China-based blockchain security and audit firms PeckShield and SlowMist have warned Emerald Mine (EMD) users of a potential exit scam. EMD is an EOS DeFi mining project. According to SlowMist, the project contract emeraldmine1 has transferred user crypto tokens worth $2.5M to account sji111111111 and ChangeNOW. As these are user funds, they should be locked in a smart contract.
On Sep 8, the account sji111111111 received 787k USDT, 56k DFS, and 490k EOS from the emeraldmine1 DeFi account. Apart from this, 121,000 EOS moved to the ChangeNow cryptocurrency exchange.
Altcoin Buzz reached out to Pauline Shangett, CMO of ChangeNOW, to understand how they are handling the situation. According to Pauline Shangett, over 121k EOS has been moved to ChangeNOW. At the time of press, ChangeNOW managed to catch 135,020 EOS, worth $375,355. Furthermore, the team is now waiting for law enforcement requests so that they can start returning the funds to their rightful owners.
According to PeckShield, these stolen USDT tokens are now moving from sji111111111 to DeFibox and other platforms. DeFiBox is now working with SlowMist and other security companies to track these tokens. Meanwhile, Newdex, the largest EOS-based decentralized exchange, has been contacted to add account sji111111111 to the transaction blacklist.
When Altcoin Buzz tried to find more information about the EMD founders and team, we noticed that the EMD website is not accessible now.
Identifying a scam
According to Hive witness Luke Stokes, EOS users must never send money to non-multisig accounts. Stokes also believes that either someone hacked EMD or it just did an exit scam. He also warned NewDex exchange users that 3 of the top 4 tokens on EOS (based on 24-hour volume) have no multisig. These projects are Diamond Mine (DMD), Organix Protocol (OGX), and Corals (CRL). He did clarify that although the token contracts are not using multisig, the pool contracts for Diamond Mine and Corals are multisig. The pool contracts are where the funds are actually being held.
According to Stokes, this is irresponsible on part of the projects and missing a multisig can lead to potential scams. He advised EOS users to always check for multisig before they send their money. Audit firm SlowMist, who first detected the movement, also advises users to always check whether the project authority is multisig or not.
DeFi promises to help us be our own bank and, according to Luke Stokes, this can be only possible when we take personal responsibility. Learn more about DeFi from our exhaustive DeFi guide.
Are you interested in DeFi? Check out this Ethereum and DeFi exclusive video on our Altcoin Buzz YouTube channel to know why we feel its just the beginning.