This post is a continuation of this one: Itheum – KYC issues. If it doesn’t make too much sense please read that one first.
Soon after the initial post, Elrond Team took a stand and started to ban accounts from the Itheum Lottery. As you may see the wallet used as an example in the previews post started to move egld around, unstacking and moving back to Binance. Check this child wallet used in this financial scheme. The destination wallet used just before moving from Binance is:
The problem is that a few(many) “slipped through the cracks”. Now how many are few and how many of those few will actually get Itheum from this Lottery is something to be determined.
For instance, this address: erd10styt6akp2w6uxk7kthvvr82av06gantv32d7gw0d36d6frr48qsulpdyy got both: some of its accounts had to get the money back while other of its accounts got some tickets.
We also have a user that didn’t even bother to use other accounts, used his own Maiar account, and got lots of tickets. His approach was to get several accounts to Tier3, so many tickets for this user…all went through.
I won’t bother creating lists with all that abused the system, this is a blockchain and all is visible; you just need to look at the OSINT tools that we have available for auditing it. That could be an explorer and besides the official one, a very good tool is the ElrondScan explorer providing visibility even for the average user. For sure if you want to create a deeper investigation other tools will be needed: scripts, bots, and so on.
The system was abused in different ways that I’ve explained previously and attackers got from several secondary accounts up to a few hundred while targeting Tier5, Tier4, Tier3 and even Tier2 eligibility.
Are these attacks 100% preventable? Well, the direct answer is NO. But the risk of abuse can be mitigated and the damage done can be minimalized. From my point of view, 95% of the abuses done in this lottery could have been prevented since they were done via accounts with small Nonce. For instance, check the Nonce of this account (but I assure you that 95% of the abusers had the same approach): nonce 5. Some of them had nonce 3 or 4 while other had 6 or 7 at the time the ticket was bought but pretty much that was it.
The main question remains for future analysis: How many of these abusers will win this lottery? If you are asking about the number of tickets that got bought illegally ( I use this word because they are breaching the terms of conditions of Itheum IDO) well my estimate is somewhere between 22-27%. Hopefully, the Elrond Team will mitigate this huge number, and the number of lottery winners that abused the system will be lower.
A follow-up post will be done in the days to come. Please subscribe below if you want to know how many abusers won in this lottery.
As a preview for the next article I leave you this link to feast your eyes:
75.000 Itheum – 15 tickets won