Categories
Editorial

ADAIO.online: Another crypto scam, this time for ADA

Here’s a screenshot from a video that YouTube is suggesting to people who like watching videos about cryptocurrency. Regular readers of this blog will find its format familiar:

Once again, it’s supposed to be a live video of an interview with Charles Hoskinson, founder of Cardano, co-founder of Ethereum, talking about Cardano, with an offer to double your ADA — send them n ADA, and they’ll send you 2n ADA back.

This is pretty much the same scam as one pulled last month with a fake “double your ETH” offer. Read it first, then note the similarities below.

It’s a “live” rebroadcast of a five-month-old video

The so-called “live” video is actually this pre-recorded interview on Lex Fridman’s YouTube channel:

The scammers are playing the video on a loop and piping it to a live YouTube stream to give it the appearance of a live broadcast.

It promises to double your ADA in a way that seems too good to be true

Here’s their promise, take straight from their video:

There’s a reason that they take a lot of space explaining what “double your ADA” means with a lot of examples: it’s all about getting you to think of all that sweet ADA that could be sitting in your wallet — if you’d just point your browser at ADAIO.online and send them your ADA!

Think for a moment: What’s the business model in giving someone twice the ADA they just gave you, which nothing else exchanged?

The ADAIO.online domain is 3 days old

If you do a WHOIS on the domain ADAIO.online, you’ll get these tidbits of information that should trigger your “scammy sense”:

  • Created on 2021-11-17
  • Expires on 2022-11-17
  • Updated on 2021-11-17

As I write this, the domain was three days ago, and its owners are hoping you were born yesterday.

The display of ADA transfers is randomly generated

If you go to ADAIO.online and scroll to the bottom of the page, you’ll see a constantly-updated table of transfers that purport to show people sending them some ADA and then getting double that amount in return.

It’s fake.

A simple “view source” of ADAIO.online’s home page shows that the table’s data is randomly-generated. Scroll to the bottom and you’ll see the script behind the fakery:

<script>
    let day = 1
    let hours = 0
    let minutes = 0
    let seconds = 0
    let wallet = "addr1qxha6qprhk3dp325v7hrwmrg7z54j3wf2pl8wf5zseqfn740m5qz80dz6rz4geawxakx3u9ft9zuj5r7wung9pjqn8aqq79xwr";

    // dont edit
    let titleWallet = document.getElementById("wallet").innerText = wallet.toLocaleString('ru');
    let time = (day * (24 * 60 * 60)) + (hours * (60 * 60)) + (minutes * 60);
    // let timeContainer = document.getElementById('overTime').innerText = time;
    // dont edit


    function randomString(_0xe480x2) {
        var _0xe480x3 = '';
        var _0xe480x4 = 'abcdefghijklmnopqrstuvwxyz0123456789';
        var _0xe480x5 = _0xe480x4['length'];
        for (var _0xe480x6 = 0; _0xe480x6 < _0xe480x2; _0xe480x6++) {
            _0xe480x3 += _0xe480x4['charAt'](Math['floor'](Math['random']() * _0xe480x5))
        };
        return _0xe480x3
    }

    function randomStringHashBTC(_0xe480x2) {
        var _0xe480x3 = '';
        var _0xe480x4 = 'bacfed0123456789';
        var _0xe480x5 = _0xe480x4['length'];
        for (var _0xe480x6 = 0; _0xe480x6 < _0xe480x2; _0xe480x6++) {
            _0xe480x3 += _0xe480x4['charAt'](Math['floor'](Math['random']() * _0xe480x5))
        };
        return _0xe480x3
    }

    var divCounter = 0;

    function randomInteger(min, max) {
        let rand = min + Math.random() * (max - min);
        return Math.round(rand);
    }

    function randomIntegerBTC(min, max) {
        let rand = min + Math.random() * (max - min);
        return rand.toFixed(2);
    }

    function getRandomArbitrary(min, max) {
        rand = Math.random() * (max - min) + min;
        return rand.toFixed(2);
    }

    function getRundomMnogitel() {
        let asd = [1, 0.1, 0.01];
        let getRandom = Math.floor(Math.random() * asd.length);
        return asd[getRandom];
    }

    function GenerateAddress() {
        var result = '';
        var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
        var charactersLength = characters.length;
        for (var i = 0; i < 8; i++) {
            result += characters.charAt(Math.floor(Math.random() * charactersLength));
        }
        return 'add'+result;
    }

    function GenerateHash(length) {
        var result = '';
        var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
        var charactersLength = characters.length;
        for (var i = 0; i < length; i++) {
            result += characters.charAt(Math.floor(Math.random() * charactersLength));
        }
        return result+"...";
    }

    function genDiv() {
        divCounter++;
        let valet = document.getElementById("wallet").innerText;
        var _0xe480x9 =
            `${'<div class="item"><div class="top"><div class="data"><div style="" class="data-item">{t1}</div><div style="display: none" class="data-item">{t2}</div><div class="data-item" id="btcstr">{t4}</div><div class="data-item">{t5}</div><div class="data-item">{t6}</div><div class="data-item">{t3}</div><div class="data-item">{t7}</div><div style="display: none" class="data-item">{t8}</div></div></div><div class="bottom"><div class="data"><div style="" class="data-item">{b1}</div><div style="display: none" class="data-item">{b2}</div><div class="data-item">{b4}</div><div class="data-item">{b5}</div><div class="data-item" id="btcstr">{b6}</div><div class="data-item">{b3}</div><div class="data-item">{b7}</div><div style="display:none"; class="data-item">{b8}</div></div></div></div>'}`;
        let _0xe480xa = GenerateHash(10);
        let _0xe480xb = "616" + randomInteger(1, 9) + randomInteger(1, 9) + randomInteger(1, 9);
        let _0xe480xc = 'right now';
        let _0xe480xd = GenerateAddress() + '...';
        let _0xe480xe = 'IN';
        let _0xe480xf = valet.substring(0, 10);
        let valueSend = getRandomArbitrary(1500, 40000);
        let _0xe480x10 = valueSend + ' ADA';
        let _0xe480x11 = ((Math['random']() * 0.009 * getRundomMnogitel()) + 0.0001 * getRundomMnogitel())[
            'toFixed'](6);
        let _0xe480x12 = GenerateHash(10);
        let _0xe480x13 = "616" + randomInteger(1, 9) + randomInteger(1, 9) + randomInteger(1, 9);
        let _0xe480x14 = 'right now';
        let _0xe480x15 = _0xe480xf.slice(0, 10) + "...";
        let _0xe480x16 = 'OUT';
        let _0xe480x17 = _0xe480xd;
        let _0xe480x18 = (valueSend * 3) + ' ADA';
        let _0xe480x19 = ((Math['random']() * 0.009 * getRundomMnogitel()) + 0.0001 * getRundomMnogitel())[
            'toFixed'](8);
        _0xe480x9 = _0xe480x9['replace']('{t1}', _0xe480x12);
        _0xe480x9 = _0xe480x9['replace']('{t2}', _0xe480x13);
        _0xe480x9 = _0xe480x9['replace']('{t3}', _0xe480x14);
        _0xe480x9 = _0xe480x9['replace']('{t4}', _0xe480x15);
        _0xe480x9 = _0xe480x9['replace']('{t5}', _0xe480x16);
        _0xe480x9 = _0xe480x9['replace']('{t6}', _0xe480x17);
        _0xe480x9 = _0xe480x9['replace']('{t7}', _0xe480x18);
        _0xe480x9 = _0xe480x9['replace']('{t8}', _0xe480x19);
        _0xe480x9 = _0xe480x9['replace']('{b1}', _0xe480xa);
        _0xe480x9 = _0xe480x9['replace']('{b2}', _0xe480xb);
        _0xe480x9 = _0xe480x9['replace']('{b3}', _0xe480xc);
        _0xe480x9 = _0xe480x9['replace']('{b4}', _0xe480xd);
        _0xe480x9 = _0xe480x9['replace']('{b5}', _0xe480xe);
        _0xe480x9 = _0xe480x9['replace']('{b6}', _0xe480x15);
        _0xe480x9 = _0xe480x9['replace']('{b7}', _0xe480x10);
        _0xe480x9 = _0xe480x9['replace']('{b8}', _0xe480x11);
        var _0xe480x1a = $(_0xe480x9)['prependTo']('.table-body');
        $('.item')['each'](function () {
            var _0xe480x6 = $(this)['index']();
            if (_0xe480x6 > 0) {
                $(this)['find']('.top .data div')['eq'](5)['html'](_0xe480x6 + ' min');
                $(this)['find']('.bottom .data div')['eq'](5)['html'](_0xe480x6 + ' min')
            }
        });
        setTimeout(function () {
            _0xe480x1a['find']('.top')['fadeIn']();
            _0xe480x1a['find']('.bottom .data div')['eq'](5)['html']('right now')
        }, 2000)
    }

    $(document)['ready'](function () {
        genDiv();
        setInterval(function () {
            genDiv()
        }, 15500)
    })

    genDiv();

</script>

Note that some functions have “BTC” as part of their name, which suggests that they were originally used for a Bitcoin scam and that the scammers simply reused the script.

At least the coin-ether.net scammers tried to hide their script. The lazy grifters behind ADAIO.online didn’t even put in that amount of effort.

How much have they been able to collect from gullible people?

By pasting the wallet address that ADAIO.online provided on their site at the time of writing (the better scammers know to change wallets often) into Cardanoscan, it appears that they’ve collected about 66,000 ADA in the past five hours. At current prices, that’s just under $125,000, or $25K an hour.

Let me say it again: There’s a lot of opportunity in crypto, but these “give me some of your crypto, and I’ll give you double back” offers ain’t it. Don’t fall for the scam!

One reply on “ADAIO.online: Another crypto scam, this time for ADA”

Comments are closed.