Beware of crypto-stealing, AI-powered trading bot scams on YouTube

Published: 8 August 2025
Last updated: 8 August 2025
red square with white triange, red hands, broken golden bitcoin coin
By Cybernews.

Crypto scammers are now using YouTube to distribute malicious code disguised as trading bots, highlighting the dangers of AI-generated content.

Threat intelligence and malware analysis team SentinelLABS said the campaign they uncovered has already stolen more than $900,000 worth of crypto assets.

Here's how the criminals operate: to look legitimate, they use aged YouTube accounts and distribute content on crypto trading, while in the video descriptions they share a link to a site with malicious smart contract code. When a victim deploys the smart contract, they're manipulated into giving away their funds.

ADVERTISEMENT

Moreover, according to SentinelLABS, the contract also contains a failover mechanism that allows the attacker to withdraw funds sent to the contract. The researchers found that each scam tricks users into depositing a minimum of 0.5 ETH ($1,958) "to ensure sufficient funds for arbitrage profit," as well as accounting for gas fees.

According to them, while several videos appear to be AI-generated, the most successful one looks to be real. It helped the attacker steal $900,000 in crypto assets, while others stole thousands of dollars’ worth.

"Various iterations of the scam have been ongoing since at least early 2024, with different videos and YouTube accounts used for distribution. The actors are likely managing the YouTube comment section to delete any negative comments, with more savvy users turning to platforms like Reddit for additional context on the bot," the cybersecurity researchers said.

dark grey and black table with white letters, mans picture in purple background
Source: SentinelLABS

The attackers also use multiple obfuscation techniques to hide their wallet addresses in each smart contract.

Therefore, SentinelLABS urged crypto users to treat trading tools promoted through unverified social media or video content with extreme caution and to avoid deploying code marketed via influencer videos or social media posts.

"The combination of AI-generated content and aged YouTube accounts available for sale means that any modestly resourced actor can obtain a YouTube account that the algorithm deems ‘established’ and weaponize the account to post customized content under a false pretext of legitimacy," they concluded.

ADVERTISEMENT
Ernestas Naprys vilius Paulina Okunyte justinasv
Be the first to know and get our latest stories on Google News
Google News Follow us

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT