1/ A bad actor could look at public videos and use open tools to download the video
There are videos of many different people on video hosting sites that scammers can export from. On YouTube alone there is many videos returned searching "picture every day", "selfie a day", ...
2/ They would then use a tool, such as ffmpeg, to extract each frame to a PNG file automatically (maybe even de-duplicate any frames or set the framerate in the ffmpeg command to ensure uniqueness)
3/ Once we have all the frames, and remember we have only entered 2 commands in our terminal, we can then zip the directory holding the PNG files and use a WebUI to upload/pin to IPFS
4/ Now we have the files on IPFS (or any other webserver), modify the endpoint in the contract to this loc and deploy the contract with a Wizard (minimal coding and dev env)
mint() price to 0.001E and deploy to a chain (ie: BSC, Polygon)
List to marketplaces for secondary sales
5/ We now have, with very minimal effort, a new project with stripped images from a public video all within ~10 minutes (or less) of work
We now deploy a bot farm on Twitter to create some buzz, and (optionally) script some accounts to trade between themselves on the NFTs
6/
Wait
????
Profit
I am not saying/alluding Ghozali did this, I am just saying to expect a lot of copy projects that will spend 10 minutes of ripping historical images for a quick profit
• • •
Missing some Tweet in this thread? You can try to
force a refresh
⚠️ Have you heard of MEV frontrunning bots? This scam tries to capitalise on this term with other technical jargon to steal crypto from users
Typically, it is advertised as "How to make $XXX/day on Uniswap"
With 97k views on a YouTube channel boasting 26.4k subscribers
This scam works by convincing users that their smart contract is capable of monitoring the mempool and frontrunning transactions to profit from DEX trades
When actually, it is a simple proxy contract to forward your ETH deposits to the bad actor...
But where is manager configured?
Well, you'll see it is initialised within the constructor. IT is not a parameter in the contract deployment, but instead imported from a remote
⚠️ As of block 151,223,32, there has been 73,399 address that have been sent a malicious token to target their assets, under the false impression of a $UNI airdrop based on their LP's
Activity started ~2H ago
0xcf39b7793512f03f2893c16459fd72e65d2ed00c
Now that an address sees that "Uniswap V3: Positions NFT" sent them a token (without knowledge of the event pollution attack), they would get curious and check the token.
The token name directs them to a domain "/uniswaplp.com", which imitates the real @Uniswap branding
This community twitter account (@EnsTimeKeepers) with authenticate your Ethereum address and (timekeeper) @ensdomains ENS before it allows you to tweet.
For example: If you own 14h20.eth, then you can tweet during 1400-1459 (inclusive) on the UTC timezone
I recently came across a very niche "subsection" of the EthereumNameService that involved people minting ENS names around the 24H clock.