Have you encountered any Rug Pull projects in the past year? Have you experienced the “buying at its peak” due to the promotion of KOLs? Or have you suffered losses due to rampant phishing attacks? Or have you bought a newly launched token on a top platform only to see it continuously decline?
It is estimated that many users have experienced at least one of these situations, which can be described as a reflection of the investment experiences and real feelings of the majority of ordinary investors in the past period of time:
Whether it is the security issues on the blockchain or the loss of assets, it is difficult for users to prevent them. Many common scams that were once common have even become industrialized. To put it bluntly, they have uprooted even the “leeks” themselves.
This article will take stock of the various scams that have emerged in the crypto world recently, and whether there are still opportunities for ordinary users to make money in the crypto industry. The “Fancy Ways to Lose Money” for ordinary users:
1) The industrialization trend of Rug Pull
First of all, the setup for Rug Pull scams has become more sophisticated, and the most outrageous example is ZKasino:
On April 20th, a community user compared the historical pages of ZKasino on the Wayback Machine and found that ZKasino deleted the sentence “Ethereum will be returned and can be bridged back at this point” in the Bridge funds section of its official website’s Bridge interface.
At the same time, users were unable to withdraw funds, the official Telegram channel of ZKasino was banned by administrators, and social media updates stopped. The total amount of funds scammed was more than $20 million.
But interestingly, just a month before in March, ZKasino had just announced that it had completed a Series A financing round with a valuation of $350 million. The specific amount was not disclosed, but several trading platforms and VCs participated…
In addition, projects in the zkSync ecosystem, jokingly referred to as “Rug Chain,” not only frequently experience security incidents, but also show a growing trend of capitalizing on hot topics and quickly harvesting funds. For example, the zkSync ecosystem’s DEX Merlin, which shares the same name, experienced a Rug Pull, affecting millions of dollars in funds.
It must be emphasized again that many projects in the zkSync ecosystem are indeed of varying quality. While participating in the zkSync ecosystem, everyone should remain vigilant and guard against risks at all levels.
2) Increasingly rampant hacker/phishing attacks
One of the most eye-catching cases in the field of blockchain security recently is the “same prefix and suffix phishing attack,” which seems to have become commonplace:
A whale address fell victim to a phishing attack with the same prefix and suffix address, resulting in a loss of 1155 WBTC, amounting to over 400 million yuan! Although the hacker chose to return the funds later due to various factors, it still revealed the extremely high risk-reward ratio of this phishing behavior, which can be described as “open once, benefit for a lifetime.”
Similar phishing attacks have also become industrialized in the past six months. Hackers often generate a large number of addresses with different prefixes and suffixes as a prepared seed library. Once a particular address has a fund transfer with the outside world, the hacker will immediately find an address with the same prefix and suffix in the seed library and call the contract to perform a related transfer, casting a wide net and waiting for a catch.
Since some users sometimes directly copy the target address from the transaction record and only check the first and last few digits, they become victims. According to Yu Xian, the founder of PeckShield, in the case of phishing attacks with the same prefix and suffix, “hackers are playing a game of probability, casting a net and waiting for volunteers to get caught.”
This is just a microcosm of the increasingly rampant hacker attacks. For ordinary users, in the colorful world of blockchain, both tangible and intangible risks have increased exponentially, while personal risk awareness is difficult to keep up.
Overall, various forms of attacks, such as on-chain, wallet, and DeFi attacks, as well as social engineering attacks, are emerging one after another, making DeFi security risks like an asymmetric one-way hunting: for technical geniuses, it is undoubtedly an inexhaustible free ATM, but for the majority of ordinary users, it is more like the sword of Damocles that may fall at any time. Besides being cautious and not easily participating in authorization, luck plays a significant role.
So far, phishing and social engineering attacks are the most common ways for ordinary users to lose funds in Web3. Moreover, due to the additional risk points of smart contracts, the problem is becoming more serious.
Behind every successful scam, there will be a group of users who stop using Web3, and without any new users, the Web3 ecosystem will have nowhere to go. This is also one of the most damaging points to the crypto industry.
3) Fancy Pump and Dump by KOLs
For most ordinary users, paying attention to the recommendations of various crypto KOLs on social media is an important source of alpha information.
This has led to the so-called “KOL Round” – as influencers with greater influence over secondary market investors, KOLs can even get shorter unlock periods and lower valuation discounts than institutional VCs. For example, not long ago, Monad Labs completed a new round of financing with a valuation of $3 billion, and insiders said that some industry KOLs were allowed to invest at a maximum of one-fifth of Paradigm’s valuation.
But can blindly following KOLs’ recommendations really guarantee profits? According to research by Harvard University and other researchers on about 36,000 tweets mentioning cryptocurrency assets published by 180 of the most famous crypto social media influencers (KOLs), covering more than 1,600 tokens, the findings were not as satisfactory as expected:
When KOLs recommend a certain token, the average daily (two-day) return rate is 1.83% (1.57%), and for crypto projects outside the top 100 by market capitalization, the average return rate one day after the recommendation is 3.86%. However, the earliest significant decline in returns occurred five days after the tweet was posted, with an average return rate of -1.02% from the second to fifth day. This indicates that more than half of the initial gains are wiped out within five trading days.
4) VC Tokens’ Continuous Decline after Listing
A high Fully Diluted Valuation (FDV) and low circulation supply VC token or a completely “meme” self-owned Memecoin, which one would you choose?
Recently, the market trend has started to change, and the meme frenzy has risen, driving the extreme prosperity of trading on Solana and Base chains. For example, PEPE, which has firmly established itself as the leader of the new generation of Memecoins, has reached historical highs. In the current market environment, besides short-term speculation, the demand for fairness represented by Memecoins has become a trend, and funds are voting with their feet.
In contrast, after a series of listings on top platforms recently, VC tokens with high FDVs have shown a continuous decline in their trends. Typical examples are AEVO, REZ, and even BounceBit’s token BB, the first project of BN Megadrop, which have closed almost every day with a downward trend since their listing, trapping the users who entered.
In comparison, discussions and doubts about Memecoins and VC tokens are inevitably becoming mainstream in the community again. Memecoins at least bring continuous incremental funds and attention, while the new projects with valuations of tens of billions of dollars are either oversized narratives or outdated conceptual products, which are bound to be despised by the community. This has sounded the alarm for VCs and project parties who are accustomed to path dependence.
Where to go for ordinary players?
In the previous article “Web3 Never Sleeps, Will the ‘Flourishing Era’ of the Crypto World Ever End?” it was mentioned, “What we love is not ‘Flourishing,’ but the era of abundant opportunities.”
I believe many friends in the crypto industry have thought about what they would do if they had the opportunity to go back ten years and participate in this wave of era. Hoard BTC? Become a miner? Establish another Bitmain? Or become an early employee of BN? The best choices seem endless, and the golden age of the past ten years in the crypto world has truly surpassed imagination, giving birth to one legend after another and creating industry giants.
In any case, the question of whether to make money or not is an eternal topic in the Web3 world and the lifeline of Web3 development.
When trading platforms, market makers, VCs, project parties, and KOLs all start to make money, but the majority of ordinary users continue to lose money, it indicates that the deep structural problems of the entire market have reached an abnormal level and are destined not to last.
As I said before, behind every “fancy way to lose money,” there may be a group of users who stop using Web3 products and turn to embrace Memecoins, which represent fairness and grassroots characteristics. This is a form of resistance where funds vote with their feet.
And until some Web3 applications truly establish a closed-loop value before, ordinary users will have “nowhere to go.” Of course, this may be a necessary “twist and turn” in the development of Web3, and the crypto industry is still moving forward in exploration.