Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
Daniel Luca 🦄 Profile picture
Daniel Luca 🦄
@cleanunicorn
Head of Tech @edenblockvc | Dev, Security, Investor | ex @fiatdao, @ConsenSysAudits, @alethioethstats @consensys🦇🔊 | crypto since '17

Sep 17, 2021, 12 tweets

Just got an airdrop of 298,131 XCH tokens.

When I looked into the project a bit, I found out they are a scam.

Let me walk you through.

🧵👇🏼

First I had to check the tx that actually did the airdrop.

Looks like a pretty standard "push to all people" airdrop.

etherscan.io/tx/0x7d678e4c1…

When I went to check the last transactions that interacted with the contract, something interesting was there.

Lots and lots of failed transactions. 🎁

All of them are trying to call "approve".

Digging deeper into one failed approve transaction, I saw the error message is

'To Exchange, use this website - abchange.io'

This LOOKS FISHY! 🐡

You SHOULD be able to interact with the contract directly, not only through the website.

etherscan.io/tx/0x30d1becac…

The next step is to just check the website.

The values are prepopulated, and it seems the airdrop would translate into 6.1 ETH.

Who wouldn't sell them for that much ether?

But changing any of the values doesn't do anything.

I was expecting the ether value to be calculated based on the updated XCH value and vice-versa.

I was thinking, maybe I need to first connect my 🦊 wallet.

But still, the initial values should be calculated not just filled in.

However, when I connect my 🦊 wallet, it grabs a list of all tokens I own.

The values still aren't updated if I change them.

It just needed my personal address to get a list of my assets.

Wondering why?

After I click "Exchange" I get this message in 🦊Metamask.

"Allow abchange.io to spend your $DEGEN?"

Say what?

Now it all ties together.

They need to find out what assets you have on your account to get the most valuable asset you own.

In my case, it's $DEGEN, an index token created by @ndxfi

The good thing is Metamask understands the transaction and it's able to tell you what it does

So it's actually trying to scam you out of the most valuable token you own.

The airdrop is just a way to bring people to the website.

I just created a pull request into @MetaMask to add abchange.io to the blacklist.

Help me get this through quickly! We need to protect the users.

github.com/MetaMask/eth-p…

@danfinlay @kumavis_

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling