Weaponized Trading Bots Drain $1M From Crypto Users via AI-Generated YouTube Scam
Report by SentinelLABS reveals a sophisticated campaign leveraging AI-generated YouTube videos and manipulated smart contracts to siphon over $1 million in ether from unsuspecting users. Promotional videos featured AI avatars and voices, guided viewers through deploying malicious MEV arbitrage bots. Contracts contained hidden routines routing funds to attacker wallets via XOR obfuscation and large decimal-to-hex conversions.
Deployment instructions directed victims to Remix IDE, fund the contract with ETH, and invoke a Start() function. Instead of executing arbitrage operations, this function triggered fallback mechanisms that transferred user deposits to hidden Ethereum accounts. The most lucrative address, 0x8725...6831, collected 244.9 ETH (≈ $902,000) before sending funds to secondary addresses to hinder traceability.
SentinelLABS identified the campaign’s reliance on aged YouTube channels with unrelated content and manipulated comments to feign credibility. Some videos were unlisted and distributed via Telegram and private messages. Researchers found 387,000 views on the primary tutorial account, @Jazz_Braze, which lacked any transparency about contract ownership.
Affected wallets often showed co-ownership structures tying victim and attacker externally owned accounts. Even without activation of the main function, fallback routines gave attackers full withdrawal rights. Smaller wallets netted five-figure sums, but only the Jazz_Braze tutorial attracted nine-figure deposits.
In response, SentinelLABS urges caution: free trading bots advertised on social media should never be deployed without comprehensive audit. Users are advised to review code thoroughly, even on testnets, to detect obfuscated addresses and unauthorized control flows. This incident underscores the urgent need for developer-level scrutiny and enhanced community education on smart contract risks.
SentinelLABS continues to collaborate with exchanges and analytics platforms to trace attacker movements and recover stolen funds. Ongoing monitoring aims to identify similar AI-driven scams and prevent future losses.
Comments (0)