A great visual of Remix Scams. Credit to Tim on Medium. Link in the article.
The Lure of Easy Money on Ethereum
Unfortunately, Ethereum Remix scams are being spotted in various tutorials all over YouTube. Easy money on the Ethereum blockchain is irresistible for many newcomers. YouTube is flooded with tutorials promising effortless riches through MEV bots, arbitrage bots, or custom cryptocurrency tokens. These videos show developers deploying smart contracts in Remix, which is Ethereum’s web-based IDE. Scammers are creating videos with promises of automated income streams. For someone just starting with Solidity, this can feel like hitting the jackpot. But there’s a catch. Actually, it is a massive red flag that’s hiding in plain sight.
What is Remix, and Why is It Popular?
Let’s take a step back. Remix, for the uninitiated, is a powerful tool for writing, testing, and deploying Solidity code directly in your browser. It’s a gateway for new developers that are learning how to launch smart contracts within the Ethereum ecosystem. Its accessibility is what makes it so popular. You don’t need to worry about setting up a local development environment since you can use it directly in your browser. But as with any tool that lowers the barrier to entry, it’s also a prime hunting ground for scammers.
How Do Remix Scams Work?
Here’s how these Remix scams work. You find a tutorial that walks you through copying and pasting a “ready-to-go” smart contract. You’re promised that this contract will perform some lucrative function. Maybe it’s sniping tokens at launch or an automatic trading bot for arbitrage. All you have to do is paste the code, deploy the contract, and fund it with a little bit of ETH for gas fees. But the moment you fund the contract, the ETH vanishes. It is siphoned off to a wallet address that was hardcoded into the contract by the scammer. It’s a classic bait-and-switch, disguised as a lesson in coding.
Who Are the Targets of These Scams?
These scams appeal to two types of people: those who are genuinely trying to learn and those who are looking for a shortcut to profits. New developers might not yet understand Solidity well enough to spot malicious code. Meanwhile, opportunists hoping to cash in on the next big crypto trend often overlook the basic principle of never trusting code you don’t understand. I have even seen tutorials on creating a flash loan bot. It’s kind of hard to get mad about that one, since it is basically scammers scamming other scammers. Here’s a snippet of a very good write-up about a flash bot scam:
TL:DR
I accidentally stumbled upon a youtube video with a tutorial on “How to make / create a USDT flash token”, which contained very suspicious instructions.
I conducted an investigation to understand how this potential scam works, and found that:
- There are hundreds of these videos across youtube that all advise people to deploy a 1000+ row contract with 0.025–0.1 ETH to make 10.000+ USDT.
- In reality, these contracts just send out all victim’s money to addresses hardcoded in them.
- These addresses then transfer the money to a single account that is currently holding $2m+ worth of crypto, which then launders it through stake.com and ByBit.
- Digging further into this account has shown that it serves as an endpoint for other fraudulent funds and scams, detected by various analytics systems.
Check out and continue reading Tim’s excellent write-up on Medium here.
Greed and Loss of Common Sense
The psychology here is so simple. It is greed. Greed causes people to lose all of their common sense. The thought of earning an easy passive income from a bot or a smart contract that “just works” clouds a lot of people’s judgement. Add in a few tricks, like a personable voice or even a face in the tutorial video, and the scammer builds trust where there should be none. Just because you see a face behind the tutorial means nothing. It is a false sense of security.
These scams aren’t small-time operations, either. Wallets linked to these scams have raked in millions, with one particular scheme (MEV bots) becoming so prolific that it’s almost a dark joke among experienced developers. Scammers don’t even need to try that hard since there’s a never-ending stream of new people wanting to create their own smart contracts and people looking for easy money.
How to Avoid Falling for Ethereum Remix Scams
If you’re serious about learning Solidity and building something real and meaningful, the best advice is to take your time and approach the process with caution. Check into resources like Patrick Collins’ GitHub or other verified educational platforms. Start by understanding the basics of what each line of code does. Be skeptical of any tutorial that seems too good to be true because it usually is.
Trust No One, and Learn the Right Way
Always remember this: a legitimate developer isn’t going to hand you a golden ticket for free. In this space, knowledge is your best defense, and a little healthy skepticism can save you from a very expensive lesson. Don’t let a YouTube tutorial or the promise of quick riches lure you into funding someone else’s wallet.
