The main clown of the month - utushkin vladislav 🤡
Somebody maybe heard about his $MDAO token.
A month ago he deployed his first meme token on #TRON blockchain - $MWD.
Just look at how he whines that others sell his token!
And now look at the #ARKHAM graph - absolutely every top_trader_wallet is his team's wallet!
Deployer address:
Deploy transaction:
https://tronscan.org/#/transaction/f9a4aca039c234867d0cf911267f6d3fe7a61bb9766705700e32977e8a5c6d04
Here is his main wallet that spreads all tokens:
Thank you for your attention and stay away from such teams❤️
Somebody maybe heard about his $MDAO token.
A month ago he deployed his first meme token on #TRON blockchain - $MWD.
Just look at how he whines that others sell his token!
And now look at the #ARKHAM graph - absolutely every top_trader_wallet is his team's wallet!
Deployer address:
TWcE6EgRDKJ8YDJUHjqPFpDMiW5p1rCnE3Deploy transaction:
https://tronscan.org/#/transaction/f9a4aca039c234867d0cf911267f6d3fe7a61bb9766705700e32977e8a5c6d04
Here is his main wallet that spreads all tokens:
TR5rHUYStVUTKEANyBYxSKrAnWucZCRUMGThank you for your attention and stay away from such teams❤️
3🔥28👍7🤣4👏2😁1😱1
This media is not supported in your browser
VIEW IN TELEGRAM
Crystal labels certain addresses as affiliated with Garantex (on the sanctions list since 2022) without sufficient grounds.
Due to this erroneous labeling:
- the address acquires a "toxic" status.
- the owners of such wallets face accounts blocks and loss of funds.
I have examined the addresses labeled as "sanctioned" by Crystal.
Here is a list of them:
Fact: "clean address = clean address".
Crystal: "clean address = dirty address".
These inconsistencies occur because Crystal, along with their distributor AMLBot, use heuristic algorithms to identify and label wallets. As a result, the risk score of all addresses that have ever interacted with the above addresses increases, creating a chain reaction for many other addresses.
And now look at this -
I decided to verify the addresses using Chainalysis:
All of the above addresses are clean according to Chainalysis data. This can only indicate significant discrepancies in the methodology and practice used by Crystal's analytics tools, which in turn calls into question the validity of their conclusions and the objectivity of their assessments.
«flip-flop»:
Crystal periodically changes their labeling and classification results for addresses.
For instance,
Incorrect asset-tracing:
Crystal applies a tracing method where the risk assessment of transactions is based not on the analysis of specific assets but on the information of the counterparty's wallet, leading to unjustified inclusion of wallets in high-risk categories.
So is it legal to use Crystal's data in compliance procedures?
Due to this erroneous labeling:
- the address acquires a "toxic" status.
- the owners of such wallets face accounts blocks and loss of funds.
I have examined the addresses labeled as "sanctioned" by Crystal.
Here is a list of them:
TAeCrsR72ddqMeK36fpEuYs95fA2yfyrZY
TT7Z5ArWR4gj529xuyuJVKALQmgz9thipS
TK6TsZG3MeCuF9E3em6YUiHSyR1u63qMSg
TMMFhKb5x5nCNsH3RwbybG3iAAi88RqEW2
TQ1893St9QCY3kKuhZi4pRcXwn6wfUEPRM
TGYQYSE3F9bZuZiyBrYompgnGd4YZaqPwF
TQLwer9H3XbWBEtwuN74d3HU678qb5p5Xx
TNTWf81sNBJ3DFgjehw9L1o8qnP8M45JXR
TVTREz6W7mEFVM6DLyfibSquh67NbCn1pq
TAF4VCN3dWp9u3mHjDb5F41DtFjCqPPCwH
TML1dGHoqqybyxpF3ezNyi6Ups86E6Wt7q
TQUba8ue3iFm2SZyah8MMUAyYD5jerJ2Nb
TQkaTDR9nzT3Dwct2ntfzxKJKCpkmG2UF1
TAE6oEjM7dAzQik3zGRvAkSJTQNmwBrGZb
TDG5vLdAEFUjdPnmDP3imcGYVteyaxgvRp
THUCv6VATnahtbBBvHuisBDyrksXpaT3fn
TRpDzYzDrrYPm4Q1vNBU8XVZxqywVRFFfD
TABJBUsPYiKhGh4mV9HJ3ucrvb6QwXpXBo
Fact: "clean address = clean address".
Crystal: "clean address = dirty address".
These inconsistencies occur because Crystal, along with their distributor AMLBot, use heuristic algorithms to identify and label wallets. As a result, the risk score of all addresses that have ever interacted with the above addresses increases, creating a chain reaction for many other addresses.
And now look at this -
TQ1893St9QCY3kKuhZi4pRcXwn6wfUEPRM continues to actively interact with Binance, freely sending and receiving crypto - so is Crystal's data reliable?I decided to verify the addresses using Chainalysis:
All of the above addresses are clean according to Chainalysis data. This can only indicate significant discrepancies in the methodology and practice used by Crystal's analytics tools, which in turn calls into question the validity of their conclusions and the objectivity of their assessments.
«flip-flop»:
Crystal periodically changes their labeling and classification results for addresses.
For instance,
TRpDzYzDrrYPm4Q1vNBU8XVZxqywVRFFfD and TABJBUsPYiKhGh4mV9HJ3ucrvb6QwXpXBo were reclassified from Garantex to other entities - Crystal confirms the unreliability of their previous conclusions.Incorrect asset-tracing:
Crystal applies a tracing method where the risk assessment of transactions is based not on the analysis of specific assets but on the information of the counterparty's wallet, leading to unjustified inclusion of wallets in high-risk categories.
So is it legal to use Crystal's data in compliance procedures?
9🔥67👍29❤10😱6😁1🤯1
NexFundAI deployer = FBI?
Recently all mass-media started publishing the following: "The FBI created a token...".
Do not trust such info and always DYOR!
Onchain metrics show that the whole "project" was actually created by serial deployer - so has FBI been manipulating tokens for 2 months or $NexFundAI was deployed by Gotbit?
Deployer's address:
OKX deposit:
Recently all mass-media started publishing the following: "The FBI created a token...".
Do not trust such info and always DYOR!
Onchain metrics show that the whole "project" was actually created by serial deployer - so has FBI been manipulating tokens for 2 months or $NexFundAI was deployed by Gotbit?
Deployer's address:
0x9CBA04BAB29EBDfD2175e30c545B8e21537095f6 OKX deposit:
0xe67C443fEcdFb577AA34cD1d060b9B1F2DC8E95C2🔥18❤6🤣4👍2🤔2😁1
What if $VUSD was created as exit liquidity for exploiters?
On Sep-26-2024 06:28:23 PM UTC, a vulnerability in the uniBTC smart contract was exploited.
Here are some of reported addresses:
As we see they are smart enough not to expose all of their wallets onchain. So let's piece together some facts.
On Aug-20-2024 $VUSD was minted.
On Sep-26-2024 $VUSD & @OnyxDAO got exploited.
Wallets that bought $VUSD on the market just got blacklisted. Do they have to pay for this?
Main figures:
The interesting thing is that $VUSD top2 and top3 traders are «OnyxDAO Exploiter 1» and «uniBTC Exploiter 3».
And the top1 trader is
Etherscan, Bedrock_DeFi, pay attention to these wallets.
I see that you've already asked the exploiters to return $uniBTC in several IDMs. And they returned about 5 $uniBTC (photo 4) - good job!
P.S.
Do not trust such beautiful addresses:
Suckers:
On Sep-26-2024 06:28:23 PM UTC, a vulnerability in the uniBTC smart contract was exploited.
Here are some of reported addresses:
0x0000000000004F3D8AAf9175fD824CB00aD4bf80- uniBTC Exploiter 30x680910cf5Fc9969A25Fd57e7896A14fF1E55F36B- OnyxDAO Exploiter 10x7d522f67268F1C46D888fe083aAa86f784B9d082- uniBTC Exploiter 16
...
As we see they are smart enough not to expose all of their wallets onchain. So let's piece together some facts.
On Aug-20-2024 $VUSD was minted.
On Sep-26-2024 $VUSD & @OnyxDAO got exploited.
Wallets that bought $VUSD on the market just got blacklisted. Do they have to pay for this?
Main figures:
0x0BFFDD787C83235f6F0afa0Faed42061a4619B7a- VUSD CA.0xeE894c051c402301bC19bE46c231D2a8E38b0451- oVUSD CA.0xfD47f6879ccBAe84009F367E3e0c54dc2D435500- VUSD manipulator.0x3546502606e0e9B70636CCe43E1844288C6D44aA- VUSD manipulator.0x4e1266c7A132DdEd71c9A4Ee74f4CA79C75c125d- oVUSD deployer - funded by 0x35…44aA.
The interesting thing is that $VUSD top2 and top3 traders are «OnyxDAO Exploiter 1» and «uniBTC Exploiter 3».
And the top1 trader is
0xfD47f6879ccBAe84009F367E3e0c54dc2D435500 - sold 1M$. This wallet is also funded by «OnyxDAO Exploiter 1» and still isn’t reported by anyone. Etherscan, Bedrock_DeFi, pay attention to these wallets.
I see that you've already asked the exploiters to return $uniBTC in several IDMs. And they returned about 5 $uniBTC (photo 4) - good job!
P.S.
Do not trust such beautiful addresses:
0x0000000000004F3D8AAf9175fD824CB00aD4bf800x666666665931f8739817e22A0B7CE7F9EFf53f3E0xffffFffff5862f0229585e548973E0E556EFf0030x00000000009e560932B2D1B4161c7ccD7F5c1FAb0x00000000009819dbAA100eD113b04B1B256B70d70x000000000050E65abd53CD9a4D9b9500e209A3bC0x0000000000429ea06331427cdEEB4884ae0432450x000000000029A517b824E91d083B7ac864cf0C5E0x000000000023599274812F77725FbE7a8b4bdd47
Suckers:
0x39b19E50A59b9739DfD2C4F259E8ee1b8E6d6BEC- Match Systems0x6fA35c5b8661041e6360f385a5CffB7ADE6fFc8a0x04655832bcb0a9a0bE8c5AB71E4D311464c97AF50x7C099f625208a5A7C7fAc328e71b871350A763a0- fake OnyxDao0xfdE1cB0c3522451705d9c64A74994801Fe8aF4Cd- fake OnyxDao
5🔥15👍7👏2🤯2🤔1
«Address Poisoning Attack» - a scammer sends a small transaction from a lookalike address, "poisoning" the victim’s transaction history hoping they’ll later confuse the scam address with a legitimate one and mistakenly send funds to it.
An illustrative example in the photo 1 and 2.
I found a team of attackers.
Just look at the graph (photo 4) - how they transfer crypto through their beautiful (generated for fun) addresses. Looks like they wanna play with investigators by doing this.
One of this team’s victims mistakenly sent 120k$. (photo 5)
They swapped this amount to another address and then just spent this amount on gas!
They continue scamming people and freely withdraw crypto through centralised exchanges. I think AML companies should not ignore such type of scammers.
Please be careful and always verify addresses before sending❤️
An illustrative example in the photo 1 and 2.
I found a team of attackers.
TNHVbnChAbF9eBo6KEH1rEnKDHu7ubYUno - this wallet spreads dust via generated wallets for poisoning. You can see its behaviour in the photo 3. TERdzps2cNDodTbHw8jLGEYMpWgKJyVggo - this address accumulates crypto and funds main attacker. Just look at the graph (photo 4) - how they transfer crypto through their beautiful (generated for fun) addresses. Looks like they wanna play with investigators by doing this.
TJS9sePdyCtdqbKrxbtcJVmi3333333333TRMRb39hmJpXmVREhi7JYz3eWWWWWWWWWWTNjRaJ4SY3Srupr2fwWc6PXp7777777777TReKoU2hLbsiCUQ6q2SQi22RR555555555TArHkKaQUMxok9mYr7RaRTA8UUUUUUUUUUTTTU7epiomWB2CUKxwsEYRQSafffffffffTHPfn4MYx3XXNG16SddicBxGVVVVVVVVVVTNMXH7rbpaR3cPzCfr4DaAQg6QQQQQQQQQ
One of this team’s victims mistakenly sent 120k$. (photo 5)
They swapped this amount to another address and then just spent this amount on gas!
They continue scamming people and freely withdraw crypto through centralised exchanges. I think AML companies should not ignore such type of scammers.
Please be careful and always verify addresses before sending❤️
2🔥16👍5👏4❤1😱1
- How to keep a 100% win rate in trading memes on Solana?
- There’s no way, but…
Launch pattern:
1 - deploy 10B tokens.
2 - add liq 10B tokens + 0.1 $SOL.
3 - buy 99.98% of supply.
4 - spread supply to 200 wallets.
5 - attract purchases by manipulating volume, burning LP…
6 - rug.
They create new wallets for each project, but they do not change these 3 addresses:
They always buy 99.98% of supply for 500 $SOL from these wallets. (Sometimes 100+160+240, sometimes 1+210+290.)
The victims are swing trading bots, narrative bots, copytrading bots and just traders.
According to gmgn.ai data, they managed to earn about 60M$ dollars, but in fact, they are withdrawing their own money through sales (+ victims’ money).
So if they earn about 200-250 $SOL per project (after tx fees), thier total PNL from about 100 projects = 5M$
Moreover, this team keeps reinvesting scammed money to their launches. Good job!
I have only 3 questions now:
- Where is AML in solana blockchain?
- Should Jito Labs permanently ban all addresses associated with this team?
- Have you missed my investigations these 2 months?❤️
- There’s no way, but…
CRBYGyfcRSiwcpUr4qxbVeR7MDNb32mkhxxzFAN7iinS - here is a team found a way to attract organic purchases for their scam tokens on #solana blockchain. Launch pattern:
1 - deploy 10B tokens.
2 - add liq 10B tokens + 0.1 $SOL.
3 - buy 99.98% of supply.
4 - spread supply to 200 wallets.
5 - attract purchases by manipulating volume, burning LP…
6 - rug.
They create new wallets for each project, but they do not change these 3 addresses:
CRBYGyfcRSiwcpUr4qxbVeR7MDNb32mkhxxzFAN7iinS- main team wallet.dQSv6D61bxtUTd6oqSzsUgydxwCCQpGuRgQgsN59WVBHQP6MYaRDU4st131yaZFDR3x9N58ka4TCAUjcvSSpuQw
They always buy 99.98% of supply for 500 $SOL from these wallets. (Sometimes 100+160+240, sometimes 1+210+290.)
The victims are swing trading bots, narrative bots, copytrading bots and just traders.
According to gmgn.ai data, they managed to earn about 60M$ dollars, but in fact, they are withdrawing their own money through sales (+ victims’ money).
So if they earn about 200-250 $SOL per project (after tx fees), thier total PNL from about 100 projects = 5M$
Moreover, this team keeps reinvesting scammed money to their launches. Good job!
I have only 3 questions now:
- Where is AML in solana blockchain?
- Should Jito Labs permanently ban all addresses associated with this team?
- Have you missed my investigations these 2 months?❤️
2🔥21👍6❤2🐳1🦄1