How did someone make a fake $MASK token and scam hundreds of ETH by exploiting DexTools?
A Thread 🧵
A Thread 🧵
Code was injected into the title and description of the token on dextools which the website executed, resulting in the token displaying a "verified" status.
Dextools has faulty coding, so their site showed the coin as legitimate and even had a pop-up showing that the coin was verified.
After ~$1m was bought of the token, sells were locked and they'll likely tornado cash out the money, the same way that they tornadod the initial money to fund liquidity
The @DEXToolsApp team has not responded to my messages so far, but this is a serious fault on their end. Remember to be careful while trading and if you aren't sure of something, don't take the risk.
Follow me for more updates and security tips! 🧵
• • •
Missing some Tweet in this thread? You can try to
force a refresh
