Published: February 26th, 2025
In the aftermath of the LIBRA meme coin scandal, a grift so impressively executed that it fooled Argentina’s sitting president, a new breed of cyber thieves is adapting on the fly and targeting automated trading bots with a new type of attack.
In a roundtable discussion at the Consensus event in Hong Kong on Tuesday, CertiK CSO Kung Lee unveiled an analysis of how deceptive smart contracts are being created that target the bots themselves.
Sophisticated criminal networks can now create fake tokens with hidden vulnerabilities, he said, ’tricking the cybersecurity measures built in to AI-powered trading bots’.
Called smart contract sniping, the method hijacks bots’ ability monitor on-chain activity, detect newly launched tokens, and then execute trades before humans can get in on the action.
Operating at AI-driven hyperspeeds becomes both a commercial benefit and a security weakness, as the focus on placing trades the moment liquidity becomes available means security risks might be overlooked.
Automated trading bots or ‘snipers’ have been around for a while. They can see when a decentralized exchange reaches liquidity for a given token, enabling crypto traders to open a position and trade it instantly before the wider market clues in. The arrival of AI gives the bots added speed and computational heft, but may also have created new ways to exploit them.
Last week Hayden Davis, one of the strategists behind LIBRA, said meme coin projects have become a ‘zero-sum’ game where only a few can really profit.
Speaking to the Cofeezilla podcast, he said meme coins had all become ‘extractive to some extent’ and offer little real value.
‘Professional sniping bots are used in all the launches, front-running each token and loading up before the launch date is even made public.’
Back in 2022, Britain’s Financial Conduct Authority (FCA) released data that showed a 200 per cent increase in reported cryptocurrency scams between March 2020 and April 2021.
In March of 2021 alone, the FCA received 175 tip-offs relating to possible cryptocurrency fraud attempts. A year later, the number had jumped to 568.
The FCA also expressed concern about Binance and its operating model, and worried that the spike in fraud reports could be down to the changing profile of an average crypto investor.
‘Young people are twice as likely to choose high-risk investments as the overall adult population,’ the FCA said in a statement. ‘Some 46 per cent of cryptocurrency investments and 34 per cent of crowdfunding rounds are owned by people under the age of 35.’
Over the past 12 months, there’s been a clear pattern of FCA enforcement actions that treat crypto as a consumer protection issue.
In January, the regulator issued a warning to the public about the risky nature of cryptocurrency investments.
“Buying into cryptocurrencies or crypto-backed investment vehicles typically comes with a high degree of investor risk. Any consumer investing in crypto products and services could potentially lose their entire investment.”
The FCA went on to list five key risks it had identified in crypto investments, including weak consumer protections and extreme price volatility that would put inexperienced investors at a high risk of losses.
In addition, the FCA said the technical complexity of crypto assets, unique charges and fee structures, plus marketing materials with unsubstantiated claims as inherent risks for the crypto investment space.
‘Consumers need to know the risks and take on board that high-return investments based on crypto assets could wipe out their purchases or trading positions’.
The watchdog has also taken umbrage at the behaviour of global crypto exchange Binance and its UK subsidiary, Binance Markets Limited (BML). The FCA published a warning to investors about BML in July, then doubled down in August, saying the firm was skirting UK regulatory law and may be incapable of staying inside Britain’s regulatory framework due to its decentralised nature.
In August of that year, The FCA said Binance had refused to comply with demands for information about its operating model, including basics like a UK postal address. Because of its intransigence, the FCA said BML is ‘not capable of being supervised.’
Issuing a supervisory notice required in advance of enforcement action, the FCA said it’s ‘treating the organisation’s non-responses as direct refusals to deliver the required information. These include hiding simple details about how the business is organised’.
Binance has also resisted explaining in clearer detail how UK customers can purchase products or identify the legal entity responsible for Binance’s web domain, binance.com.
The regulator’s supervisory notice emphasises the FCA’s frustration with Binance’s attempts at obstruction.
‘Based on communications with the business to date, the FCA considers Binance in breach of UK finance law. This is especially worrying given the firm’s membership in a global Group which sells high-risk and technically complex financial products.’
The entity known as BML was previously called EddieUK, an investment firm licensed to operate in the UK since August 2018.
Binance bought EddieUK in April 2020, inheriting the license and necessary operating permissions from the FCA.
The FCA says Binance declared an intention to offer only regulated services and assets to investors; however, it was still out of compliance when the FCA issued its original consumer warning in June.
While the UK’s crypto fraud spike was being publicised, on the other side of the world, a notorious crypto fraudster received a harsh prison sentence and fine for defrauding unsuspecting investors.
Australian Stefan He Qin was sentenced to seven and a half years in prison and will have to pay a penalty of USD 54 million for his role in a scam that saw more than a hundred people defrauded of USD 113 million.
In his freshman year at university in 2017, Qin launched a hedge fund called Virgil Sigma Fund. It promised investors returns of up to 500 per cent based on an algorithm Qin named Tenjin, which could, he claimed, find opportunities for arbitrage by buying and selling cryptocurrencies across different exchanges.
