Ellipsis.Finance Rescue
By: Eyal Markovich, Co-founder & COO
Several months ago, a flashbots white hat team and bloXroute agreed on utilizing the bloXroute BDN to help flashbots white hat clients currently trading on BSC. Maor from the white hat team shared with me one of the team’s success stories. With his permission and written in his words, I am posting it here.
Last December a rather large and time-sensitive rescue request was made in the flashbots token rescue team hotline. I had experience with alt chains that lacked private transaction support so I took it. The victim had a large stake in Ellipsis.finance accruing daily rewards in the hundreds of dollars and was to be completely unlocked in approximately 2 months.
Although searching ellipsis finance reveals scammy ads, this particular victim was scammed by a con artist posing as multiple ellipsis support rep accounts in the project’s official Telegram group. The user experienced technical issues and was tempted by a fake website that the scammer sent him to acquire his seed phrase.
From that point the scammer got busy and started draining the account.
After draining any available funds, the scammer started draining the rewards daily. This case illustrates why you should never negotiate with scammers. The victim was promised that his account would be “left alone” after paying 10k USDT. Unsurprisingly, after paying the 10k ransom, the scammers kept asking for more.
After taking the case, I examined the scammer’s bot and realized I would need a fast and reliable network provider to beat them on the BSC chain seeing as it is much faster and more chaotic than the Ethereum network and no relevant private transaction solutions existed. I quickly installed a bloXroute BSC gateway on my machine and immediately went to work. I built a bloXroute based “sweeper” on the account that swept away any incoming BNB and in unison prepared the relevant reward fetching script. Within a few days, I was able to beat the scammer every single time and immediately send the rewards to their rightful owner.
A week into the action, another case appeared in the white hat hotline, with the same address. A quick call confirmed this person was indeed the same scammer and was shopping around for help to beat my bot.
To prevent this thief from taking advantage of other whitehats, I decided to see if I could fool them and lead them on up until the large unlock of funds while also keeping them complacent and lazy. I wondered how to trick them without giving up any rewards as evidence. Thankfully one of the scammer’s friends came to the rescue:
As the date of the large unlock came closer and closer, I kept reassuring the scammer that I was developing a speedy record-breaking bot by throwing around small hints here and there but never sending any rewards. Of course, I wasn’t completely lying, using several BSC network hacks I discovered while doing my research and bloXroute gateway’s connectivity and speed, I was able to improve my bot even more.
As any whitehat will tell you, all good rescues happen in the middle of the night and this one was no different. When the clock hit 2 AM my script went into action and extracted the entire staked amount and transferred it all to a safe location. The victim was at last able to retrieve a small portion of their compromised portfolio.
