Ok. Since it looks like EVERYONE is getting drained by this guy, let me break down exactly how he’s doing it:
Step 1 – The bait:
He reaches out asking for “help learning to trade,” offering 20–50 SOL as payment.
Step 2 – The flex:
On a Discord call, he shows off a “big wallet,” huge PnL screenshots, and gambling site balances to make himself look legit.
Step 3 – The setup:
He asks you to create a new Axiom account. While doing this, he insists you use your mouse to copy/paste everything “so you don’t lose the password.”
Step 4 – The trap:
What he doesn’t tell you is that when you copy/paste with your mouse, your screen flashes the last thing you copied. He’s recording your screen the whole time. That’s how he gets your login info.
Step 5 – The theft:
He then has you send SOL to your trading wallet (sometimes even sending some himself to make it seem safe). Once you’re in, he uses the captured info to log into your account and drain it. If you reused the same password elsewhere, he takes those too.
These guys aren’t “hacker wizards.”
They’re just exploiting simple human error.
Not blaming victims here at all. It’s a dirty trick and easy to fall for specially when this russian MF does not stop spamming questions non stop.
Stay sharp, don’t screen-share sensitive actions, and always protect your info. <3
SECURITY THREAD: Your .env file WILL get you drained (here's how to not be next) 🧵 👇
Private keys in .env files will get you rekt. It's not if, but when. You're one extension away from $0.
The time between my PK leak to drain: 27 minutes.
Updraft’s newest course is now live: Rust Programming Basics 🎉🚀
A 3 hour course to learn:
- Rust variables and functions
- Scalar types, arrays, strings
- Control flow
And much more, completely for free!
Get started today 👇
The team behind $JESSIE ( @Synthelix @jessieagentxyz ) lied and stole my money. I am making this post only after repeated attempts to dm every single accessible member and being met with a stonewall.
Why is @fetchai_token directly supporting them?
@NebulaiHQ do you enjoy partnering with thieves?
@GPUAI_Coin did you know this team lies to investors?
@DePINed_org would you like to be endorsing scammers?
@GetSwarmed good look from a partner, right?
I would expect all these projects to publicly denounce them, unless they themselves are happy to see a partner lie, cheat, and steal. Requesting aid to fully doxx and hold them to account. They raised via a small private round a while back, under specific terms. Then right before launch, unilaterally changed those terms to avoid giving what was agreed upon. They violated their side of the agreement, and refuse to issue a refund. This is 100% illegal theft.
This is the team of thieves and liars.
@rosaaa
https://t.co/TzrbiD1RLU
https://t.co/o0GmQlkKLE
@EricWaisanen
https://t.co/GtuK6wvHUs
This one is extra funny as he claims to be a man of God.
Oliver and Bella both have fake links where their linkedin buttons go nowhere at all.
Dae Jung not listed on the website but a core member, only accessibly on telegram.
Find these people if possible. People like this are the reason why this space is a dumpster fire. And because no one is ever held to account, it just encourages more of the same behavior.
Many people have supported $JESSIE in good faith, unknowing about this crime and theft. I tag them here not to call them out but to warn them against letting this project taint their reputations.
@CryptoFellaTx@0xlav7@rutradebtc@CryptoBaldwinIV@panamaXBT@CryptoJonesRC@AceMoonCrypto@shifuwealth@DeFi_Paanda@CryptoGideon_@CryptoShiro_
[I had to edit and redo the post as a mistake prevented it being visible to most people]
The dev apparently had no time or no understanding of the original contract at all.
Lots of unnecessary functionality was kept despite not even using gauges etc.
For Telegram/Discord interactions: Create a burner account on your VM for receiving suspicious files. Never forward files from your main account to the VM - the damage may already be done before you check them.
If on windows, make sure your system shows file-extensions.
Sometimes attackers just rename the extension and make it look like an image. For example: document.pdf.exe
Installing the appliance:
• In VirtualBox, go to "File" > "Import Appliance"
• Select downloaded .ova file
• Follow prompts (default settings work fine)
• If necessary, change the storage location of the harddisk
• Done! A hardened security-focused environment ready to go
Quick VM Setup for Beginners:
1 Download VirtualBox: https://t.co/BdgA0XpLrA
2 Instead of manual setup, download a pre-configured Kicksecure appliance. There is a detailed step-by-step guide on their website with video tutorials: https://t.co/7NC3n7xpRa
@austingriffith@gnosischain@base As much as I get the idea, there are some cases where you need to use a real test net.
E.g. zksync has some differences when it comes to solidity version / compiler which might bring some pseudo errors or you might have some dependencies to a protocol that is available on sep