How is this even possible?

So this is the scammers address 0x9FbE1daa82333EC0863b315dd60eE8D1e276AeCF

And this was the original contract on which he did the presale 0x98D4996e5B038Bd35ffa1fd411F056d914920CEE

He had a mint function there but it was not callable from the write contract tab on bscscan…

Then he created this contract 0xa35fd68ab5786a5462c5fd60b4a777503905afb3 and was somehow able to dump the tokens from this contract to the presale one…

IDK if that was how he did it as I’m not experienced in solidity but somehow magically he minted the tokens and stole 42000 USD.

Please explain how it was done and how to detect such a thing so that I don’t get scammed in future

When you give an address you also need to mention what network it is on. In this case it’s clear it’s not Ethereum mainnet.

Sorry I had given the Bep20 flair, it’s on BSC.
I can’t wrap my head around how he did it, it was a 43K USD scam

You got anything or is it a bug that no one but the scammer knows about?

Take a look at line 494.

2 Likes

Oh shoot, pulled a sneaky there....
Damn... Nobody did actually notice the missing 'e', and IDK how it slipped from the sight having 2 increaseAllowance functions....
Thanks for pointing it out tho, will be more careful now...

2 Likes