Nov 17, 2017
Is this a phishing scam?
We’re in two minds over this one
It was about 7a.m. in Johor, Malaysia after a hard night’s coding when Harry Denley pinged me with these messages in quick succession….
Phew! We all know that you should NEVER post private keys online so it was some relief to see that we who were, we hope, trustworthy would be the only people to see it except….
This was the comment
This is weird. A private key and a warning not to use it.
We had a look at the address in question. It was NOT a contract.
It was what is referred to as an EOA or externally owned address.
It had no ether but it has a ton of tokens.
So WHY post the private key? It was almost like a challenge to try to get the tokens….
So we looked at the transactions and it seemed that there were several different things happening.
- People deposited ether for gas then transferred out some tokens
- People deposited ether for gas but that gas got stolen before the depositor could transfer any tokens
- People deposited ether for gas but somebody else sent that ether to
0x00000000000000000000000000000000deadbeefWe found that #1 hardly ever happened. More often either 2 or 3 would happen almost immediately after the ether was transferred in.
Whenever tokens DID get transferred out, only a small number of these tokens were taken which was even stranger because there were 31 k tokens worth $14K
It looks as if the owners who set it up and released the private keys are counting on a significant number of people to decide to try to take the tokens and send ether to enable them to do so. Most people would then head over to myEtherWallet and try to transfer the tokens. By this time the owners, who had a bot monitoring the address, will have taken all the ether out.
So, why are we in two minds? Well, we don’t think you should really try to take the tokens because:
- They did warn you that you would lose your ether
- It was their address
- You are trying to take their tokens
- Well, you only put in a tiny amount for gas didn’t you?
