Ethereum News Today: Ethereum Drainer Bots Steal $902K Using Obfuscated Smart Contracts

Researchers have uncovered a sophisticated Ethereum-based scam in which malicious actors are using drainer scripts disguised as trading bots to steal cryptocurrency from users. These fraudulent tools operate by impersonating automated trading platforms and deploying malicious smart contracts that use obfuscation techniques—such as XOR operations, string concatenation, and large decimal conversions—to hide attacker wallet addresses [1]. Once a user interacts with the contract—often by approving a transaction—the drainer quickly siphons the user's assets, leaving little chance for reversal [2].

The scammers often use old YouTube accounts and strategically placed comments to build a false perception of legitimacy. These accounts frequently upload content unrelated to cryptocurrency to boost credibility and rankings, with some featuring AI-generated videos that mimic human narration and visuals. One particularly successful video, titled “MEV Bot tutorial” by @Jazz_Braze, garnered over 387,000 views and led to the theft of approximately $902,000 in EthereumETH--. The video was later made private following the start of the investigation [3].

Attackers distribute these fake trading bots through social media and video content, often presenting them as arbitrage or MEV (Maximal Extractable Value) tools designed to generate profit. However, the smart contracts are designed not to execute trades but to redirect funds to hidden attacker wallets. The stolen Ethereum is then distributed across multiple addresses—often 24 in total—to obscure the source and avoid detection [4].

The scam has been ongoing since early 2024 and has affected numerous victims. A recent campaign in April 2025 alone collected 7.59 Ethereum ($28,000), while another yielded 4.19 Ethereum ($15,000). The largest haul came from the @Jazz_Braze video, which siphoned 244.9 Ethereum into the attacker's wallet before the funds were moved in bulk transactions [5].

The tactics highlight the growing sophistication of crypto crime. According to reports, these drainer scripts are sometimes sold as “drainer-as-a-service,” allowing individuals with minimal technical skills to execute similar attacks [6]. This lowers the barrier to entry and increases the potential for wider adoption of these scams.

The threat exploits the complexity of Ethereum’s smart contract system and the trust users place in automated trading platforms. IBMIBM-- X-Force researchers have noted that these drainers are increasingly difficult to detect due to their advanced obfuscation and social engineering tactics [7]. Victims are often tricked into approving transactions they believe are for trading but are instead used to drain their wallets.

Analysts emphasize the importance of user education and vigilance. Users are advised to carefully review transaction approvals and avoid interacting with unverified smart contracts. As these attacks evolve, cybersecurity firms are working to raise awareness and provide guidance for users. However, the speed at which these scams are deployed presents a significant challenge for both developers and regulators [8].

Sources:

[1] Ethereum Drainer Trading Bots Steal Crypto (https://www.cryptopolitan.com/ethereum-drainer-trading-bots-steal-crypto/)

[2] Researchers expose Ethereum drainers posing as trading bots to steal crypto (https://coinmarketcap.com/community/articles/68949b11b84edf711c3cae24/)

[3] 409 Search Results for advisory - IBM X-Force Exchange (https://exchange.xforce.ibmcloud.com/search/%23advisory)

[4] Today's Top Cryptocrime News Stories (https://cybersecurityventures.com/cryptocrime/)

[6] How To Protect Yourself From Crypto Scams? (https://financefeeds.com/how-to-protect-yourself-from-crypto-scams/)