Crypto Alert of the Week: Oyster Pearls and Exit Scams

Coinfirm’s AMLT Crypto Alert of the Week
Welcome to week 12 of the Crypto Alert of the Week series, dedicated to documenting interesting or high profile frauds/hacks etc that recently happened and have been reported into the AMLT Network and show how the AMLT Network can help track and prevent it in the future.
This week we cover one of the simplest, yet notorious frauds in the crypto space – exit scams. An exit scam revolves around tricking people into investing in your project and then using your reputation to get a hold of the invested assets. The next step in this space is usually faking a hack and/or government intervention that is supposed to explain the sudden disappearance of funds followed by the vanishing of the company’s and its employee’s sites and profiles. One of the most memorable examples of that in the crypto world would be the infamous Bitconnect ponzi scheme, which in January, this year, ran away with nearly $2.5 bln in customers Bitcoins, leaving their customers with worthless tokens.
On October 29th, one of the founders and project designers of the Oyster Protocol project, a person under the pseudonym “Bruno Block” used a trapdoor function in its smart contract in order to mint new tokens. After that, all of the fresh PRL tokens were transferred to KuCoin, a fairly popular, Singapore-registered cryptocurrency exchange, where they were sold for approximately $300,000


The smart contract breach was fairly easy to execute, as the attacker was also the same person, who designed it. Despite claims of passing several audits, the code still had a “Director Lock” function set to “false”, which means that one person with director permits is able to easily make changes. This vulnerability (pictured above) was intentionally left in place after Bruno insisted on it being essential. Unfortunately, it made it possible for him to change the line being responsible for token sales (pictured below).


The Oyster Pearl team, having seen what happened, has issued a statement, claiming that they are working on a solution to clone the token contract and issues a rollback. They’ve also provided the addresses used for the attack, which were immediately submitted to the AMLT Network. Unfortunately, the attacker being a pseudonymous party despite working so closely with this project has completely vanished, leaving little to no trail. The losses were approximated at nearly $0.5 million.
Whenever an attack like this occurs, anyone can report it through the AMLT panel or widget on The submitted data is then analyzed and processed by our team. Flagging actions like these help us fight malicious actors in the crypto space, as seen below on the Coinfirm AML Risk Report created for the Oyster Protocol contract breach address:


If you’re interested in partnering with Coinfirm or becoming an AMLT Network Member then contact us!

Thank you for your continued support and make sure to follow all of our latest updates on Coinfirm’s Twitter, Facebook, LinkedIn and AMLT Telegram Community.

The Coinfirm Team

subscribe to newsletter