Gandalfs Scam Report Vol. IV: Crooks Treated Gently

This morning I was reading news on bitcoin.com, and I was shocked when I found a press release with the headline You Can Now Earn 200% on Your investments with ETHx2.io. That is a phenomenal profit, and what is EYHx2? It got my undivided attention, and I started to read their just released newsflash.

Bitcoin.com was the best crypto news site of the year 2019, and it is one of the cornerstones of information sources in the cryptocurrency world.

So it came quite behind the trees when I realized there is a scam project in their press releases. That revelation gave a thought to my mind instantly, how the fu.. this was possible? The first thing I did was inform the press of the news giant.

ETHx2 fked up their moment in the press release because their website is full of mistakes and lapses. They are so numerous that I have to write a sequel to this blog post if I mention all of them. So here comes the best few, in my opinion.

There was a link to etherscan.io, a good thing usually when examining a site, but not in this case. When checking the contract section, the yellow warning tells possible bugs. You cannot have them in audited code. After that, I checked the place where the contract security audit should be, and there was nothing, KABOOM. The last evidence is the “safeguardFunds” function, in the actual contract source code, that they can use to withdraw all the assets.

After the etherscan, the audition part deserves checking. When following the link to the audits company webpage, the truth hits me again straight to the face; smartauditpro.com is fake too. The only good thing about it was that it was even a worse quality site than their etherx2 friends have.The company claims that they have made 60 audits, but not even one leads anywhere when backtracking the links.

Talking about the audits, sometimes even multiple audits cannot find the actual vulnerabilities. It happened with harvest.finance, the company that I mentioned in the last blog post. The flash loan based market manipulation fraud hit the platform and topped up its masterminds wallet by 24 million USD. If you want the full details of this incident, here is an astoundingly excellent and accurate blog post of it…