Monthly report attached - May 2023
Nota Bene - switched from Coordinape to Grants as per advice by the
DAO and Grants council.
Thanks for your continuous support!
Bad sites detected and shared with vendors for removal: 14
-
app-balancer-fi.com
-
app-balancer.finance
-
balancer-fi.com
-
balancer-finance.com
-
balancer-swap.com
-
balancere-fi.site
-
balancerfi.net
-
balancerq-fi.site
-
balancerr-fi.site
-
balancert-fi.site
-
balancerw-fi.site
-
gualitest.uk
-
pool-balancer.com
-
multipannel.site
UrlScan IoCs
Balancer
Search Balancer (853 hits in 31 files of 31 searched)
Search
(balancеr|balqncer|balancer|balahcer|bqlancer|baIancer|balencer|baiencer|balancer-fi|balancer-fl|baiancer-fi|balencer-fi|balancer\.fi|balancer-fl|ba[l1][ae]ncer|b[ao]l[ae]ncer|b[aq]lancer|fi-balancer|app-balancer|bal-drop|airdropbal|balancerairdrop|[a-zA-Z]*balancer[a-zA-Z]*|[a-zA-Z]*bqlancer-[a-zA-Z]|[a-zA-Z]*balancer[a-zA-Z]*|a-zA-Z]*balancerfi[a-zA-Z]*|a-zA-Z]*bal-[a-zA-Z]*|[a-zA-Z]*baiancer[a-zA-Z]*)
As balancer is
a common word and "Load Balancer" is often registered and
present in subdomains alike, there is a lot to filter though,
but the real number of scams is fairly low, a bit more than a
dozen from almost 900.
Sneak Peek in my abuse inbox
Metamask, airdrop, walletconnect, etc:
Search "airdrop" (252 hits in 31 files of 31 searched)
Search "binance" (1836 hits in 31 files of 31 searched)
Search "coinbase" (992 hits in 31 files of 31 searched)
Search "elonmusk" (136 hits in 26 files of 31 searched)
Search "metamask" (362 hits in 31 files of 31 searched)
Search "pancakeswap" (125 hits in 25 files of 31 searched)
Search "sushiswap" (9 hits in 7 files of 31 searched)
Search "trustwallet" (13 hits in 7 files of 31 searched)
Search "walletconnect" (17 hits in 11 files of 31 searched)
Total potential bad hits for
the month ~21K
Search
(usdc|claim|coinbase|colnbase|c0inbase|c0lnbase|cornbase|coirbase|balancer|balahcer|bqlancer|baIancer|[a-zA-Z]*1inch[a-zA-Z]*|[a-zA-Z]*1inch-[a-zA-Z]|[a-zA-Z]*oneinch[a-zA-Z]*|a-zA-Z]*1-inch[a-zA-Z]*|a-zA-Z]*1-inch[a-zA-Z]*|[a-zA-Z]*1inch[a-zA-Z]*|[a-zA-Z]*pancakesw[a-zA-Z]*|[a-zA-Z]*pancakesv[a-zA-Z]*|[a-zA-Z]*pancokesv[a-zA-Z]*|[a-zA-Z]*pancokesw[a-zA-Z]*|[a-zA-Z]*pancakosw[a-zA-Z]*|[a-zA-Z]*pancakkesw[a-zA-Z]*|[a-zA-Z]*pancake5[a-zA-Z]*|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*uni-[a-zA-Z]*|[a-zA-Z]*unisvv[a-zA-Z]*|unlswap"|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*unisvap[a-zA-Z]*|a-zA-Z]*uni-[a-zA-Z]*|[a-zA-Z]*pancakesw[a-zA-Z]*|[a-zA-Z]*pancakesv[a-zA-Z]*|[a-zA-Z]*pancokesv[a-zA-Z]*|[a-zA-Z]*pancokesw[a-zA-Z]*|[a-zA-Z]*pancakosw[a-zA-Z]*|[a-zA-Z]*pancakkesw[a-zA-Z]*|[a-zA-Z]*uniswap[a-zA-Z]*|[a-zA-Z]*uniswap-[a-zA-Z]|[a-zA-Z]*unisvap[a-zA-Z]*|dapp|wallets|wallect|synchr|rectify|unlock|walet|1inch|airdrop|ethereum|walet|wallet|coinbase|uniswap|pancakeswap|liquidity|vvallet|metamask|metamaks|metemask|metamaks|paraswap|exchange|liquidity|kraken|bitso|dapp|sushiswap|sushlswap|sushisvv|opensea|polygon|walletconnect|waletconect|waiietconnect)"
(44662 hits in 30 files of 30 searched)
Multiple offenders exposed and banned in Discord
Responsible moderator: dubstard#0008 After:
2023-05-01 Before: 2023-06-01 = 166
BANs
As myself and Cosme, Danko, Gerg, Gleb and the rest
of the mods are in somewhat different timezones (I am in EEST),
we sort of "cover" for each other, while one is asleep, the
other continues to monitor and swing the ban hammer, alongside
with the bots, that autoban many offenders!
Warnings issued Discord
Fake wallet drainer "support" site
Scammers who send friend request and username says
"check my bio" or something similar to get users to visit wallet
drainer scam site
Fake "exploit" linked to a bogus wallet drainer
masquerading as revoke.cash
Cointelegraph twitter hacked - warning issued
No DMs
No Balancer second "support" discord!
Various fake Balancer copycats
Internal discussion about other bots - custom Beets.fi bot,
Beemo etc
Chat with Beets/Franzns
|
Chat with Ballers
|
Fake apps Google play store taken down - just 1 this month
Just one crypto specific, others are mobile trojans that could steal
your assets as well if a malicious actors takes control over a
Mobile device.
34 GH pull requests (dot and metamask anti-phish repos) in May
2023
34 Pull requests - note that each blocks many scam URLs, so the
total number of blocked sites is significantly larger than the PRs.
As scammers tend to be very active during
weekends, so am I!
- MetaMask/eth-phishing-detect Block 115 wallet drainers
- MetaMask/eth-phishing-detect Block 28 scams
- MetaMask/eth-phishing-detect Block 127 scams
- MetaMask/eth-phishing-detect Block 175 scam URLs
- MetaMask/eth-phishing-detect Block 186 scam URLs
- MetaMask/eth-phishing-detect Block 26 scam URLs
- MetaMask/eth-phishing-detect Block 28 scam URLs
- MetaMask/eth-phishing-detect Block 51 scam URLs
- MetaMask/eth-phishing-detect Block 61 scams
- MetaMask/eth-phishing-detect Block 72 scam URLs
- MetaMask/eth-phishing-detect Block 77 scams
- MetaMask/eth-phishing-detect Block 78 scams
- MetaMask/eth-phishing-detect Block 80 scam URLs
- MetaMask/eth-phishing-detect Block 95 scam URLs
- MetaMask/eth-phishing-detect Block bogus airdrops, drainers
and phishing scam URLs
- MetaMask/eth-phishing-detect Block drainer and phishing URLs
- MetaMask/eth-phishing-detect Block drainer.js scams, fake
OpenSea, UniSwap, ZKSync
- MetaMask/eth-phishing-detect Block fake Metamask, 1Inch,
Opensea and Pancakeswap scams
- MetaMask/eth-phishing-detect Block fake WalletConnect and
Balancer finance URLs
- MetaMask/eth-phishing-detect Block recent scams (Discord spam,
email spam)
- MetaMask/eth-phishing-detect Block scam URLs
- MetaMask/eth-phishing-detect Block scam URLs
- MetaMask/eth-phishing-detect Block scam airdrops. drainer.js,
Balancer, Lens, Metamask
- MetaMask/eth-phishing-detect Block scams targeting Balancer,
OpenSea and Exodus
- MetaMask/eth-phishing-detect Block scams targeting MetaMask
- MetaMask/eth-phishing-detect Remove FP
- MetaMask/eth-phishing-detect Remove Uniswap FPs
- MetaMask/eth-phishing-detect remove 2 FP from blocklist
- MetaMask/eth-phishing-detect remove FP
- polkadot-js/phishing Block WalletConnect "node sync" scams
- polkadot-js/phishing Block dapps-activate.web.app
- polkadot-js/phishing Block scam "multipannel.site",
- polkadot-js/phishing block realyork.online and
airdrop-zksynsc.com
- polkadot-js/phishing block rescue-ai.netlify.app
#12715 opened 2 minutes ago by dubstard• Review
required