EddieJayonCrypto

 24 Feb 25

tl;dr

Blockchain security firm CertiK has uncovered a new trend where scammers are targeting automated trading bots through deliberately designed smart contracts. These scammers create fake tokens with hidden "backdoors" to deceive AI-powered trading bots, leading to potential losses in the "tens of milli...

Blockchain security firm CertiK has uncovered a new trend where scammers are targeting automated trading bots through deliberately designed smart contracts. These scammers create fake tokens with hidden "backdoors" to deceive AI-powered trading bots, leading to potential losses in the "tens of millions of dollars." Despite technical solutions, it is challenging to prevent these attacks without introducing new security vulnerabilities. The scammers continue to exploit the lack of strict controls, causing significant harm to trading bots.


In the fallout of the LIBRA meme coin scandal in which insiders received advanced knowledge of the launch mechanics, blockchain security firm CertiK revealed how a new breed of scammers is switching tactics to target automated trading bots instead. Speaking with Decrypt at Consensus in Hong Kong last week, CertiK chief security officer Kang Li shared insights into how some smart contracts are being deliberately designed to target the snipers themselves. "It turns out the target they are going after are the AI trading bots," Li said.


Smart contract sniping is a method where bots monitor on-chain activity to detect newly launched tokens and execute trades before human traders can react. Li explains that a new breed of sophisticated scammers is designing fake tokens with hidden "backdoors" that appear safe to AI-powered trading bots, which are programmed to detect security risks. While these AI trading bots "are not dumb" and analyze tokens "to see if you have any clear rug-proofing function there," scammers have turned this into a bait-and-switch scheme, Li pointed out.


Li challenges the idea that blockchain security isn’t necessary for meme coins and pump-and-dump schemes, arguing that the real risks lie in who controls the token, price manipulation, and the history of those behind it. These scams are happening on a "massive scale," potentially causing losses in the "tens of millions of dollars," Li said. With little fear of legal consequences, scammers 'just keep killing' trading bots, exploiting the lack of a single big victim.


While technical solutions exist, implementing them without introducing new security vulnerabilities is nearly impossible. "There are some anti-sniping solutions, people can do that to block them in the smart contract layer," BitLayer founder Charlie Hu told Decrypt in a separate interview. "They detect abnormal gas fee payments and transactions, but many teams avoid these protections." Such solutions set parameters to prevent sniping, but the way smart contracts are designed can create loopholes. In other words, if there are no strict controls over who can trade or how transactions are executed, sniping bots can still exploit the system. "If developers make it pure permissionless, you just let the scammers go through," Hu said.

Disclaimer

The opinions expressed by the writers at Grow My Bag are their own and do not reflect the official stance of Grow My Bag. The content provided on our site is not intended as investment advice, and Grow My Bag is not an investment advisor. We do not endorse buying or selling any cryptocurrencies or digital assets mentioned in our articles. High-risk investments in Bitcoin, cryptocurrencies, and digital assets require thorough due diligence, and all transfers and trades made are at your own risk. Grow My Bag is not responsible for any potential losses and participates in affiliate marketing.
 24 Feb 25
 24 Feb 25
 24 Feb 25