- Token-based on Ethereum MASK is a honeypot fraud, not a governance token of Metamask.
- Several cryptocurrency enthusiasts have reported a fake token called MASK that imitates MetaMask’s much-anticipated governance token.
A scam employing the much-anticipated MetaMask airdrop has resulted in the theft of hundreds of ETH, thus another lesson in looking before leaping. Rumors of a MetaMask airdrop had been circulating for some time, and a group of scammers preyed on people awaiting the release by duping DeFi tools site DexTools into believing their bogus MASK token was legitimate, leading to victims purchasing the token in droves before it was proved to be a scam.
Holder ETH is reporting on a new honeypot project right now. To be clear, this is a token that can only be purchased, not sold. Or, to put it another way, this is a ruse posing as MetaMask’s governance token, MASK, which has not yet been published.
A screenshot of the transaction history of an Ether holder who bought MASK for 22 ETH (almost $88,000) and was unable to sell it was shared by Twitter user @lindyape. The true number of victims of this scam, according to Etherscan, could be closer to 400. “MaskDAO” issued the token, and the website was registered on December 27.
Some dealers appear to be able to make a sale in the first few hours. However, as the situation worsened, many began to realise they had been duped.
Given the popularity of the platform and the potential value that could come for users, the MetaMask airdrop is one of the most eagerly awaited in the crypto sector. A bunch of scammers utilised the excitement surrounding the MetaMask airdrop, as well as some coding expertise, to create a phoney MASK token, according to Twitter user @cobyNFT:
DexTools contains “faulty coding,” according to @cobyNFT, which allowed scammers to inject code into the title and description on the website, which was then executed, resulting in the token displaying a “verified” status. This led some to believe that the MetaMask token had finally arrived. Following the fraudulent token creation, which was ultimately discovered to be a honeypot, $1 million worth of the token was acquired, with sells locked so that the tokens could not be redeemed in any way.
After $1 million in liquidity was pumped into MASK, the sell option was locked, according to Mr. @cobynft. Automatic analytic systems currently classify the token as a “honeypot” because of a line in its code that prevents it from being sold.
DexTools is yet to comment on what appears to be a security failure on their end, but the victims should have been sceptical of the MetaMask token given that they had to buy it rather than receive it as part of the anticipated airdrop.
What are Honeypot Scams?
Modern blockchains, such as Ethereum, allow for the execution of smart contracts, which are programmes that run over a decentralised blockchain network. Smart contracts are becoming more popular and valuable, making them a more appealing target for attackers. Several smart contracts have been discovered to be insecure in recent years, and attackers have taken advantage of this. However, a new trend toward a more proactive strategy appears to be gaining traction, with attackers no longer looking for susceptible contracts. Instead, they try to trick their victims into falling into traps by sending out contracts that appear susceptible but contain hidden traps. Honeypot contracts are the most popular sort of contract.
Honeypots are smart contracts with a design flaw that allows an arbitrary user to drain Ether (Ethereum’s native currency) from the contract if the user pays a specific amount of Ether to the contract ahead of time.
The goal is for the user to focus solely on the obvious flaw and disregard any indications that the contract has a secondary flaw.
Honeypot assaults work because people are routinely duped, just as they are in other types of fraud.