New Scam Token Bypasses Filters on Popular Trading Data Sites

Crypto security researchers are raising the alarm over a new kind of memecoin that is able to bypass scam filters on popular trading data sites that monitor scams.

A new scam crypto memecoin has been discovered that is able to bypass scam filters on popular trading data sites.

The token, which trades under the ticker REPUBLICAN, has a piece of code that lets its programmer withdraw tokens straight out of any crypto wallet holding them.

When traders swap Ether for REPUBLICAN on decentralised exchanges, the tokens they just bought are transferred away.

The code also gives its creator a nearly infinite balance of the token.

The malicious memecoin was first spotted by an X user called yourfriend_btc on Wednesday before being shared by other accounts.

It’s not clear how much the scammer has profited. According to Dex Screener, a popular trading data site, traders have bought and sold over $408,000 worth of the memecoin.

However, because the fraud is easy to replicate and difficult to spot, it may only be a matter of time before similar scam tokens claim more victims.

Backdoors are obscured

Usually, newly launched memecoins that contain malicious code aren’t an issue for experienced crypto traders.

Security tools can automatically scan the code of new tokens to check for traps.

But three such tools on Dex Screener showed no issues with the REPUBLICAN token. However, Dex Screener cautions that such audits may not be 100% accurate.

“The industry has recently gotten better at quickly detecting these types of exploits using real-time monitoring solutions,” Lewellen told DL News. “Knowing this, scammers are now resorting to obscuring backdoors.”

To avoid detection, the person who programmed the REPUBLICAN token wrote extra snippets of malicious code in assembly language — a programming language that is used to communicate more closely with underlying machine code.

According to Lewellen, assembly language code is harder to interpret, making it more difficult to detect if it contains malicious properties.

In the past, malicious tokens have cost traders dearly.

In 2021, a scam token named after the Netflix show “Squid Game” stole $2.5 million from traders. The token contained code that prevented buyers from selling it so it could only increase in value.

Today, so-called honeypot tokens are less of an issue because security tools on sites like Dex Screener make them easy to spot.

According to Lewellen, monitoring solutions should be in place before too long to identify the assembly language obfuscation technique.

But he warned that scammers will get to work finding other, more creative ways to hide their intent.

Reach out with tips at tim@dlnews.com to Tim Craig, DL News’ Edinburgh-based DeFi Correspondent.