An analysis conducted on behalf of WIRED by crypto auditing firm Hacken identified red flags in the token’s underlying code that, in some circumstances, could reveal a scam. These included the absence of a feature that would prevent the issuer from stealing the set of reserved tokens to enable trading in the secondary market, among others.
Suspecting that he has been the victim of a scam, Ryan has tried to warn others. “Even though $750 is a lot to lose, it wouldn’t be the end of me,” he says. “But I feel bad for those who really lost.”
WIRED did not receive a response to a request for comment sent to email aliases listed on Rebel Satoshi’s website.
The type of scam Ryan suspects he has been caught in is known as a token pre-sale scam. The format has been around for a while, but amid the FOMO that comes with skyrocketing cryptocurrency prices, people are particularly vulnerable. “These scams are largely related to recent events,” says Ben-Natan. “They are not new phenomena, but they are resurfacing.”
There are variations on the theme, Ben-Natan explains, but the scams tend to follow the same playbook. Typically, the developers, who remain anonymous, invest in brilliant social media marketing and paid placements in crypto media, advertising their token as the next successful memecoin and promising a discount to pre-sale investors. In some cases, the token never materializes and scammers make off with the funds. In others, scammers abandon the project after selling their own token holdings or fail to deliver on the promise of long-term support.
In the latter scenario, as with Rebel Satoshi, the line between a scam and a failed project is not always clear. And sometimes, because of the large sums of money involved, “something that wasn’t initially a scam can later turn into a scam,” Ben-Natan says. “As time goes on, the line can become more blurred.”
These scams are largely carried out by sophisticated cybercriminal groups, Ben-Natan says, not lone actors. A “microeconomy” has formed around him, according to him, in which separate parties could be responsible for managing different elements of the charade, from the marketing campaign to the website design, etc. The largest of these operations can raise hundreds of millions of dollars. “The numbers are staggering,” says Ben-Natan.
For anyone willing to look for them, the warning signs are there, says Dyma Budorin, co-founder of Hacken. It’s easy to check if creators have revealed their identities, for example, or if there’s a system in place that prevents them from dumping your funds without warning. But in their eagerness to quickly undertake new projects, few investors worry about due diligence. “It all comes from greed,” Budorin says.
In extreme cases, profit-hungry investors have resorted to using “sniper bots” to automatically purchase tokens when they begin trading on the open market, Budorin says, in a bid to get in early. Others engage in copy-trading, a process by which they blindly replicate someone else’s trades, so they don’t have to do their own research. Both techniques increase the likelihood that someone will be exposed to a scam.