HashDit

Introduction
HashDit has monitored a new Drainer As A Service (DaaS) product in the Crypto Scam industry, which calls themselves Perpetual Drainer.
Instead of the traditional way of tricking a victim to visit a scam / impersonation website where security tools can block these sites on the wallet level, the victim visits a website hosting Perpetual Drainer, where the wallet now will receive a request from a trusted origin bypassing checks.
Modus operandi
Perpetual Drainer will redirect victims to a reflected XSS exploit on a trusted origin, which then dynamically loads a script from Perpetual Drainer infrastructure that contains the actual drainer logic.
When this code executes, it rewrites the DOM to display a wallet connection prompt and causes all requests to the wallet extension to originate from the trusted origin, rather than the malicious origin. 
Technical Details
Affiliates: These are individuals or entities that help distribute the malicious tool.
Main.js Script: Affiliates can include this script on their websites. When a user visits the site, this script will automatically load another script from a specific URL.
This immediately redirects users to a site with a Cross-Site Scripting (XSS) vulnerability.
XSS Domain: This is a domain that might appear trustworthy, The XSS vulnerability allows the attacker to execute malicious scripts on the user's browser.
Drainer.js: Once the user is redirected to the XSS domain, this script (drainer.js) is loaded from another URL. This script is the actual malicious code that performs the harmful actions.
** It is important to note here that transaction simulation or transaction data analysis can still flag this malicious transaction out.
As always, stay paranoid and review your transactions before signing . If in doubt, always check with a trusted source.
Protect yourself with our HashDit tool 🤖 download now for free!

✍️ Our 2025 Q1 Incident Report for BNB Chain has been published!
1️⃣ Q1 sees a 75% decrease in fiat losses and 31% drop in incident count compared to 2024 Q4. 🛡️
2️⃣ BSC ranks 5th in Q1 fiat losses among other chains. 🤝
3️⃣ Hot Wallet Compromises and Lack of Validation bugs were the most substantial exploits, with CEXs being the most targeted. 🐛
Read the full report here👇
https://hashdit.github.io/hashdit/blog/bsc-2025-quarter-one-report/

So, what is a HoneyPot Token?
A HoneyPot token lures users with the promise of profits, but prevents them from selling their tokens later.
🎯 Usual Targets
General Crypto Users: Little to no experience, follow influencers or pump groups, fall for marketing techniques, or buy fake tokens.Meme Coin Traders: Think they can make quick profits and get out fast despite suspicious aspects.
Did you know? 💡Over 5,000 HoneyPots have been created this year alone! 🤯
💸 Why Users Buy
Desire to make money fastBelief in getting in earlyOverconfidence in outsmarting the systemRushed decisions due to false urgency

FOMOing into a random Pump Signal token will get you REKT
🔍 How to Spot a HoneyPot Token
From the Chart,
Mostly Green candlesticks with the occasional Red
From the Code,
Unverified contractsOwnership not renounced or other privileged roles still controlled by scammersBlacklisting/WhitelistingHigh sell feesRestricted transfersBalance manipulation to prevent selling
From Social Media:
Check with other holders if they have issues selling (verify if they are real users)Verify the official token address
Once you have bought into a HoneyPot, there is NO way you can recover back your funds❗ Anyone guaranteeing you that they can, is a SCAM.
From Wallet:
Randomly airdropped tokens with seemingly real names and value (there is NO free money in this world)
From Transactions:
Multiple failed transactions (check chain explorers like Bscscan)Predominantly buy transactions
From Holders:
Large percentage of tokens held by few addressesCEX holders to mislead about listings (especially if it's a newly launched token)Unlocked liquidity (scammers can pull the rug anytime)
🛡️ How Users Can Protect ThemselvesAvoid impulsive investmentsVerify token address authenticityConduct thorough due diligence (website, team, roadmap)Use security platforms like HashDit + Honeypot.is to verify Code risk
🚨 If Caught in a HoneyPot Token, What should you do?
It is unfortunate but accept the loss and move onReport the contract on platforms like Token Sniffer and RugDocWarn the community to break scammers' reliance on silenceRevoke approvals to safeguard your wallet
Stay vigilant and protect your investments! 💵

TLDR: Always be wary of sites offering free tokens as airdrops or free tokens sent to your account by airdrop and require you go to a website to claim them. We recently saw the site “claimusdtbox” trending high in member interactions. 
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via scam contracts and deceptive functions.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#USDT #BTC #ETH #TrendingTopic #security
How this phish works:
The site is set up to look like a claimable tether airdrop of 50 USDT.They automatically request a wallet connection on landing on the page.Clicking ‘Claim 50 USDT’ launches a transaction calling the function ‘disperseEther’.This interaction leads to a fund loss by the contract sending your bnb to the scammers destination addresses.Always remember there is NO “Free Money”.

Scam Contract: https://bscscan.com/address/0xf8c8fb8931f62273ff7c6b13ebb9a999eeb19466Destinations: 0x677e65e2c5cd4ac83fc75f6001ae36e66cc1b936, 0xd5022536e85a91c38f98b16812ca221d84ec50f3Sample tx : https://bscscan.com/tx/0x551343cc3122d13e67a65a0fbbfc080e039ebcdb7c3967f303804045e35f2018Always #DYOR! Review your transactions before signing and if in doubt do not take decisions on fomo basis.

HashDit team noticed a new website “ksc rocks” has been seeing a rapid rise in interactions. 
Our Advice: Stay Away! It seems to be a Fake Ponzi Scam posing as an investment and trading website aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
Concerning Facts: 
The website provides no information about the project.As soon as you land at the website an auto connect feature is triggered automatically logging you in.Many of the site's features are slated to be ‘coming soon’.
Red Flags:
Once signed up you need to to purchase an "investment package" [%5-100].They promise a daily 2.5% income from the investment amount.They promise staking income in the range of .25 to 250%.You are required to build up a team via referrals on a 12 level system[100-50k referrals].They offer multiple income streams:Direct bonus [30%]Level bonus [.05-.5%]Daily bonus [2% company turnover after 2 referrals]Royalty bonus[5% company turnover]Salary income [100-5000$ based on business generated] etc.They also claim to have trading and mining features and promise airdrops of the KSC.You are also required to also continuously top up the account with higher amounts.The scheme seems to be based on getting new members to join/be referred as well as you continuously topping up your account.This will fall apart once new members stop joining. 
This is the hallmark of all ponzi scams, promising very high returns but never actually providing any to anyone other than themselves.
Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

HashDit team noted “eth-am.com” trending high up in member interactions. Always do your due diligence before interacting with quick investment sites.
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via approval phishing.
How this phish works:
The site is set up to look like an automated trading platform mixed with a staking aspect. As soon as you land on the page it automatically requests a wallet connection.Clicking the word ‘Open’ or interacting with the supposed trading page triggers the phish. The transaction asks you to sign an approve function for the spender address.Looking at the transaction value,you can see that it is set at an almost unlimited value.The destination address is also a personal address, which is another red flag.Approving this would lead to a loss of all funds from the victim's wallet.If the approval is not revoked, anytime funds are added in, the scammer can transfer them out resulting in ever greater losses. 
Address: https://etherscan.io/address/0x8Cb9b8fa576C5480BeD7838db8808EEc072b410C
Eg tx : https://etherscan.io/tx/0xc710bdb022b15fc1f554a94564d2c1d093338685c451dbf21872038d96552290

Looking at the above you can see that the approver calls a transferFrom(address from, address to, uint256 _value) function to move funds from the victims address to one of his choice.
Always #DYOR! And review your transactions before signing and if in doubt do not take decisions on fomo basis.

Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]

#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀

Always do your due diligence before interacting with any site claiming to allow you to generate passive/active income easily. We have seen an increase in interaction with a phishing site ‘defiminingfarm’.
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via approval phishing.
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
How this phish works:
The site is set up to look like a mining platform active globally. They falsely claim to be partnered with sites like CMC,coinGecko etc.The site automatically requests a wallet connection as soon as the page is loaded.You are required to ‘activate the account’ to start, by clicking ‘Earn Eth’ and ‘confirm’.This calls an approve function to an EOA that gives them access to all your funds.The scammer then calls a transfer which will lead to a loss of all funds in your wallet. 

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]

A new website “mtcfund.io” has been seeing a rise in interactions. 
Our Advice: Stay Away! It seems to be a Fake Investment Scam posing as a staking website aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
Concerning Facts: 
The website is poorly designed and none of the links actually work.They provide no information about the team or any documentation projectwise.
Red Flags:
To sign up you need to have a referral and if you do not you need to get one via telegram.To sign up you need to interact with their contract, which calls a registration function. The function is unclear as the contract is unverified and unpublished. Once you sign up, you see that the actual returns from staking are very low.To earn income you need to buy into a package and be part of a multi level program.You are required to build up a team via referrals and each level requires at least 5 referrals of the previous level eg: Platinum level requires 5 F1 golds.They offer multiple incomes from:A global money pool30-40% from a registration pool 20-30% from a 1 million locked token,$50k worth NFT.The scheme seems to be based on new members joining up continuously and will fall apart once this stops. 
This is the hallmark of all ponzi scams, promising very high returns but never actually providing any to anyone other than themselves.

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

HashDit team noticed a site “zedxion.site” aiming to phish users by claiming to be a presale fan token of ‘Chiliz Labs’.
Our Advice: Stay Away! It’s a phishing scam!!!  Scam Contract [BSCScan]: 0x2a68Ef2850300e42dC2E7733a489C6f1aFFc3d1AWe suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #Presale #memecoin🚀🚀🚀
RED Flags: 
The site is badly set up, to look like a presale of a new token. The favicon and imagery on the site refers to another coin. Clicking the ‘Claim 240000 CHILIZ’ triggers the wallet connection and requires you use the BNB chain to transact.This automatically triggers the transaction calling a ‘buy’ function.The result of the transaction is a worthless toke and a waste of your funds.Clicking ‘Swap’ leads to the page “https://zedxion[.]site/swap/” which resembles low cost cross chain swap sites that phish users.It calls the ‘Sending BNB’ function and transfers out your funds.Beware rushing to claim presales and airdrops of tokens without doing your research!

Always #DYOR! FOMO can lead to rash and regrettable decisions!!!

HashDit team noticed that a few new websites “spccoin.in”,”spctoken.in” have been seeing a rise in interactions. 
Our Advice: Stay Away! It's a Fake Investment Scam posing as a staking website aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#BTC #ETH #TrendingTopic #memecoin🚀🚀🚀
Concerning Facts: 
They claim to be a token designed to offer various payment services for SPC ecosystem projects.They claim to provide two platforms to earn unlimited amounts.
Red Flags:
To sign up you need to pay an activation fee [10 - 50 usdt].Once you sign up they promise you multiple sources of income.Direct Income: 5-10% your direct referrals activation fee.Level Income: requires a minimum of a 30, upto 50 usdt activation.They also promise a direct sponsor bonus of 10% with upto 16 levels of referral.They round it off, they promise a staking bonus of .30% - .60%.This scheme is built up around referring new members and having them purchase memberships.As soon as members stop joining or existing members stop funding the scheme it will fall apart. 
This is the hallmark of all ponzi scams, promising very high returns but never actually providing any to anyone other than themselves.

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

Always do your due diligence before interacting with sites claiming to offer airdrops of new tokens. We recently received a report regarding “base-brett.xyz” claiming to be the original and then actually stealing user funds. 
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via approval phishing.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#BTC #TrendingTopic #ETH #memecoin🚀🚀🚀
How this phish works:
The site is set up to look like the original and offers tokens presale/airdrops. Clicking on the claim rewards button launches a connect wallet dialogue.The site then asks to sign an approval with the spender being a contract. The scammer then makes a ‘multicall’ to the contract resulting in a transfer from function from the victims address to the destination address(es) dictated by the scammer. This then leads to a loss of all tokens in the victim's wallet. 
Contract: https://etherscan.io/address/0x0f2fcdb446FB157A684F51a970Dd88CEf6430B71
Eg tx : https://etherscan.io/tx/0xadf9684612d3dd0b3aaaedb9dd470076fc47437dff954333991c81b7d19d81b6

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

HashDit team noticed a series of fake sites “allocation-hamster.com”,”ciaim-hamsterkombat.com”, “claimhamster.pages.dev” aiming to phish users by targeting a new popular project “Hamster Kombat”. 
Our Advice: Stay Away! It’s a phishing scam!!!  Actual Social Media Links:Website: hamsterkombat.ioTwitter/X: @hamster_kombatTelegram: t.me/hamster_kombatWe suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#BTC #ETH #TrendingTopic #memecoin🚀🚀🚀
RED Flags: 
The sites copy the layout of the original website but change key parts to deceive the user.Another trick to be wary of is that the url ‘allocation-hamster.com’ redirects you to ‘allocation-hamsterkombat.com” without a redirect dialogue/notification. The Play Now button is changed to Claim Now / Claim Token.Clicking on the button triggers the wallet connection dialogue and an automatic triggering of the transaction.This aims to drain your wallet by using functions like ‘sending BNB’ to withdraw your funds. The site ‘ciaim-hamsterkombat.com’ also implements a wallet check mechanism to deny low value wallets from interacting, asking them to top up first.Once topped up the scammer would then drain the entire balance leaving you with nothing.
Always #DYOR! FOMO can lead to rash and regrettable decisions!!!

TLDR: Beware sites claiming to be airdrops of new tokens. We recently received a report regarding “basedbrett.claims” and “scotty-theai-io.web.app” offering airdrops and claims but actually stealing user funds.  
Our Advice: Stay Away! These are Phishing websites meant to deprive you of your funds. Fake Contract[BscScan]: 0x0000d169F98E078B60bFb09A69D145e72dBE0000Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#BTC #ETH #TrendingTopic #memecoin🚀🚀
How this phish works:
The sites are set up to resemble the original, with a similar name and layout. Once the page loads they either automatically call the wallet connection dialogue or have you click to connect your wallet. Once you connect they call a function CLAIM.The idea is to make the user believe that they are claiming a token.However if you observe the amount deducted, it's the entire wallet balance.If you try to cancel the transaction, the site automatically retries the transaction to get the user to confirm it. Closing the page and then rejecting the transaction is the only way to stop the dialogue.The contract is unverified and any transactions will only lead to a loss of user funds.Always #DYOR before transacting on any site.

TLDR: Token impersonations of popular and fast climbing projects are on the rise and we have seen a contract impersonating the recently launched Notcoin and using social media apps to trick users into buying it via pancakeswap. 
Fake Token(Notcoin - BSCSCAN): 0xc71f74b62d827638513d4eb90021527eed2c622c
/ 0x6f24daa874e65ab70b25bbb4f1fe8f4398ab893a
Our Advice: It's a Scam! Always DYOR. This contract will steal your funds. We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
Actual Token Info:Binance launched Notcoin for trade on 2024-05-16. Please do your own research to ensure safety of your funds!Token Address: EQAvlWFDxGF2lXm67y4yzC17wYKD9A0guwPkMs1gOsM__NOTProject Website:Website: ‘https://notco.in’Twitter/X: @thenotcoin
#TrendingTopic #PancakeSwap #BTC #ETH #memecoin🚀🚀🚀

How these scams usually work: 
Popular platforms usually post information about projects with an upcoming presale/going live.Scammers view these posts and use social media apps to create fake support groups, impersonating the company and try to use fake websites/contract addresses to trick users. Once you have connected to the site or decide to transfer to the contract, the scammers try to get you to place or approve increasingly large orders or ask you to send funds to an address post which they will send you tokens.Once the user has confirmed the transaction, the funds will never be seen again.
Always do your own research! If it looks too good to be true, it probably isn't!

Red Flags: 
Beware being added to any support groups promoting or offering you investment advice or fast profits!! Contracts that are usually unverified/unpublished,to hide their functions. 
Case Of the Day: Exploiting FOMO
Binance posted an article introducing Notcoin (NOT) on the Binance Launchpool!.Scammers referenced the article and convinced users via a popular social media app, that they could purchase via Pancakeswap using their Binance Web3 wallets for a profit.Post launch we still see users getting scammed via fake tokens. Always Interacting with this contract resulted in users losing their hard earned funds to a scammer. 

TLDR: Beware sites claiming to offer low cost cross chain swaps. We recently received a report regarding “cremepieswap.site” but it's actually stealing user funds. 
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds. It works by calling a new deceptive function disperseEther.Fake Contract[Polygonscan]: 0xb0d3FFF0946990508a7Ca5A156324b1f3e2a3c3fKeep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
How this phish works:
The site claims to be a cross chain swap site and is similar in layout/pattern to other fake swap sites. Connecting your wallet to the website requires you to manually change the chain in your wallet first. Post this the site throws up a couple of toast notifications saying you can now swap.Swapping leads to a function disperseEther being called which leads to the wallet being drained. Reviewing the contract shows that it is an unverified contract. Always be wary of such contracts.#DYOR before transacting on any site.

TLDR: Beware sites claiming to offer airdrops of new tokens. We recently received a report regarding “connect-solanatokens-secure01c.com” claiming to offer airdrops but actually stealing user funds. 
Our Advice: Stay Away! It's a Phishing website aiming to deprive you of your funds via swap phishing.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #BTC #ETH #memecoin🚀🚀🚀
How this phish works:
The site claims to be an airdrop site offering tokens presale/airdrops. Connecting your wallet to the website leads to it calling a swapEthForExactTokens function.This works by using swap providers like SushiSwap to swap your selected wallet token to as many output tokens as possible, determined by the path before sending the final token to the scammer's address.  A twist to this method is the scammer can set up the structure to route funds to a brand new address each time a transaction is called.A swap like this where the final destination doesn't match the sender is risky. Always examine your transactions before confirming. 

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

TLDR: A new website “newunity.io”,”app.newunity.io” has been seeing a rise in interactions. 
Our Advice: Stay Away! It's a Fake Investment Scam aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #ETH #BSC #Memecoins #hashdit
Concerning Facts: 
They claim to be “A private crowdfunding community united for change powered by blockchain technology”They claim to be “Founded on the principles of transparency, security, and inclusivity”
Red Flags:
When joining you require a referral and have to pay a $40 contribution per entry.Post Joining they mention multiple ways to earn:Fast start Donation: $5 everytime your referral contributes an entry.Unilevel builds: .50$ upto 10 levels of your referrals.Global build: 1.25$ upto 10 levels.They claim that you can make $10k+ just from the unilevel build as each level has unlimited referrals options.They claim you can make 25k+ from the global build as it is a dual matrix build.  They claim that you can also earn an additional 25K+ from your referral's global build. They also have a 10% deduction to automatically contribute to new entries.This scheme is guaranteed to fail as soon as new members stop joining or existing members stop funding the scheme. 
This has all the hallmarks of a scam promising very high returns but never actually providing any. 

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

TLDR: A new website “panthers.live” or ”usdt.panthers.live” has been seeing a rise in interactions. 
Our Advice: Stay Away! It's a Fake Investment Scam aiming to deprive you of your funds.Keep your funds safe by protecting your wallet with the HashDit Chrome Extension!![https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
#TrendingTopic #ETH #BTC #PancakeSwap
Concerning Facts: They claim to be “the foremost networking platform globally”They also claim to provide “unparalleled security and efficiency for users worldwide”.The entire website is generic content about blockchains and cryptocurrency. 
Red Flags:
To join you are required to pay 10-80 USDT as a starter fee under their L1matrix.They claim that there is an automatic activation of levels and the next level’s cost is automatically deducted. The cost of the next level is double the previous level. Post Joining they mention multiple ways to earn:40% Direct sponsor bonus.55% Level Sponsor bonus2% Leadership CLub bonus 3% Royalty incomeThey also claim that you make both active and passive income. However all the above requires you to build at least a 10 level team. They also have an L2 Matrix that charges 10-164k USD to start. This follows the standard 2 referral downline pattern promising 20-50%This scheme is guaranteed to fail as soon as new members stop joining. 
This has all the hallmarks of a scam promising very high returns but never actually delivering any. 

Always #DYOR! Do not buy into projects that seem to promise unbelievable rewards!!

HashDit team has detected a trading/mining site “ertudite.com” engaged in a pig butchering scam. 

Our Advice: Stay Away! It’s definitely a scam!!! We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]

#TrendingTopic #BTC #ETH #Memecoins
Concerning Facts: 
The site claims that its “full range of products help you play with web3 encryption currency”The website name doesn't match its URL and was recently created. The reviews listed on the main page are all fake.They claim to be partners of Metamask/Trust Wallet and many other famous companies.They offer AI/Quantitative trading options to entice users into investing funds.
Red Flags:
If you interact with the contracts on their pages, it creates an off chain signature request[a permit request]. This signature can be used later to deprive you of your assets.The spender in this request is an Externally Owned Account.Spender: 0x4dac76e68e71250bb982b292ee30968575fbe4c9 [Etherscan]Reviewing the transaction history of the spender we can see a large number of permit calls authorizing the address to spend USDC.The trick used by the scammer here is that the scammer employs multiple wallets to send minor amounts of funds to the victims wallet simulating profits generated. This entices the victim to add/spend more funds leading to huge losses for them.The loss is only realized once large amounts have been spent in “trading” or more accurately, stolen by the scammer. 

E.g.: https://etherscan.io/tx/0xdfb311735c3855d8ba0b007d472f8c22b04731eddbe77cd2cb7aca13cd64481b0x4DaC76e68e71250bb982B292ee30968575fbE4C9 is authorized to spend 100 trillion USDC until the deadline of 2,625,150,269,000.

Some examples of the scammers supportive Wallets: 0x3d3ba959ae229b2a1992925c0c5e2309e51fc474,0x1eA195af7903D295Fa4F2Cc9dEA43424D5a24F17
Hashdit Warning:

Always #DYOR! FOMO can lead to rash and regrettable decisions!!!

HashDit team noticed a new fake sites aiming to phish users being sent in unofficial social media groups ”babycatwifhat-token.pages.dev”, “pinksale.pages.dev”, “app.computingsmartweb.com”. 
Our Advice: Stay Away! It’s a phishing scam!!! The unique angle here is that this was a two part scam:The main aim was to get users on to the pinksale phishing page, to drain their funds.If they had any issues they were to connect to the “computingsmartweb” site which would require them to then provide their 12/24 word passphrase, resulting in them losing their wallet. We suggest using our HashDit Chrome Extension to protect your wallet.[https://chromewebstore.google.com/detail/hashdit/coegijljhiejhdodjbnlglffjomlbgmi]
Actual Social Media Links:Website: babycatwifhat[.]memeTwitter/X: @babycatwifsolTelegram: @BabyCatWifSolUpdates to be Aware Of: Official Launch Is Set For Friday, April 12th, 5 PM UTC. 
#TrendingTopic #MemeCoinsSeason #Memecoins #SOL #Solana⁩
RED Flags: 
The social media group is an unofficial group.An admin pasted a Call to Action message with the fake project and fake Pinksale website, both having the “pages.dev” domain. The site “babycatwifhat-token.pages.dev” is a replica of the main site with none of its links working. The Pinksale replica page asks you to connect your wallet and clicking any of the buttons on the page turns them into “Claim” buttons. If you have low wallet balance, you will see the error message “No transaction fee”If you face any issues and attempt to rectify it via“app.computingsmartweb.com” you will be asked to enter your secret phrase, resulting in the loss of your wallet funds. 

Always #DYOR! FOMO can lead to rash and regrettable decisions!!!