Scammers Get Scammed as DogWifTools Gets Exploited for $10 Million
![Scammers Get Scammed as DogWifTools Gets Exploited for $10 Million](/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2F6oftkxoa%2Fproduction%2Fa560b8e11a84541a59109ebb3621b16ff67cb118-1555x875.png&w=1200&q=75)
The tables were turned on memecoin scammers today as DogWifTools, a token bundling tool commonly used for malicious memecoin launches, was exploited and drained millions from its users.
The exploit extended beyond just hot wallets, as the malicious actors infiltrated users' devices, stealing funds from hot wallets, cold wallets, and even centralized exchanges, leading to more than $10 million being stolen overall.
DogWifTools is used to bundle token launches and automate market-making.
Bundling is a process through which a single entity automates multiple wallets to snipe small amounts of a token the entity is launching. This process is used to mask supply control and is commonly used by scammer groups for memecoin launches.
Bundling allows groups or individuals to obtain large portions of a token’s supply across many wallets, making it more difficult for the average user to understand that there is a supply concentration. Many bundled launches are designed to trick users into thinking the token is safe, while the single entity dumps its supply on unsuspecting buyers. This scam method is also commonly referred to as farming.
It is being reported that the tool installation had been keylogging users’ hardware devices to gain access to their private keys, email credentials and passwords. Some users even reported that the hackers used personal ID pictures stored on their computers to create false centralized exchange accounts in the victim’s name to cash out user funds.
A member of the DogWifTools team addressed the situation in the Discord server and said, “A malicious third-party actor gained unauthorized access to our GitHub repository through a GitHub token. We believe they were able to get this token by reversing our compiled software.”
Despite the loss of funds, crypto Twitter was quick to kick the victims while they were down, considering the use case for DogWifTools.
Onchain sleuth ZachXBT was quick to chime in, “Hopefully the hackers leak an entire db with info of the users (scammers).”
Related Posts
Advertisement
Get an edge in Crypto with our free daily newsletter
Know what matters in Crypto and Web3 with The Defiant Daily newsletter, Mon to Fri
90k+ Defiers informed every day. Unsubscribe anytime.