The NFT space has, yet again, been struck by disappointing news. On the dawn of the 9th of October, Lucky Star Currency fell by 99% within minutes. Later, Certik Alert’s page confirmed it was a $1 million rug pull executed by the deployer’s account.
Table of Contents
The scam unfolds
Lucky Star Currency (LSC), an astrology-themed NFT venture, is under the spotlight for all the wrong reasons. As per a recent report by the blockchain security heavyweight CertiK, on Oct. 9, LSC executed a significant exit scam, leaving stakeholders over a million dollars short.
It’s detailed that the project’s deployer account manipulated the “withdrawToken” function on the NFTMerge and AwardCenter contracts. This operation saw the exodus of more than a million dollars in LSC tokens. The swindle didn’t end there; these tokens found their way to PancakeSwap, got swapped for Binance USD (BUSD), and were subsequently transferred to a seemingly unrelated account.
Delving deeper into Lucky Star Currency exit
With claims of astrological foundations, Lucky Star Currency was establishing its presence within this digital assets niche.
Geared predominantly towards Chinese cryptocurrency enthusiasts, their marketing campaigns had a substantial presence on platforms like X (Twitter) under the username AstrAstrol75591 and a dedicated Telegram channel. However, as of the latest update on Oct. 9, their official website and user interfaces have mysteriously gone dark.
Before this alleged scam, the Chinese media platforms, Toutiao and Zhihu, were rife with promotional content for Lucky Star Currency. Adding more layers to this convoluted incident, BNB Smart Chain address 0x9Ef72Ee68a7c841986A0C60e0FDbAE4e27446Deb initiated the removal of over 1.6 million LSC from Lucky Star Currency’s AwardCenter contract. This was closely followed by another staggering withdrawal of 1.4 million LSC from the project’s NFTMerge contract.
Connecting the dots and the red flags
Post these massive withdrawals, the tokens were promptly exchanged for over a million dollars in BUSD through PancakeSwap.
An intriguing detail emerged, pointing out that the recipient address had been amassing BUSD from multiple sources for a recent span of 82 days, suggesting potential involvement in more than just this particular scam.
The evidence is mounting. CertiK confirms that the drained contracts had been previously flagged on Telegram as the project’s authentic contracts. Further forensic analysis unveils that the account orchestrating this heist was indeed the deployer for the AwardCenter contract. The plot thickens, with recent reports stating that the promoting company behind LSC reportedly had a physical office presence in Shenzhen City, China.
A growing concern regarding Chinese brands
Chinese projects in the Web3 domain seem to be inadvertently becoming synonymous with rug pulls. Given the strict regulations in China, operating a centralized cryptocurrency exchange is a strict no-go. Hence, unsuspecting users venturing into Chinese projects with centralized components often find themselves in treacherous waters, with threats of fund seizures by the police.
This, however, isn’t an isolated incident. Just this past July, the Chinese-rooted Multichain protocol led to a staggering loss of over $100 million, funneling all its user funds into a malicious account. While the CEO’s arrest claims are rife, the victims remain in limbo, grappling for answers and potential reimbursements.
In the always-active NFT & cryptocurrency spaces, such episodes underscore the importance of diligence and security. Whether Lucky Star Currency’s narrative is an aberration or a sign of things to come remains to be seen.