The report added that these scams have been active since early 2024 and constantly evolve through new videos and accounts.
These videos direct viewers to download smart contract code from external links. Once deployed, the contracts are programmed to drain funds directly from the user’s wallet.
This approach allows the perpetrators to rapidly produce scam content without hiring real actors, significantly reducing operational costs.
However, the most lucrative video uncovered by SentinelLABS—responsible for draining over $900,000—appears to have been created by a real person, not an AI avatar. This suggests that while automation enhances scalability, human-generated content may still drive higher conversion rates.
Meanwhile, SentinelLABS also found multiple iterations of the weaponized contracts, each using varying obfuscation techniques to hide attacker-controlled Externally Owned Accounts (EOAs).
While some contracts shared a common wallet address, many others used distinct destinations, making it difficult to determine whether the campaign is the work of a single entity or multiple threat actors.
Considering this, SentinelLABS warned that blending Web3 tools, social engineering, and generative AI presents a growing threat landscape.
The firm urged crypto users to verify all external code sources and remain skeptical of too-good-to-be-true trading bots—especially those promoted via unvetted YouTube tutorials
