Post

How to get URL link on X (Twitter) App

On the Twitter thread, click on or icon on the bottom
Click again on or Share Via icon
Click on Copy Link to Tweet
Paste it above and click "Unroll Thread"!
More info at Twitter Help

ZachXBT

@zachxbt

Feb 14, 2022 • 15 tweets • 9 min read • Read on X

Scrolly

@MichaelSuppo

1/ A breakdown on @MichaelSuppo and all the @BlueZillaVc scams he promotes heavily to his audience.

2/ Suppoman is a crypto YouTuber who has been in the space since 2017.

In that period he has promoted many projects undisclosed stemming everywhere from rugs to ponzi’s to cash grabs.

TMG did a YT series on him in 2018.

3/ TLDR on Bluezilla:

>”incubates” copy paste launchpads & Uni v2 forks on every chain.
>projects never list the team, tokenomics, and other basic docs
>tokenomics have very short vesting periods (hence why they don’t display it)
>always promoted heavily through Suppoman

4/ $BSCPAD - Not displayed on their website but 4 months total of vesting for private rounds. Why even have vesting then?

5/ Let’s get into the Suppoman 2021 shills:

$GHSP

-Starting mkt cap $50k? Oof

6/ $ASTRO - Supposed to be a Cardano DEX but is listed on BSC?

-Tokenomics not found

7/ $ETHPAD - tokenomics not displayed on website.

8/ $KCCPAD - tokenomics not listed on website & token is on BSC?

9/ $TRONPAD - tokenomics not listed on website & token is on BSC?

10/ $ADAPAD - tokenomics not listed on website & token is on BSC?

11/ $METAV - tokenomics not on website; little to no vesting

12/ $BITORB - little to no vesting

13/ $PLSPAD - tokenomics not listed on website & token is on BSC?

14/ I could keep going but I think my point has been made.

>Suppoman gets private sale allocations to shill undisclosed scams to his audience

>Bluezilla’s scheme is to keep copy and pasting launchpads to pump and dump on them for $$$

15/ I would advise you avoid anything with Bluezilla’s name on it.

Search “Bluezilla scam” on Twitter to see all the people who have been rekt.

• • •

Missing some Tweet in this thread? You can try to force a refresh

This Thread may be Removed Anytime!

Twitter may remove this content at anytime! Save it as PDF for later use!

More from @zachxbt

ZachXBT

@zachxbt

Mar 23

1/ I uncovered a coordinated network of 10+ accounts manufacturing viral panic about war and politics to drive traffic to crypto scams.

Strategy:
>Purchase accounts with followers
>Doompost multiple times per day
>Repost content from alt accounts
>Promote fake giveaway or scam
>Change username

2/ Example: @wanglaurentceo

They started by purchasing an account with followers and use AI to create a fake Asian version of Mario Nawfal.

(User ID 1804235884826333184)

3/ Here’s related accounts reposting to boost the reach of posts about exaggerated or fake news.

This causes them to go viral each day with millions of views and thousands of likes / replies.

Read 7 tweets

ZachXBT

@zachxbt

Feb 26

1/ Meet @WheresBroox (Broox Bauer), one of the multiple @AxiomExchange employees allegedly abusing the lack of access controls for internal tools to lookup sensitive user details to insider trade by tracking private wallet activity since early 2025.

2/ Axiom is a crypto trading platform founded by Mist & Cal in 2024. After going through Y-Combinator's Winter 2025 batch, it quickly became one of the most profitable companies in the space, generating $390M+ in revenue to date.

I was retained to investigate allegations of misconduct at Axiom after receiving reports.

3/ Broox is a current Axiom senior BD employee based in New York.

In the clip Broox states he can track any Axiom user via ref code, wallet, or UID and claims he can "find out anything to do with that person".

He also describe researching 10-20 wallets initially and slowly increasing over time "so it does not look that suspicious"

In a separate clip from the same recording, Broox sets ground rules for how to request lookups from him and then says he'll send the full list of wallets.

The full recording is a private call of the group members strategizing.

Read 10 tweets

ZachXBT

@zachxbt

Jan 25

https://x.com/zachxbt/status/2014685263327351116

In case you are curious how John Daghita (Lick) was able to steal $40M+ from US government seizure addresses.

John’s dad owns CMDSS, which currently has an active IT government contract in Virginia.

CMMDS was awarded a contract to assist the USMS in managing/disposing of seized/forfeited crypto assets.

It still remains unclear at this point how John obtained access from his dad.

https://x.com/zachxbt/status/2014685263327351116

Update: The CMDSS company X account, website, & LinkedIn were all just deactivated

Update: John Daghita (Lick) began trolling again on Telegram shortly after my post

Read 4 tweets

ZachXBT

@zachxbt

Jan 23

1/ Meet the threat actor John (Lick), who was caught flexing $23M in a wallet address directly tied to $90M+ in suspected thefts from the US Government in 2024 and multiple other unidentified victims from Nov 2025 to Dec 2025.

https://x.com/zachxbt/status/1931216174903398723

2/ Earlier today John got into a heated argument with another threat actor known as Dritan Kapplani Jr. in a group chat to see who had more funds in crypto wallets.

In 'The Com' this is known as a band for band (b4b).

However the entire interaction was fully recorded.

https://x.com/zachxbt/status/1931216174903398723

3/ In part 1 of the recording Dritan mocks John however John screenshares Exodus Wallet which shows the Tron address below with $2.3M:
TMrWCLMS3ibDbKLcnNYhLggohRuLUSoHJg

Read 13 tweets

ZachXBT

@zachxbt

Dec 29, 2025

1/ Meet Haby (Havard), a Canadian threat actor who has stolen $2M+ via Coinbase support impersonation social engineering scams in the past year blowing the funds on rare social media usernames, bottle service, & gambling.

2/ On Dec 30, 2024 Haby posted a screenshot in a group chat showing off a 21K XRP ($44K) theft from a Coinbase user.

rN7ddvk4DrGHZUrBfNARJEEAbPkky9Mwcz

3/ On Jan 3, 2025 Haby posted a screenshot from his Exodus wallet showing his Telegram & IG accounts.

I matched up the historical balances to the screenshot and found the XRP address linked to two other Coinbase user thefts for ~$500K total.

rfA8MiWkRb6xjveQGKfJpdr8h1Kb4c83Rb

Read 12 tweets

ZachXBT

@zachxbt

Oct 19, 2025

1/ A video went viral on YT this week after a US based victim lost $3.05M (1.2M XRP) from their Ellipal wallet.

Here’s the tracing of where the stolen funds ended up and the biggest takeaways for similar thefts.

2/ Although the victim did not directly share the theft address after watching the video I found it by reviewing the date and amount.

r3cf5mgj5qEcj9n4Th28Es7NVRnXGJjkzc

The victim seems inexperienced and does not provide enough details to determine how the Ellipal wallet became compromised besides it being user error.

3/ The attacker created 120+ Ripple -> Tron orders via Bridgers on Oct 12, 2025.

On block explorers the transactions show as Binance since Bridgers (formerly SWFT) uses them for liquidity.

Read 9 tweets

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Share this page!

Enter URL or ID to Unroll

ZachXBT

Try unrolling a thread yourself!

More from @zachxbt

ZachXBT

ZachXBT

ZachXBT

ZachXBT

ZachXBT

ZachXBT

Did Thread Reader help you today?

Don't want to be a Premium member but still want to support us?

Send Email!