Warning: Malicious Group Threatening Layer-2 Networks Exposed

The crypto sleuth ZachXBT has warned about a group of scammers who are attempting to lure more victims by using millions in stolen funds in a new scheme.

The investigation found that the same group who stole from projects like Magnate, Kokomo, Lendora, and Solfire is now back with a new project on Blast, Leaper Finance.

Multi-Million Dollar Rug Pull Scam Network

According to ZachXBT’s findings disclosed in a thread on X, the group has a history of executing rug pulls and is responsible for those that targeted users of Magnate ($6.5 million), Kokomo ($4 million), Solfire ($4.8 million), and Lendora.

“In the past they let the TVL grow to 7 figs before stealing all of users funds deposited to the protocol and falsify KYC documents + use low tier audit firms.” ZachXBT revealed

The group has expanded its operations across various blockchain networks, launching scams on platforms such as Base, Solana, Scroll, Optimism, Arbitrum, Ethereum, and Avalanche.

Community Alert: The group of scammers who stole 8 figs with Magnate, Kokomo, Lendora, Solfire, etc is back with a new project on Blast @Leaperfinance

Last week they funded an address on Blast with ~$1M of laundered funds from the previous rugs and have begun adding liquidity… pic.twitter.com/yqRKvZuuye

— ZachXBT (@zachxbt) April 14, 2024

ZachXBT also linked them to scams involving Hash DAO, Glori Finance, and ZebraDAO. Cumulatively, losses attributed to them exceed $20 million.

In a subsequent post referencing ZebraDAO, ZachXBT warned users to “Withdraw your assets immediately if you have funds deposited in this protocol.”

He further notes that the three scam projects are all Compound V2 forks, stating that an examination of the major GLORI stakeholders revealed that they added liquidity using funds obtained from the Crolend/HashDAO/HellHoundFi fraud.

Scammers Strike Again

In their most recent scam, the group has resurfaced with a fresh scheme involving Blast’s Leaper Finance. The alleged perpetrators reportedly injected nearly $1 million, acquired through previous scams, into a Leaper Finance address on the Blast network, boosting liquidity to entice unsuspecting victims.

Following the exposure of Leaper Finance’s ties to the scams, the group responded to ZachXBT, taunting the investigator while revealing a ‘token launch.’ “Nice work! My comrades here at Lazarus fear you yet admire you!” they stated, pointing to the notorious North Korean hacker collective known as Lazarus.

Update: Scammer started trolling before deactivating both Leaper Finance & Glori Finance X accounts.

All three websites for the projects mentioned are now offline as well. pic.twitter.com/Az1TLZDmMq

— ZachXBT (@zachxbt) April 14, 2024

Meanwhile, Leaper Finance and Glori Finance X accounts have been deactivated, and the websites associated with these projects have since been taken offline.

According to a report dated February 29 from Web3 security firm Immunefi, more than $200 million in cryptocurrencies have been lost due to hacks and rug pulls across 32 separate incidents during the first two months of 2024.

This represents a 15.4% rise compared to the corresponding period in 2023, during which $173 million in crypto was stolen.

The post Warning: Malicious Group Threatening Layer-2 Networks Exposed appeared first on CryptoPotato.