Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I find it rather irritating that the author didn't bother to describe the mechanics behind the supposed scam. A quick sample of other posts also suffer from the same lack of information.


Nothing complicated. It's the usual "send us btc/eth to get double back" scams.

The substack has other posts that have more context. https://scaminvestigations.substack.com/

Screenshot: https://old.reddit.com/r/ethereum/comments/n49iye/scam_sent_...


Crypto holders can get on EVE Online a free hands-on crash course on currency scams.


Or Runescape haha


It's basically the Nigerian Prince email, but via YouTube and with crypto for payment.

I guess another advantage of the blockchain is that you can watch marks getting suckered in near real-time?


I am trying to find more information such as how they obtain the livestream views or how they hack the twitter accounts. Hundreds of articles have been written about this but no insight as to where the livestream views come from. Are the livestream from proxies or some sort of browser hijack.

Also, almost everyone by now is aware of the scam given all the news coverage it over the past few years, so I don't see the need to repeat myself again.

Google "crypto giveaway scam YouTube" no quotes for more info.


I’m guessing Discord server hijacking is also a source. There are hundreds of crypto servers that are full of spam (they advertise as pump n dump) and people constantly fall for them.


Indeed. But this site is probably a pretty typical example of the scam: https://msnews.io/#rules

I like their calculator. Very helpful.


Holy shit. Try opening Dev tools (F12); it redirects you immediately to some random minecraft YouTube video.

They do NOT want people digging into the site, haha.


It's using console-ban: https://github.com/fz6m/console-ban

It's easy enough to work round in uBlock - just add:

    ||cdn.jsdelivr.net/gh/fz6m/console-ban@3.2/dist/console-ban.min.js
as a filter.


Thanks for that tip.

Fun fact, they additionally try to prevent any text selection, right-clicking, or copy/paste chords. Pasting this in your devtools debugger restores all functionality:

    (function () {
     if (typeof document.body.style.MozUserSelect != "undefined") {
        document.body.style.MozUserSelect = "auto";
     }
     document.body.style.cursor = "default";
     document.captureEvents(Event.MOUSEDOWN);
     document.onmousedown = double_mouse;
     document.oncontextmenu = function() {return true};
     document.onkeydown = function() {return true};
    })();
Also, the "transactions log" is literally all random numbers generated in the browser:

    function createTableItem() {
        let coin = randomInteger(0, 1) == 1 ? "BTC" : "ETH";
        let inputValue = coin == "BTC" ? randomInteger(0, 5) + "." + randomString(5, "123456789") : randomInteger(0, 20) + "." + randomString(5, "123456789");
        let outputValue = ++inputValue * 2;
        let fee = inputValue / 100000;
        let address = coin == "BTC" ? $("input[name=address_btc]").val() : $("input[name=address_eth]").val();

        let row = `<div class="transaction-item">
                <p class="txhash">${randomString(25) + "..."}</p>
                <p class="block">${randomString(6, "123456789")}</p>
                <p class="from">${randomString(25) + "..."}<br>${address}</p>
                <div class="arrow"><img src="../img/check.svg" alt=""></div>
                <p class="to">${address}<br>${randomString(25) + "..."}</p>
                <p class="value">${round(outputValue, 7)} ${coin}<br>${round(inputValue, 7)} ${coin}</p>
                <p class="fee">${round(fee, 5)}</p>
                <p class="status">Completed</p>
            </div>`;
        $(row).hide().prependTo(".transaction-content").fadeIn("slow");
        $('.transaction-item:eq(5)').remove();
    }

    createTableItem();
    createTableItem();
    createTableItem();
    createTableItem();
    createTableItem();
    setInterval(createTableItem, 8000);


crazy find


I was surprised at how few spelling errors the scam had until I got to the transaction hashes and wallet addresses.


But the lack of articles like “the” are a flag to be that this is probably Russian or Ukrainian. They generally do not use “the” when writing English.


While this prior may be informative, plenty of languages don’t have these. All Slavic languages AFAIK for a start.


Apparently their marks cannot multiply by 2.


You will send 0.000000000001 btc. You receive 2btc. Fantastic deal!


In this situation he describes something that has been happening for a long while (years), and almost everyone active in the space is familiar with the scam. But what people don't know is that right now (still) it appears to scam people out of 6 digits per day.

Adding an explainer of what's happening might get rid of your irritation, but it might just irritate many other readers coming there for the meat. All the other posts are about the same topic, so this blog seems to more document details of what's happening as opposed to explain the basics to everyone.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: