Monthly report attached - May 2023

Nota Bene - switched from Coordinape to Grants as per advice by the DAO and Grants council.
Thanks for your continuous support!

Bad sites detected and shared with vendors for removal: 14


UrlScan IoCs

Balancer



Search Balancer (853 hits in 31 files of 31 searched)

Search (balancеr|balqncer|balancer|balahcer|bqlancer|baIancer|balencer|baiencer|balancer-fi|balancer-fl|baiancer-fi|balencer-fi|balancer\.fi|balancer-fl|ba[l1][ae]ncer|b[ao]l[ae]ncer|b[aq]lancer|fi-balancer|app-balancer|bal-drop|airdropbal|balancerairdrop|[a-zA-Z]*balancer[a-zA-Z]*|[a-zA-Z]*bqlancer-[a-zA-Z]|[a-zA-Z]*balancer[a-zA-Z]*|a-zA-Z]*balancerfi[a-zA-Z]*|a-zA-Z]*bal-[a-zA-Z]*|[a-zA-Z]*baiancer[a-zA-Z]*)



As balancer is a common word and "Load Balancer" is often registered and present in subdomains alike, there is a lot to filter though, but the real number of scams is fairly low, a bit more than a dozen from almost 900.



Sneak Peek in my abuse inbox


Metamask, airdrop, walletconnect, etc:

Search "airdrop" (252 hits in 31 files of 31 searched)
Search "binance" (1836 hits in 31 files of 31 searched)
Search "coinbase" (992 hits in 31 files of 31 searched)
Search "elonmusk" (136 hits in 26 files of 31 searched)
Search "metamask" (362 hits in 31 files of 31 searched)
Search "pancakeswap" (125 hits in 25 files of 31 searched)
Search "sushiswap" (9 hits in 7 files of 31 searched)
Search "trustwallet" (13 hits in 7 files of 31 searched)
Search "walletconnect" (17 hits in 11 files of 31 searched)





jaw drop clip art - Clip Art
        LibraryTotal potential bad hits for the month ~21K

Search (usdc|claim|coinbase|colnbase|c0inbase|c0lnbase|cornbase|coirbase|balancer|balahcer|bqlancer|baIancer|[a-zA-Z]*1inch[a-zA-Z]*|[a-zA-Z]*1inch-[a-zA-Z]|[a-zA-Z]*oneinch[a-zA-Z]*|a-zA-Z]*1-inch[a-zA-Z]*|a-zA-Z]*1-inch[a-zA-Z]*|[a-zA-Z]*1inch[a-zA-Z]*|[a-zA-Z]*pancakesw[a-zA-Z]*|[a-zA-Z]*pancakesv[a-zA-Z]*|[a-zA-Z]*pancokesv[a-zA-Z]*|[a-zA-Z]*pancokesw[a-zA-Z]*|[a-zA-Z]*pancakosw[a-zA-Z]*|[a-zA-Z]*pancakkesw[a-zA-Z]*|[a-zA-Z]*pancake5[a-zA-Z]*|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*uni-[a-zA-Z]*|[a-zA-Z]*unisvv[a-zA-Z]*|unlswap"|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*uni-[a-zA-Z]*|[a-zA-Z]*pancakesw[a-zA-Z]*|[a-zA-Z]*pancakesv[a-zA-Z]*|[a-zA-Z]*pancokesv[a-zA-Z]*|[a-zA-Z]*pancokesw[a-zA-Z]*|[a-zA-Z]*pancakosw[a-zA-Z]*|[a-zA-Z]*pancakkesw[a-zA-Z]*|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|dapp|wallets|wallect|synchr|rectify|unlock|walet|1inch|airdrop|ethereum|walet|wallet|coinbase|uniswap|pancakeswap|liquidity|vvallet|metamask|metamaks|metemask|metamaks|paraswap|exchange|liquidity|kraken|bitso|dapp|sushiswap|sushlswap|sushisvv|opensea|polygon|walletconnect|waletconect|waiietconnect)" (44662 hits in 30 files of 30 searched)



Multiple offenders exposed and banned in Discord



Responsible moderator: dubstard#0008  After: 2023-05-01 Before: 2023-06-01 = 166 BANs

As myself and
Cosme, Danko, Gerg, Gleb and the rest of the mods are in somewhat different timezones (I am in EEST), we sort of "cover" for each other, while one is asleep, the other continues to monitor and swing the ban hammer, alongside with the bots, that autoban many offenders!




Warnings issued Discord

Fake wallet drainer "support" site


Scammers who send friend request and username says "check my bio" or something similar to get users to visit wallet drainer scam site



Fake "exploit" linked to a bogus wallet drainer masquerading as revoke.cash




Cointelegraph twitter hacked - warning issued



No DMs


No Balancer second "support" discord!


Various fake Balancer copycats








Internal discussion about other bots - custom Beets.fi bot, Beemo etc                                             

Chat with Beets/Franzns
  Chat with Ballers




Fake apps Google play store taken down - just 1 this month

Just one crypto specific, others are mobile trojans that could steal your assets as well if a malicious actors takes control over a Mobile device.


34 GH pull requests (dot and metamask anti-phish repos) in May 2023

https://github.com/dubstard

34 Pull requests - note that each blocks many scam URLs, so the total number of blocked sites is significantly larger than the PRs. As scammers tend to be very active during weekends, so am I!
MetaMask/eth-phishing-detect Block 28 scams 
#12715 opened 2 minutes ago by dubstard Review required
MetaMask/eth-phishing-detect Block 61 scams 
#12699 by dubstard was merged yesterday Approved
MetaMask/eth-phishing-detect Block 80 scam URLs 
#12680 by dubstard was merged 2 days ago Approved
MetaMask/eth-phishing-detect Block 95 scam URLs 
#12660 by dubstard was merged last week Approved
MetaMask/eth-phishing-detect Block 72 scam URLs 
#12650 by dubstard was merged last week Approved
MetaMask/eth-phishing-detect Block 77 scams 
#12638 by dubstard was merged last week Approved
polkadot-js/phishing block rescue-ai.netlify.app 
#3375 by dubstard was merged 2 weeks ago Approved
polkadot-js/phishing Block dapps-activate.web.app 
#3369 by dubstard was merged 2 weeks ago Approved
MetaMask/eth-phishing-detect Block 175 scam URLs 
 blocklist requestIssue or PR requesting to addition to the blocklist
#12606 by dubstard was merged 2 weeks ago Approved
MetaMask/eth-phishing-detect remove FP 
#12589 by dubstard was merged 2 weeks ago Approved
MetaMask/eth-phishing-detect Block 51 scam URLs 
#12586 by dubstard was merged 2 weeks ago Approved
MetaMask/eth-phishing-detect Block 127 scams 
#12582 by dubstard was merged 2 weeks ago Approved
MetaMask/eth-phishing-detect Block scams targeting Balancer, OpenSea and Exodus 
 blocklist requestIssue or PR requesting to addition to the blocklist
#12575 by dubstard was merged 2 weeks ago Approved
MetaMask/eth-phishing-detect Block scam URLs 
#12567 by dubstard was merged 2 weeks ago Approved
MetaMask/eth-phishing-detect Block 26 scam URLs 
#12554 by dubstard was merged 3 weeks ago Approved
MetaMask/eth-phishing-detect Block 28 scam URLs 
#12542 by dubstard was merged 3 weeks ago Approved
MetaMask/eth-phishing-detect Remove FP 
#12527 by dubstard was merged 3 weeks ago Approved
MetaMask/eth-phishing-detect Block scam URLs 
#12517 by dubstard was merged 3 weeks ago Approved