digital Footprint: One Wallet, $900,000 in ETH Stolen
While SentinelLABS found multiple scammer-controlled wallets, one in particular stood out. The address associated with the YouTube user @Jazz_Braze was found to have received 244.9 ETH, equivalent to over $900,000 at the time of reporting.
Delamottea and her team tracked the movement of funds across more than two dozen secondary wallets, revealing an intricate laundering operation meant to hide the trail. Other wallet addresses linked to different YouTube videos brought in smaller – but still notable – amounts ranging from $5,000 to $20,000 in ETH.
All the YouTube accounts tied to these scams shared key traits:
- Aged accounts with several years of upload history
- Previously hosted playlists related to crypto or general pop culture
- AI-generated narrators
- Moderated comment sections that filter out negative feedback
- Fake user testimonials praising the success of the bots
Some of these accounts were likely purchased from black market marketplaces, often advertised in Telegram groups or indexed on search engines as “aged YouTube accounts for sale.” The use of older, established accounts boosts credibility and makes the scam appear more trustworthy to unsuspecting viewers.
The Role of Artificial Intelligence: Fueling the Scam Machine
The rise of AI has helped scammers scale their operations in unprecedented ways. By automating the creation of:
- Voice narrations using tools like ElevenLabs
- Visual avatars using DeepBrain or Synthesia
- Scripted tutorials using ChatGPT-like models
…they can pump out dozens of believable videos each day with minimal effort.
Even more troubling is the fact that YouTube’s algorithm appears to favor these videos, thanks to high engagement, aged accounts, and keyword-rich titles. This allows them to go viral within niche communities seeking passive income from trading bots.
What Are Legitimate Crypto Trading Bots?
It’s important to differentiate between fraudulent bots used in scams and legitimate trading bots that power institutional trading desks and high-frequency traders.
Definition and Purpose
Crypto trading bots are automated programs that use predefined algorithms to place trades based on market signals, price action, or arbitrage opportunities. The most popular platforms for building or running bots include:
- 3Commas
- Pionex
- HaasOnline
- Kryll
Legitimate bots are typically used by:
- Institutional investors
- Quantitative traders
- Power users on centralized and decentralized exchanges
Types of Trading Bots
- Arbitrage Bots: Exploit price differences across exchanges
- Market Making Bots: Provide liquidity and earn spread
- Trend Following Bots: Analyze indicators like RSI or MACD
- MEV Bots: Extract profits by ordering transactions in blocks
While some bots have made headlines for extracting millions in MEV gains, these require in-depth knowledge, constant monitoring, and high-risk capital. They are not the type of tool that promises “get rich quick” in a YouTube video.
Example of Legal MEV Exploitation
The now-infamous “arsc” MEV sandwich bot is a legal bot that reportedly earned $30 million from Solana by front-running unsuspecting users. This shows that MEV is a double-edged sword: powerful in the right hands, devastating in the wrong ones.
The Red Flags: How to Spot and Avoid Crypto Bot Scams
SentinelLABS provided a checklist of red flags that every trader should keep in mind:
Aged YouTube Accounts with Sudden Content Changes
If an account suddenly shifts from gaming or pop culture to crypto bots, that’s a red flag.
Unvetted Smart Contracts
Never deploy contracts you don’t fully understand. If the code is obfuscated, that’s already a red flag.
Too-Good-To-Be-True Claims
Promises of guaranteed profits from bots with no prior audit or review should immediately raise suspicion.
Source Originates from Social Media
Avoid smart contracts or dApps shared via YouTube, TikTok, or Telegram unless verified by trusted developers.
No GitHub/Audit Trail
Legitimate projects usually have public GitHub repositories, open issues, and security audits.
Fake Testimonials
Look out for accounts with only positive comments, especially ones that repeat or look AI-generated.
The Bigger Picture: Growing Threat to the Crypto Ecosystem
This incident highlights a broader concern: increased sophistication among crypto scammers. As the DeFi and crypto ecosystems continue to mature, so do the bad actors looking to exploit newcomers and even seasoned investors.
More importantly, the integration of AI tools, blockchain automation, and social media manipulation makes it more challenging than ever to separate real opportunities from traps.
SentinelLABS and other cybersecurity firms are now calling on both YouTube and Ethereum developers to increase oversight, implement detection mechanisms, and educate users about smart contract safety.
Final Warning from SentinelLABS
“Crypto traders should never trust any code that hasn’t been reviewed by independent auditors,” said Alex Delamottea.
“If the offer seems too good to be true, especially from an influencer or video content, it probably is.”
Protect Yourself Before You Deploy
The days of obvious phishing links and crude scams are long gone. In 2025, malicious actors are now:
- Using aged social media accounts
- Leveraging artificial intelligence
- Obfuscating Ethereum smart contracts
- Laundering funds through complex multi-wallet schemes
To protect yourself, always follow smart contract best practices, rely only on verified platforms, and resist the urge to chase quick profits through unverified bots. The allure of easy money is precisely what scammers exploit and now they’re doing it at scale.
