Share this article
Weaponized Trading Bots Drain $1M From Crypto Users via AI-Generated YouTube Scam
Scammers appeared to be using AI-generated avatars and voices to reduce production costs and scale up video content.
Updated Aug 7, 2025, 8:38 a.m. Published Aug 7, 2025, 8:30 a.m.
What to know:
- Over $1 million has been stolen from crypto users through malicious smart contracts disguised as MEV trading bots, according to SentinelLABS.
- Scammers used AI-generated YouTube videos and obfuscated code to deceive users into funding attacker-controlled wallets.
- SentinelLABS advises against deploying free bots from social media and stresses the importance of reviewing code thoroughly, even in testnets.
Over $1 million has been siphoned from unsuspecting crypto users through malicious smart contracts posing as MEV trading bots, according to a new report by SentinelLABS.
The campaign leveraged AI-generated YouTube videos, aged accounts, and obfuscated Solidity code to bypass basic user scrutiny and gain access to crypto wallets.
STORY CONTINUES BELOW
Scammers appeared to be using AI-generated avatars and voices to reduce production costs and scale up video content.
These tutorials are published on aged YouTube accounts populated with unrelated content and manipulated comment sections to give the illusion of credibility. In some cases, the videos are unlisted and likely distributed via Telegram or DMs.
At the center of the scam was a smart contract promoted as a profitable arbitrage bot. Victims were instructed via YouTube tutorials to deploy the contract using Remix, fund it with ETH, and call a “Start()” function.
In reality, however, the contract routed funds to a concealed, attacker-controlled wallet, using techniques such as XOR obfuscation (which hides data by scrambling it with another value) and large decimal-to-hex conversions (which convert large numbers into wallet-readable address formats) to mask the destination address (which makes fund recovery trickier).
The most successful identified address — 0x8725...6831 — pulled in 244.9 ETH ( approximately $902,000) via deposits from unsuspecting deployers. That wallet was linked to a video tutorial posted by the account @Jazz_Braze, still live on YouTube with over 387,000 views.
“Each contract sets the victim’s wallet and a hidden attacker EOA as co-owners,” SentinelLABS researchers noted. “Even if the victim doesn’t activate the main function, fallback mechanisms allow the attacker to withdraw deposited funds.”
As such, the scam’s success has been broad but uneven. While most attacker wallets netted four to five figures, only one (tied to Jazz_Braze) cleared over $900K in value. Funds were later moved in bulk to secondary addresses, likely to further fragment traceability.
Meanwhile, SentinelLABS warns users to avoid deploying “free bots” advertised on social media, especially those involving manual smart contract deployment. The firm emphasized that even code deployed in testnets should be reviewed thoroughly, as similar tactics can easily migrate across chains.
Read more: Multisig Failures Dominate as $3.1B Is Lost in Web3 Hacks in the First Half
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
NFT Project Pudgy Penguins Takes Over Las Vegas Sphere in Holiday Campaign
The NFT brand’s animated segments will air on the Sphere across Christmas week, signaling the crypto company's move into real-world consumer markets.
What to know:
- Pudgy Penguins will run an ad campaign at the Las Vegas Sphere during Christmas week, one of the few crypto brands to secure a spot at the high-profile venue.
- The NFT project, which launched on Ethereum in 2021, has expanded into physical toys and digital gaming as part of a broader consumer push.
- Pudgy Penguins briefly overtook Bored Apes in floor price earlier this year and recently launched its PENGU token on Solana, now trading on major exchanges.
Top Stories
