Warning: Crypto Trading Bots on YouTube Steal £700,000 - What You Must Know

Trading bots that look like guaranteed investments on YouTube are, in effect, advanced scams that have stolen over 700,000 pounds worth of wallets of victims who assumed them to be legit. This destructive trend was recently revealed by SentinelLABS scientists, according to whom cybercriminals sell malicious smart contracts posing as legal trading software. Much to our dismay, these scams have been at it since at least the beginning of the year 2024, and one of the most prominent attacker addresses alone collected more than 900,000 dollars in stolen funds.

The danger of such scams is that they exploit people who are uncertain whether the crypto-trading bots can be profitable or even legal at all. The hackers in particular encourage the victims to remit at least 0.5 Ethereum (ETH), which is equivalent to 1,829 dollars, stating that this amount will guarantee the earners some valuable gains. Fundamentally, these robots in trading bots, do work only that they do not work in favour of the victims. Although bots used in legal crypto trading do exist, the malicious ones use sleek obfuscation tactics to remain unnoticed in regard to their intent. It is indeed estimated that more than 256 Ether have been stolen in false malware by this scheme, with the most effective known address attracting about 244.9 Ether (about 902,000 dollars).

(toc) #title=(Table of Content)

In this article we will look into the inner workings of these YouTube crypto scams along with why they work so well and, most importantly, how to prevent falling for one and being the next victim.

The Work of YouTube Crypto Bot Scam

The fraud starts with enticing clicking videos teaching you on YouTube on how to deploy and operate what seems like a very lucrative arbitrage or MEV (Maximum Extractable Value) trading bot. The tutorials described above are the details of an artfully planned cure that is currently operating in 2024.

Smart Contracts That Were Smart Trading Robots

Hackers have access to compromised channels on YouTube through which they post videos that advertise fake crypto-trading bots. Through these videos, one is given an actionable guide on how to deploy a smart contract on the Remix Solidity Compiler site. But what at first glance seems like an advanced automated trading system is, in fact, malicious code, which has only one goal in mind: to steal your cryptocurrency.

The scam is based on the increased popularity of crypto automated trading bots, a subject of a question many investors ponder: are crypto trading bots legal? Do crypto trading bots make a profit? These are in fact legitimate ones, but these weaponised contracts are presented as arbitration instruments which are purportedly used to check price differences on an exchange.

Victims are asked to invest in a contract with ETH

An attack remains and, once the bad smart contract has been deployed, the victims receive instructions to deposit 0.5 ETH (about 450 lb) into it. This condition is supported on the grounds that the amount will be used to pay the gas charges and guarantee that the profit is huge enough to justify it.

The videos that show how to use the product normally instruct the user to call a method such as Start() or StartNative(), presumably triggering the trading algorithm. However, the truth of what is really going on is far more criminal-the contract is merely getting ready to redirect your money.

Obfuscation Is Used To Conceal The Attacker's Wallet

The craftiness of this fraud is that the scam artists hide their addresses. There are numerous advanced obfuscation methods used within various contracts to keep your money in obscurity with regard to how and where it will end up:

• XORs to scramble the address with something else
• String concatenation is used to determine the address combining parcels.
• Huge decimal-to-hex conversions converting large amounts of nondescript numbers into amounts readable by a wallet

Moreover, both the victim and a secret attacker are put in place as co-owners bounded by each contract. This two-ownership model has a failback application that entails money drainage regardless of the recipient of the funds turning on the primary application. When you pay the contract, your ETH is basically under the whims of the attacker.

The AI/ Aged YouTube Accounts Role

Image Source: Incode

All successful crypto trading bot scams attempt to have complex technological manipulation behind them, which makes these attempts not only scalable but also persuasive. Cybercriminals no longer conduct basic fraud, and they have adopted the use of artificial intelligence to develop sophisticated deceptions.

Artificial Intelligence-Built Avatars And Voices

The onslaught of crypto scams, which have increased by 456 percent between May 2024 and April 2025, is also associated with the tremendous progress in artificial intelligence-generated material. The scammers can easily hire synthesised characters and voices to generate large numbers of fake videos with no trace of their identity. The physical tell-tale signs are normally seen in these AI-created narrators; they have an awkward voice cadence, have very few facial expressions, and typically stare right into the camera with no side profile angle. Such a method of production significantly lowers operating expenses and enables criminals to expand their business at an accelerated rate.

YouTube Account Domination or Ageing Credibility Buying

Instead of creating the reputation of a channel on their own, fraudsters purchase existing channels in the black market. These old accounts are sold in groups on Telegram and search-indexing sites such as Mid-Man with preinstalled content that is unrelated to the reason they are sold, so that they may be perceived as legitimate. These accounts can be loaded with either crypto news, stock tips or pop culture at large that seem innocuous. This ageing strategy increases the level of visibility and trust. Thus, viewers are less likely to see the authenticity of the content.

Fipulated The Comment Sections To Create Deception Of Trust

Scammers, in order to sustain the idea of legitimacy, carefully control interactions in their videos. Unkind remarks and cautions are promptly removed, and fake reviews that place prospective profits are everywhere on the commentary boards. In other instances, such operations are automated in order to copy and paste supportive remarks to various videos. Moreover, the comment sections can be turned off, or they can be available only to long-term subscribers so that informed users cannot alert potential victims.

Therefore, more experienced viewers have started using websites such as Reddit to verify these so-called crypto-automated trading bots prior to investing. This AI-generated content coupled with already existent YouTube accounts presents an optimal situation for the creation of lies that even criminals with relatively limited resources can take advantage of.

The Inside of the Smart Contract: Funds Stealing

Image Source: Nature

The technological core of such crypto frauds is elaborate Solidity smart contracts that excellently hide the ill will of scammers. After scrutinising such contracts, security experts have found several advanced methods which ensure that detection of such dangers is very difficult.

For 1, XOR And String Obfuscation Methods

Essentially, the evil smart contracts use three basic obfuscation techniques to conceal the wallet address of the attacker. The most complicated requires XORing two 32-byte values of deceiving, e.g., with the names of "DexRouter" and "factory". When these constants are added together, they are added together using a formula that discloses the wallet of the attacker address(uint160(uint256(a) ^ uint256(b))). Others involve concatenation of strings, which combines bits of addresses, and large decimal-to-hex conversion, which is the conversion of 256-bit integers into wallet addresses.

Backstop Arrangements To Withdraw Money

These contracts, even when victims never trigger the primary functions, also have failover features where attackers can remove the deposited funds. In addition, the contracts have fallback functions, which in instances where the contract receives Ether, or unrecognised separate calls, they run the fallback functions. It forms a second point of attack, as weakly secured backup functions allow unsanctioned operations such as re-committing fund withdrawals.

Co-owner By Victim And Attacker

When deployed, such weaponised contracts create dual ownership where ownership of the wallet of the victim and the unused attacker's address are both specified as co-owners. This system contributes to a delusion of security at the same time as attackers are provided with administrative powers on funds. One particular address of an attacker (0x872528989c4D20349D0dB3Ca06751d83DC86D831) was spotted by security researchers in several malicious contracts. The consequences are dire, because even the apparently benign crypto-automated-trading bots are, in reality, highly-sophisticated financial traps that are an effective getaway system for stolen money.

Real Impact: How 700k was stolen

Image Source: Chainalysis

Such cryptocurrency trading scams have left a trail of financial destruction, and it has been revealed that these fraudulent bots have easily preyed on unsuspecting victims looking to start investments.

Jazz_Braze Video And 244.9 ETH Case Study

The most frightening one is the YouTube channel @Jazz_Braze, where the video titled "How to Create Passive Income MEV Bot on Ethereum Full Tutorial" has collected more than 387,000 views. The wallet address tied to this single channel (0x872528989c4D20349D0dB3Ca06751d83DC86D831) received a mind-boggling value of 244.9 ETH (around 4.2m in sterling). Compared to other scam videos, the AI application in this account was minimal, which had elements of naturality and adherence to the facial reflections, adding to its authenticity.

The earnings and other wallets

Though Jazz_Braze is the largest heist, there have been so many minor ones that have made significant profits. On all the recently discovered scam wallets, they were able to withdraw 7.59 and 4.19 ETH separately. In total, security experts report that these operations have stolen more than 256 ETH (roughly 700, 000 GBP). Victims are normally persuaded to submit at least 0.5 ETH worth approximately 450 GBP in present-day values because scammers claim that this is useful towards gas fees, and towards possible returns.

Conclusion

Such crypto trading bot scams on YouTube are an advanced form of crypto fraud. As a result, scam wallets have so far received more than 700,000 pounds and counted up to 244.9 ETH in individual cases. There are several levels of deception used by the criminals running these operations: the malicious smart contracts contain covert addresses of the attackers, AI-generated content, and aged YouTube accounts that help to precondition the false credibility of the act.

Even worse, perhaps, such scams are still around even after the warning. Victims will enquire about whether crypto-trading robots are legal or profitable only to find out the bitter truth when their money is gone. Furthermore, these scams are also technologically sophisticated, thus they are especially hard to detect without special knowledge.

It is necessary to be alert in terms of cryptocurrency investment opportunities. This is why one should perform research before implementing any smart contract or sending ETH to any unfamiliar address. Likewise, videos on YouTube claiming that earning crypto is as easy as counting on trees should raise immediate scepticism, more so when there are certain minimum numbers of deposits contained.

The obfuscation practices in these contracts truly indicate the advanced practices of crypto scams in today's times. However, through awareness of their ways, we have the best opportunity to protect ourselves. Well, there are probably legit crypto trading tools after all, but they never make you give up control over your money in them to some random third party.

So the next time you find a lucrative crypto opportunity and all you have to do is put in a small amount of effort, just keep this in mind: what they are promising you must be benefiting someone or something at the expense of something that belongs to you. The opportunities posed by cryptocurrency are exciting, but it is always wise to remain protective of ourselves against anyone that may take unfair advantage of our need to make a profit.

Key Takeaways

YouTube crypto-trading bots are being used as an avenue through which cybercriminals have stolen more than 700,000 pounds, using them to defraud crypto investors seeking automated trading.

• AI-created avatars and aged YouTube accounts are used to popularise malicious smart contracts posing as profitable trading bots. 
• Victims are asked to deposit at least 0.5 ETH (450 pounds) to contracts that steal funds and give them to secret wallets of the scammers 
• Tricky contracts use XOR operation and transfer obfuscation to obfuscate the address of the scammerwallet against the victim 
• One of YouTube channels gathered 244.9 ETH (4.2 million dollars) only through one fraudulent trading bot tutorial video

These frauds take advantage of the increasing popularity of automated trading in the crypto market by using both technical and psychological trickery. The attackers develop the use of dual ownership of contracts, present false testimonials on comment texts and incorporate fallback means to steal money even when the victims fail to activate primary features. Just keep in mind that when there is a crypto opportunity it seems to be an easy way to get profits with little effort. Chances are that the person behind the opportunity wants to take your money and not share it with you.

FAQs

Q1. Are trading bots crypto legal and profitable?

Although there are actual crypto trading bots, most of them advertised on YouTube are scams. Legitimate bots are potentially lucrative, though legal, and have to be researched and understood properly prior to utilisation. Be very wary of any bot that claims profitable and easy gains.

Q2. But how is a YouTube crypto scammer able to acquire credibility?

Scammers usually purchase old YouTube accounts that already have content and subscribers so they would look legit. They make persuasive videos using AI-produced avatars and voices and cheat on the comment section by deleting warnings and publishing fake testimonials.

Q3. How much do scammers normally ask their victims to invest?

The majority of such scam dealings specify that one has to send a minimum of 0.5 Ether (ETH) to the smart contract, stating that it is needed to cover the gas costs of a transaction and guarantee profitable income. This is around 450 pounds, give or take the current rates.

Q4. What are the ways that malicious smart contracts conceal the wallet address of the attacker?

These contracts employ advanced obfuscation such as XOR operations, string concatenation and conversion of large decimals to hex to mask the wallet address of the attacker. This complicates the task of the victims to know where their money goes.

Q5. How come people get duped into buying these crypto-trading bots?

Individuals become the victims of these frauds because of the growing complexity of cryptocurrency ecosystems, inability to deeply examine the functioning of the tools, and emotional appeals such as the fear of not getting a chance to become a part of profitable opportunities. The presence of the apparent legitimacy of YouTube channels and testimonials also forms a strong illusion of legitimacy.