Towards Understanding and Characterizing the Arbitrage Bot Scam In the Wild-Reference-Cited by-同舟云学术

Towards Understanding and Characterizing the Arbitrage Bot Scam In the Wild

Published:2023-12-07 Issue:3 Volume:7 Page:1-29
ISSN:2476-1249
Container-title:Proceedings of the ACM on Measurement and Analysis of Computing Systems
language:en
Short-container-title:Proc. ACM Meas. Anal. Comput. Syst.

Author:

Li Kai¹^ORCID,Guan Shixuan¹^ORCID,Lee Darren¹^ORCID

Affiliation:

1. San Diego State University, San Diego, CA, USA

Abstract

This paper presents the first comprehensive analysis of an emerging cryptocurrency scam named "arbitrage bot" disseminated on online social networks. The scam revolves around Decentralized Exchanges (DEX) arbitrage and aims to lure victims into executing a so-called "bot contract" to steal funds from them. To entice victims and convince them of this scheme, we found that scammers have flocked to publish YouTube videos to demonstrate plausible profits and provide detailed instructions and links to the bot contract. To collect the scam at a large scale, we developed a fully automated scam detection system namedCryptoScamHunter, which continuously collects YouTube videos and automatically detects scams. Meanwhile,CryptoScamHunter can download the source code of the bot contract from the provided links and extract the associated scam cryptocurrency address. Through deployingCryptoScamHunter from Jun. 2022 to Jun. 2023, we have detected 10,442 arbitrage bot scam videos published from thousands of YouTube accounts. Our analysis reveals that different strategies have been utilized in spreading the scam, including crafting popular accounts, registering spam accounts, and using obfuscation tricks to hide the real scam address in the bot contracts. Moreover, from the scam videos we have collected over 800 malicious bot contracts with source code and extracted 354 scam addresses. By further expanding the scam addresses with a similar contract matching technique, we have obtained a total of 1,697 scam addresses. Through tracing the transactions of all scam addresses on the Ethereum mainnet and Binance Smart Chain, we reveal that over 25,000 victims have fallen prey to this scam, resulting in a financial loss of up to 15 million USD. Overall, our work sheds light on the dissemination tactics and censorship evasion strategies adopted in the arbitrage bot scam, as well as on the scale and impact of such a scam on online social networks and blockchain platforms, emphasizing the urgent need for effective detection and prevention mechanisms against such fraudulent activity.

Funder

Ethereum Foundation

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Hardware and Architecture,Safety, Risk, Reliability and Quality,Computer Science (miscellaneous)

Link

https://dl.acm.org/doi/pdf/10.1145/3626783

Reference62 articles.

1. 2023. Back-running. https://www.mev.wiki/attack-examples/back-running. (June 2023 ). 2023. Back-running. https://www.mev.wiki/attack-examples/back-running. (June 2023).

2. 2023. Blockchain Explorer By Bitquery. https://explorer.bitquery.io/. (June 2023 ). 2023. Blockchain Explorer By Bitquery. https://explorer.bitquery.io/. (June 2023).

3. 2023. BscScan: BNB Smart Chain Explorer. https://bscscan.com. (June 2023 ). 2023. BscScan: BNB Smart Chain Explorer. https://bscscan.com. (June 2023).

4. 2023. Cloud Translation API. https://cloud.google.com/translate/docs/reference/rest. (June 2023 ). 2023. Cloud Translation API. https://cloud.google.com/translate/docs/reference/rest. (June 2023).

5. 2023. CronoScan Developer APIs. https://cronoscan.com/apis. (June 2023 ). 2023. CronoScan Developer APIs. https://cronoscan.com/apis. (June 2023).