Do retail investors still have opportunities in the cryptocurrency market?
Table of Contents:
Fancy Ways for Regular Users to Lose Money
1) The Industrialization Trend of Rug Pulls
2) Rampant Hacker / Phishing Attacks
3) Fancy Calls from KOLs
4) VC Tokens Going Online and Falling Continuously
Where do regular players go from here?
In the past year, have you encountered any rug pull projects? Have you experienced a “buying at the peak” situation due to the promotion of KOLs? Or have you suffered losses due to increasingly rampant phishing attacks? Or have you bought newly listed tokens on top platforms only to see them continuously fall?
It is estimated that many users have experienced at least one of these scenarios. It can be said that this is a true reflection of the investment experiences and real feelings of the majority of ordinary investors in recent times. Whether it is blockchain security issues or asset depreciation issues, users are unable to defend against them. Even common scams that used to be seen frequently have become industrialized. To put it more bluntly, even the “leek roots” are being uprooted.
This article aims to take stock of the various scams that have emerged in the cryptocurrency world recently, as well as whether there are still opportunities for regular users to make money in the cryptocurrency industry.
First, the setups for rug pulls are becoming more sophisticated, with ZKasino being a particularly outrageous case. On April 20th, some community users compared the historical page of ZKasino on Wayback Machine and found that ZKasino had deleted the phrase “Ethereum will be returned and can be bridged back at this point” from its website’s Bridge funds interface.
At the same time, users in the community were unable to withdraw funds, the official Telegram of ZKasino was muted by administrators, and social media updates stopped. The total amount of funds pulled was over $20 million.
Interestingly, just a month ago in March, ZKasino had just announced that it had completed its Series A financing with a valuation of $350 million. The specific amount was not disclosed, but multiple trading platforms and VCs participated…
In addition, there is zkSync, jokingly referred to as “Rug Chain,” which not only frequently experiences security incidents in its ecosystem projects but also demonstrates a clear trend of quickly capitalizing on hot topics. For example, the recent rug pull of the zkSync ecosystem DEX Merlin, which shares the same name, affected funds worth millions of dollars.
It must be emphasized again that many projects in the zkSync ecosystem are indeed of varying quality. While participating in the zkSync ecosystem, it is important to remain vigilant and guard against risks at all levels.
One of the most eye-catching recent cases in the field of online security was undoubtedly the “same start and end address phishing attack”:
A whale’s address fell victim to a phishing attack with the same start and end address, resulting in a loss of 1,155 WBTC, equivalent to over 400 million yuan! Although the hacker eventually chose to return the funds due to various factors, this phishing behavior revealed the extremely high risk-reward ratio of this type of attack, where “once in three years, you can earn a lifetime.”
Similar phishing attacks have also become industrialized in the past six months. Hackers often generate a large number of different start and end addresses on the blockchain as a prepared seed bank. Once a specific address has a fund transfer with the outside world, they immediately find an address with the same start and end from the seed bank. They then call the contract to initiate a related transfer, casting a wide net and waiting for the harvest.
Since some users sometimes directly copy the target address from the transaction record and only check the first and last few digits, they fall victim to this attack. As Yuchen, the founder of SlowMist, said, “What hackers are playing with in the start and end address phishing attack is the net casting attack. Those who are willing will be hooked. It’s a probability game.”
This is just a microcosm of the increasingly rampant hacker attacks. For regular users, the tangible and intangible risks in the colorful blockchain world have increased exponentially, while their awareness of risk prevention lags behind.
Overall, various forms of attacks, such as on-chain, wallet, and DeFi attacks, as well as social engineering attacks, are continuously emerging. This makes DeFi security risks an asymmetric one-way hunt: for technical geniuses, it is undoubtedly an endless free ATM, but for the majority of regular users, it is more like a sword of Damocles that could fall at any time. They need to remain vigilant, not easily participate in authorizations, and rely more on luck.
So far, the most common way for regular users to lose funds in Web3 is through internet phishing and social engineering attacks. Furthermore, due to the additional risk points of smart contracts, the problem has become more serious.
Behind every successful scam, there may be users who stop using Web3 products and stay away from VC tokens, choosing to embrace memecoins, which are more fair and grassroots-oriented. This itself is a form of resistance where funds vote with their feet.
Until Web3 applications truly establish a closed-loop value system, regular users will have “nowhere to go”. Perhaps this is the inevitable “twist and turn” in the development of Web3. The cryptocurrency industry is still moving forward while exploring.
Related Reports
The GameStop Short Squeeze Legend: How a KOL Led Retail Investors to Earn $40 Million from Wall Street Shorts?
JPMorgan: Panic Selling by Retail Investors is the Main Driver for BTC’s Recent Decline, Market Still Faces Three Major Negative Factors
CEX and Other Cryptocurrency Websites’ Traffic “Far from Previous Peaks,” Has the Retail Craze Not Yet Arrived?