Roffet.eth found that some coins contained obscure, difficult-to-read code that allowed the developer to transfer user’s tokens to themselves.
Scammers are using a “trending” list on memecoin analytics site GMGN to lure in unsuspecting victims and steal their crypto, according to a Sept. 25 X post from security researcher Roffett.eth.
The attackers create coins that allow the developer to transfer any user’s tokens to themselves. They then pass the token back and forth between multiple accounts, artificially inflating its volume and placing it on the GMGN “trending list.”
Once the coin makes it onto the trending list, unsuspecting users buy it up, thinking it is a popular coin. But within minutes, their coins are swiped from their wallets, never to be seen again. The developer then redeposits the coin into its liquidity pool and resells it to another victim.
