Monthly report attached - July 2023


Thanks for your continuous support!

Bad sites detected and shared with vendors for removal: 16


UrlScan IoCs
Balancer


Search Balancer (1673 hits in 30 files of 31 searched)

Search (balancеr|balqncer|balancer|balahcer|bqlancer|baIancer|balencer|baiencer|balancer-fi|balancer-fl|baiancer-fi|balencer-fi|balancer\.fi|balancer-fl|ba[l1][ae]ncer|b[ao]l[ae]ncer|b[aq]lancer|fi-balancer|app-balancer|bal-drop|airdropbal|balancerairdrop|[a-zA-Z]*balancer[a-zA-Z]*|[a-zA-Z]*bqlancer-[a-zA-Z]|[a-zA-Z]*balancer[a-zA-Z]*|a-zA-Z]*balancerfi[a-zA-Z]*|a-zA-Z]*bal-[a-zA-Z]*|[a-zA-Z]*baiancer[a-zA-Z]*)


As balancer is a common word and "Load Balancer" is often registered and present in subdomains alike, there is a lot to filter though, but the real number of scams is fairly low, 16 from almost 1700.


Sneak Peek in my abuse inbox

Metamask, airdrop, walletconnect, etc:
Search "walletconnect" (14 hits in 9 files of 31 searched)
Search "trustwallet" (31 hits in 14 files of 31 searched)
Search "sushiswap" (57 hits in 22 files of 31 searched)
Search "pancakeswap" (281 hits in 28 files of 31 searched)
Search "metamask" (595 hits in 28 files of 31 searched)
Search "elonmusk" (369 hits in 28 files of 31 searched)
Search "coinbase" (1774 hits in 28 files of 31 searched)
Search "binance" (2346 hits in 28 files of 31 searched)
Search "airdrop" (342 hits in 28 files of 31 searched)


Total potential bad hits for the month ~42K

Search "(usdc|claim|coinbase|colnbase|c0inbase|c0lnbase|cornbase|coirbase|balancer|balahcer|bqlancer|baIancer|[a-zA-Z]*1inch[a-zA-Z]*|[a-zA-Z]*1inch-[a-zA-Z]|[a-zA-Z]*oneinch[a-zA-Z]*|a-zA-Z]*1-inch[a-zA-Z]*|a-zA-Z]*1-inch[a-zA-Z]*|[a-zA-Z]*1inch[a-zA-Z]*|[a-zA-Z]*pancakesw[a-zA-Z]*|[a-zA-Z]*pancakesv[a-zA-Z]*|[a-zA-Z]*pancokesv[a-zA-Z]*|[a-zA-Z]*pancokesw[a-zA-Z]*|[a-zA-Z]*pancakosw[a-zA-Z]*|[a-zA-Z]*pancakkesw[a-zA-Z]*|[a-zA-Z]*pancake5[a-zA-Z]*|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*uni-[a-zA-Z]*|[a-zA-Z]*unisvv[a-zA-Z]*|unlswap"|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*uni-[a-zA-Z]*|[a-zA-Z]*pancakesw[a-zA-Z]*|[a-zA-Z]*pancakesv[a-zA-Z]*|[a-zA-Z]*pancokesv[a-zA-Z]*|[a-zA-Z]*pancokesw[a-zA-Z]*|[a-zA-Z]*pancakosw[a-zA-Z]*|[a-zA-Z]*pancakkesw[a-zA-Z]*|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|dapp|wallets|wallect|synchr|rectify|unlock|walet|1inch|airdrop|ethereum|walet|wallet|coinbase|uniswap|pancakeswap|liquidity|vvallet|metamask|metamaks|metemask|metamaks|paraswap|exchange|liquidity|kraken|bitso|dapp|sushiswap|sushlswap|sushisvv|opensea|polygon|walletconnect|waletconect|waiietconnect)" (42811 hits in 30 files of 31 searched)


Multiple offenders exposed and banned in Discord

from: dubstard after: 2023-07-01  before: 2023-07-31 in: 👮︲moderation  = 27
Responsible moderator: dubstard after: 2023-07-01  before: 2023-07-31 in: 👮︲moderation  = 170

172 offenders banned:


As myself and Cosme, Danko, Gerg, Gleb and the rest of the mods are in somewhat different timezones (I am in EEST), we sort of "cover" for each other, while one is asleep, the other continues to monitor and swing the ban hammer, alongside with the bots, that autoban many offenders!
Also the new bot is doing a lot of automated cleaning up now!

Warnings issued Discord


Various fake Balancer copycats
app-balancer-fi.com


baiamcer.site


appexchange-balancer.com
balancersw.com
balancertokens.com
exchange-balancer.com


fi-balancer.site


balancer-faq.com


balancer-fi.pro
balancerfinancial.com
balancercode.financial-market-world.com



balancer-fi.world



balabcer.com



balancer-dex.com



connect-balancer-fi.com balancer.capital


Revoke.cash scam



Twitter verified scams


Key for DeBank

Still plenty of Computing Units available




Fake apps Google play store taken down - just 2 this month

Just one crypto specific, others are mobile trojans that could steal your assets as well if a malicious actors takes control over a Mobile device.


And one fake Chrome Extension

17 GH pull requests (dot and metamask anti-phish repos) in July 2023

ℹNote that each PR blocks many scam URLs, so the total number of blocked sites is significantly larger than the PRs.


MetaMask/eth-phishing-detect Block 77 scams 
#13155 by dubstard was merged 1 hour ago Approved
 1
MetaMask/eth-phishing-detect Block 77 scams 
#13137 by dubstard was merged 4 days ago Approved
 1
MetaMask/eth-phishing-detect Block 116 scams. Remove redundant subdomains. Keep relevant apex domains only. 
 blocklist request
#13132 by dubstard was merged 5 days ago Approved
MetaMask/eth-phishing-detect Block 82 scams 
#13113 by dubstard was merged last week Approved
 1
MetaMask/eth-phishing-detect Block 55 scams 
#13095 by dubstard was merged last week Approved
 2
MetaMask/eth-phishing-detect Block 33 scams 
#13085 by dubstard was merged 2 weeks ago Approved
 1
MetaMask/eth-phishing-detect FP "banterbubbles.com", 
 allowlist request
#13084 by dubstard was merged 2 weeks ago Approved
MetaMask/eth-phishing-detect Block 33 scams 
#13076 by dubstard was closed 2 weeks ago Review required
MetaMask/eth-phishing-detect Block 62 scams 
#13067 by dubstard was merged 2 weeks ago Approved
 4
MetaMask/eth-phishing-detect Block 59 scams 
#13060 by dubstard was merged 2 weeks ago Approved
 1
MetaMask/eth-phishing-detect Block 64 scams 
#13044 by dubstard was merged 2 weeks ago Approved
 1
MetaMask/eth-phishing-detect Block 48 scams 
#13037 by dubstard was merged 2 weeks ago Approved
 2
MetaMask/eth-phishing-detect Block 56 scams 
#13030 by dubstard was merged 3 weeks ago Approved
 2
MetaMask/eth-phishing-detect Block 48 scams 
#13022 by dubstard was merged 3 weeks ago Approved
 1
MetaMask/eth-phishing-detect Block 85 Scams 
#13014 by dubstard was merged 3 weeks ago Approved
 1
MetaMask/eth-phishing-detect Block 25 wallet drainers 
#12990 by dubstard was merged 3 weeks ago Approved
 1



 1

https://github.com/dubstard

As scammers tend to be very active during weekends, so am I.