ZachXBT, a blockchain investigator, alleged that a former professional Fortnite player, going by the name Serpent, defrauded investors through scams of more than $3.5 million in memecoin that his company claims Serpent had orchestrated.
November 27Serpent’s detailed accusations of fraudulent cryptocurrency projects, still most often via their hacked social media accounts and misleading investment opportunities, are made.
1/ An investigation into how threat actor Serpent went from being a professional Fortnite player to helping steal $3.5 million via coin scams launched from over 9 accounts compromise on X and IG and play the profits in online casinos. https://t.co/zR6QtuQW8a pic.twitter.com/Y8ovnEnQgj
-ZachXBT (@zachxbt) November 27, 2024
Esports organization Overtime relegated Serpent from its ranks in 2020 following cheating allegations, and now the esports star is taking on a much more serious endeavor. As a blockchain security analyst and founder of a threat mitigation system called Sentinel, he introduces himself to the world.
Unfortunately, in its investigation of Serpent, ZachXBT discovered that the group has ventured beyond cybersecurity to engage in illicit financing targeting cryptocurrency investors.
Snake-Linked Wallets Implicated in Memecoin Scams
ZachXBT Searches Find Wallet Serpent-associated addresses that have been used in, among other things, various memecoin scams. The scams reportedly affected celebrities with verified accounts on platforms like X (former Twitter) and Instagram: McDonald’s, Usher, Wiz Khalifa, for example. The unfortunate Serpent also lost accounts that were allegedly hacked and used to launch fraudulent memecoin projects associated with Serpent.
6/ Serpent plays millions of dollars every month on Roobet, Stake, BC Game and Shuffle, frequently sharing the screen with friends on Discord.
I obtained recordings of him gambling where he inadvertently disclosed multiple deposit and withdrawal addresses.
Discord ID:… pic.twitter.com/nY8GGT6dER
-ZachXBT (@zachxbt) November 27, 2024
The scam was not limited to social media, as Serpent dealt in gambling and money laundering. Serpent bet millions of dollars on popular online casino platforms Roobet, Stake, BC Game and Shuffle, according to ZachXBT, which showed evidence of Serpent wasting millions on the various casino platforms. ZachXBT obtained recordings of Serpent’s live gameplay on Discord, during which he inappropriately revealed deposit and withdrawal addresses for fraudulent activity.
Pull rug, labeled ERROR project
The snake is also mentioned in a project called ERROR by ZachXBT, which he refers to as a “rug pull”, slang for fictional projects in which a creator instantly abandons a mission, leaving merchants without valuable goods. Suspicions extend to the fact that Serpent links ERROR’s wallet addresses to numerous compromised social media accounts, as he is allegedly linked to these scams.
It also shows that after the allegations were made public, Serpent began deleting posts from his X account, including posts that saw him appear as a cybersecurity advocate, advising people to avoid attacks from phishing and fake cryptocurrency airdrops.
Today, in an era where crypto-related scams and phishing attacks have become more than a nuisance for cryptocurrency space, the Serpent’s actions come at just the right time.
Five people were indicted last week by US federal prosecutors for their involvement in an international hacking operation aimed at stealing $11 million worth of cryptographic and sensitive data from people and businesses in several countries. The attacks, sometimes vicious phishing schemes, involved tricking victims into revealing their digital wallets and credentials.
Hundreds of ransomware attacks were intercepted by the Department of Homeland Security (DHS) before they could spread widely and cause major damage, the agency said. A critical part of this effort was carried out by Homeland Security Investigations (HSI), to protect U.S. government agencies from escalating cyber threats.
The Serpent affair once again brings to the forefront the extremely persistent vulnerabilities of the cryptocurrency ecosystem, where scammers are still taking advantage of irresponsible and lax user security practices and the insecure nature of social media platforms. While blockchain investigators and authorities have become increasingly vigilant, cryptocurrency fraud remains a persistent problem for investors and the rest of the industry.