Mysteries involving millions of dollars are displayed on a wall in Coffezilla's office until they are solved. Just like in a Sherlock Holmes detective novel, several red lines intersect with each other, connecting photos of different "suspects."
Coffezilla has 120,000 followers on Twitter. He calls himself a "cyber detective" and focuses on exposing scams in the fields of cryptocurrency, Web3.0 and DeFi (decentralized finance).
Over the past decade, cryptocurrencies have gone from a niche, fringe thing to an important part of financial markets and pop culture, with their market capitalization soaring from $5.4 billion to $1.8 trillion, according to statistics website CoinMarketCap.
Coffezilla exposed the scam on social media. It takes courage to dare to show your face | Picture screenshot from Coffezilla’s YouTube
Also booming are “scams”. Starting in 2021, the popularity of NFT, DeFi and other projects has made scammers and hackers smell "business opportunities." It seems that every other day, some famous collectors will have an NFT stolen, an anonymous developer will run away with the money, or an encryption project will be hacked away with millions of dollars – this is the B-side of Web3.0 today.
"Everyone keeps emphasizing how cryptocurrencies make the world a better place, but they don't talk about how the people at the bottom are exploited by them. There are a lot of scams in cryptocurrencies." Coffezilla described Web3.0 in an interview with VICE. "It's like the Wild West out there, and regulators are a little slow to catch up."
The uniqueness of Web3.0 gave birth to the profession of "Web3 Detective". For now, it appears to be better positioned to address investors' questions and concerns than regulators and cybersecurity companies. Coffezilla is not alone. There are more and more like him. They are active on various social media and have become an important part of Web3. They expose scammers and track down hackers, then publicize them to warn the public to stay away from them. You can also understand them as Web3 bounty hunters and counterfeiters, dedicated to giving netizens a "clear cyberspace."
01 Web3 Detective Rise
ZachXBT never shows his face or uses his real name, but his impact on Web3 and the crypto world is as important as Coffeezilla's. ZachXBT calls himself a "rug pulls survivor". The so-called rug pulls scam refers to the project team immediately taking the money and running away after raising funds. After being scammed, I started focusing on researching crypto scams. He has more than 200,000 followers on Twitter.
Unlike Coffeezilla, he has made a full-time job as a blockchain detective, making a living by trading cryptocurrencies and collecting donations from the crowdfunding platform Gitcoin. So far, he has exposed more than 30 crypto scams and the people involved in them on the Internet.
Unfortunately, these scams are always associated with celebrities.
For example, ZachXBT once exposed that rapper Gunna was involved in promoting a crypto scam; he also accused a YouTube blogger with 500,000 followers of calling on viewers to buy an altcoin called The Famous Token (TFT) during a live broadcast in early 2022. ZachXBT discovered that the token had been abandoned by developers in September 2021.
"It frustrates me why famous people with so many fans keep lying to their fans." ZachXBT was confused.
Molly White is a software engineer and crypto blogger who runs a Twitter account and website called "Web3 is going just great". The purpose of the website is to provide an archive of scams, hackers, and lawsuits in the Web3 world.
Molly White feels that there is "a lack of any consumer protection" in the Web3 ecosystem. Without the "critical" work done by ZachXBT and people like him, numerous scams would never have been exposed. Web3 is becoming more and more popular, there are more and more scams, and Web3 detectives are also emerging in large numbers.
March 15, 2022, New York, USA, an NFT vending machine | Image source: Visual China
According to technology channel Motherboard, Alessandro Ribeiro, the founder of the Rug Pull Finder social media account, began investigating Web3 scams as an independent detective after he fell into three rug pulls scams. In February this year, he registered Rug Pull Finder as a company and formed a team of 16 people. “In this way, it will be easier to establish business relationships with other institutions and companies.”
One of the reasons these Web3 sleuths exist, he said, is that the Web3 ecosystem relies on public blockchains, which allow anyone to view the activity of smart contracts, public Discord channels, and social media accounts.
"Web3 detectives have access to more information than other ecosystems. This means talented investigators can more easily uncover clues and expose scams," said Nick Bax, director of research at Web3 cybersecurity company Convex Labs. Convex Labs, one of the few cybersecurity companies in the crypto space, recently launched its first project called HonestNFT, which promises to audit "the fairness of NFT projects." It also sells its own line of NFTs, called "Vigilante NFTs."
Web3 vulnerabilities give Web3 detectives room to "flex their talents", and there are more than just ways to protect Web3. For example, artist and cybersecurity veteran Simona Panzica, in addition to tracking down clues of scammers or hackers and helping to recover stolen digital assets, she also does some fraud prevention-related education projects.
Panzica is aimed at NFT artists and collectors and has published a book dedicated to teaching cybersecurity. She also hosts Twitter Spaces and Clubhouse sessions to teach people in the community how to avoid becoming a victim.
Web3 detectives are often anonymous. Because they constantly expose other people's scams, they will inevitably be targeted by some "enemies". ZachBXT said, “It’s not nice to receive death threats, but I’m glad that there are many people who support me.” ZachXBT has received offers from some encryption companies, but he hopes to remain independent. “Working for any entity does not allow the same level of freedom and creativity.”
02 The formation of a scam
Celebrity endorsements have accelerated Web3's popularity, but are often the starting point for scams.
Many celebrities have endorsed cryptocurrencies: Matt Damon promoted Crypto.com, an app for trading cryptocurrencies. Tampa Bay Buccaneers quarterback Tom Brady and his wife Gisele Bundchen have advertised for cryptocurrency exchange FTX. Cryptocurrency bloggers on YouTube, TikTok, Instagram and Twitter often show off their lives filled with first-class flights, luxury suites, and top-notch swimming pools. They are trying their best to express: Cryptocurrency is an excellent way to get rich quickly.
Matt Damon stars in Crypto.com encryption company's commercial | Picture from commercial screenshot
Scam writers know how to influence the psyche of the masses. They know how to use more money to impress key people and key communication nodes who can influence the encryption circle.
A recent publication report circulated on the Internet, revealing how much it costs to retweet a tweet and publish an original tweet, ranging from a few hundred dollars to tens or hundreds of thousands of dollars. The list includes dozens of influencers, many of whom have profiles that say they are promoting a certain crypto project. They call themselves cryptocurrency promoters, KOLs, Web3 builders, and Crypto traders.
The content of these paid tweets is often exaggerated, and the text usually contains the following familiar words: "Millionaire maker!", "Led by two of the most transparent people in the cryptocurrency field", "Doubling every 36 days!", "Super high fixed annual return of 159,402.57%". ——Projects like this often end up running out of money. Coffeezilla said the ads make it seem like celebrities and influencers can make "easy money," but it turns out these people are often being taken advantage of.
“What’s most prevalent right now is the promotion of undisclosed ‘private placement’ projects by influential bloggers and celebrities on social media platforms such as Twitter, YouTube and Instagram,” he said when explaining how these scams work.
ZachXTB exposed such a scam not long ago. He found that behind 9 fraudulent NFT projects were 4 young Croatians, aged between 20-23 years old. In total, they "walked away" with $2.8 million.
ZachXTB exposed their names on Twitter. "It is obvious that these fraudsters have not fully understood the principles of blockchain and have left too many clues. These clues can eventually be traced back to them." He explained that due to carelessness (perhaps ignorance), they forgot to delete all traces and configuration files that might connect them to the project.
These fraud projects all claim to have great plans and prospects, creating a "big pie" for investors. They are constantly hyped in the crypto community and various social media to attract more novice investors, and then the project team disappears overnight with the money.
"The strategies used by scammers have been evolving. Placing false advertisements or directing users to copycat websites with similar domain names to actual products is more popular now," said a "white hat" from a security company.
In addition, hackers are also the hunting targets of Web3 detectives. In the past few months, hackers have targeted large cryptocurrency companies such as money-making games Axie Infinity and WonderHero, stablecoin Beanstalk, Poly Network, cross-chain bridge Wormhole, exchange Crypto.com, Multichain, crypto gaming company Vulcan Forge, BadgerDAO and crypto exchange BitMart, among others, profiting by directly stealing their accounts.
03 Smart contracts: the root of gaming
According to data from blockchain analytics firm Elliptic, DeFi protocols have lost $12 billion to date. A core issue is that there are inherent risks in the smart contracts that many cryptocurrency or DeFi projects rely on.
Smart contracts refer to highly complex self-executing code that exists on the blockchain. They're public, can't be deleted, and are difficult to change, which means you can't easily fix a vulnerability when you find it. Many crypto project initiators always want to build projects and smart contracts as quickly as possible to enter the market first, which also leads to more contract loopholes.
All software has flaws, but in the Web3 world where "code is law", this risk is magnified. Security in the crypto world is in "dire straits."
It's all fun until you lose $5 billion due to a software vulnerability, said Jennifer Fernick, senior vice president at cybersecurity firm NCC Group.
Jennifer Fernick said that another challenge of Web3 is that "many vulnerabilities in smart contracts come from external interactions with other smart contracts, so even if your application code is secure, if other applications you interact with have vulnerabilities, it can cause catastrophic losses."
And Web3 detectives exploit contract vulnerabilities to track down hackers and scammers. A white hat hacker revealed several simple investigation methods. He said that based on the "non-tampering", "transaction openness and transparency", "traceability" and other characteristics of blockchain technology, you can use the blockchain browser to view the wallet balance, transaction records, transaction-related fees, and the whereabouts of the money and other information; and then combine it with some open source intelligence tools to find relevant emails, social media information and other clues.
04 The future of “regulation”
"Get ready for an SEC enforcement onslaught," said one former SEC employee.
The SEC announced on May 3 that the U.S. Securities and Exchange Commission’s crypto enforcement team will double in size, bringing the division’s total headcount to 50 people, in order to deal with the growing crypto industry. The SEC renamed the division the “Crypto-Assets and Networks Division,” explaining that it did so to better protect investors in the fast-growing, scam-ridden and often unregulated world of cryptocurrencies. The unit will focus on investigating NFTs, decentralized finance (or “DeFi”) platforms, stablecoins, crypto assets and exchanges, as well as crypto asset lending and staking products.
