ultrax-dex.md

Fake UltraX Dex Job Scam

Amount Stolen:: $110,000

December 5th, 2024

Tags:: Contagious Interview

---

Report 1

Date:: December 2nd, 2024 – December 30th, 2024

Amount Stolen:: ~$100k from numerous victims

0x505b8abf47bbc62d4f51d67ce8dcd0e20d26d43a

Sends to:

• 0x9c621006792af6782c9905e1a9d6b9dec30babba Cryptomus
• 0x1f8eb4bd7fcfc53861a18793f0164869e0681400 Revolut
• 0x67fad582dc94e33dcca41c94dc48a31aa777bda9 Binance
• 0xb8b1878c8d7a31a8433df6f75e301f007725323c Binance
• 0xa8a50d3806603b0773dce4c182aecdeab7d4593a Binance
• 0x1e655a668cd4a12f1621b7eb42f17e7f93419827 Binance
• 0x70e0750804ea42f446fd7462bf97c3865d7327f7 Binance
• 0xa0bb1ebf52a9307f30509d3b385754c33b7f2e26 Defiway
• 0x5c275eddaa05c25f8ab3d55cf78fdc168056e352
• 0x8f807a91d4fe0bb6cfea2852db6c9685eaa94b6e
• 0x7a309002cb34d5728bd720db05dc7f3b03f1272b
• 0x75174eaad5cc8e5d4a7da88b6841df23dfda66e9
• 0xa63524d7d1a02d4a6533f99718f95281f1ca91a0
• 0xbc9d2a735faf640633150cd6d0f173376accbd80
• 0xee475eb557c5b93105c0cbe2f4aceff7120bbb5c
• 0x5b47454432df81d7a1e6c0741dedc317340493ed
• 0x8c1a65142f4c85738d6ea059785e65b98a0c3f9f
• 0x5e899d7657f1f9997959001264129d8c303b4aff
• 0xbd01437c61a535145e8caf6e1688363df11ca7f2
• 0x69afb48beb57114cbbf5395200b0bb3fa29f548c
• 0x15490e5051d68e283860e2d2c0cb704fe35ee7a3
• 0x8221632e90495c7cd8f49ba9729331ddf4fc969e
• 0x6a8e4fcd7aff6b056035b35e525e0791fe0199e3
• 0xc36574752cda8ed5a57427c2b7ffa7bcde0dc80c
• 0x276ade3885cd2a1db9bb985ca07fa5f84d5ea654
• 0xf350b42041b1655f089ae08c6bab2cffa4292969
• 0xea1b50d3b19aa218a39ba746da24b2f1064a879a

Receives From:

• 0xd2d958efb1b96d66dbd5c7bcc31ab9f7fbd95f0a
• 0x221811183cf321c5e8ab4c9e98f9095714179022
• 0x36655d05330891391860b036c5a3525f49efb952
• 0xfc65cf14ab70c33fd21f6bb721358da72c321904
• 0xbc7213b40940ff2c30fb499520a18be6ba756f44
• 0x23ac323529a364510794630d0c8dfed1b3607bb8
• 0x2a188fa6d9ed74641ec16388a02097ddac4da092
• 0x1c9ff39402b15e9a7c67ffd1a260d04d852f5dfe
• 0xd3a2adcf8f3c3522e236a49492d22658f41b92cd
• 0x71899d1f162029bac67783d1b255289bc30bc0e4
• 0x7134e619548e01646f5406b4305bc8622c5433b4
• 0x5a95784651b04b44bf83bdd324a9b989ed37da48
• 0x4811a62a88ad55add8c762dec1482faa16860d00
• 0xb36d8da096042b02511b9f830d0d11bbf37b7905
• 0xa641a0e63247cd89fd0153e203ab4d633db679bf
• 0x6e319082c8d8a346d10fcf6a9848f75aa59a9c02
• 0xa3ff06d54fccd788c8fe88a5d75bf899b18de34a
• 0x51a3c407f130163b28b762513864e596a1de1bd9
• 0x437dba92b40830781435c8588532ff6e76ea285e
• 0xae44c7afd11a6a03686888d2bae0d8369b07319b
• 0xb0c85c65ab65e37640eff870c502f2e65caae3a0
• 0x23e672c1c78ef287ccda428608eed7d7573953c8
• 0xa84c104aa0d2d0940b9c480bc8fb6164405113d2
• 0x777ebff54f951d298b80f135bee70d149cb1afcc
• 0xde93b04929c6a38620aaccb82643222f337d2c59
• 0x8283ac36fa5de9c987424474af226bfbb985c666
• 0xd59538f1e21ef8ccc8e88f6bea9401b46a2c90eb
• 0x77e4c3276422c1eaba955408448bcbefc809d95c
• 0x11decac1a09f38ad6822423abef46a72df156e7d
• 0x4c58c26ca6ca3f3f3acb6388ed54db3d70808178
• 0x0848267162c10a1a9f100a4cad44db6daf43c4c9
• 0xd886789998a8a03b5acbf0c86816de77ef1f2661
• 0x62e0166a9e0605ea8fca618f08982ddbf6cf906a
• 0xc54eb4ee194c60520da558b54c659593f3b05ff5
• 0xbfd5922618717c9ca846d2e63f71262fa7100789
• 0xb2633de13370d628e7dff1aba2ae07317f350ecc
• 0x55d398326f99059ff775485246999027b3197955
• 0x833589fcd6edb6e08f4c7c32d4f71b54bda02913

https://www.chainabuse.com/report/dca4bb04-3e13-4460-b609-5cecaf7ba87d?context=search-address&a=0x505b8abf47bbc62d4f51d67ce8dcd0e20d26d43a&chain=ETH

A person named Alia Milano contacted me on LinkedIn, claiming to be a recruiter seeking a developer for a project called UltraX Dex. She shared a task list for the role, and after I confirmed that the tasks were manageable, she invited me to review the project and schedule a meeting with the tech lead, Silas Monteiro.

Interview Process

Milano invited me to review the project code on GitHub for UltraX-Dex. During the interview, the tech lead requested that I clone and run the project, suggest optimizations, and provide feedback on the task list. Due to difficulties in running the project, the tech lead suggested a 20-minute break to consult with his team. Upon resuming the call, he shared a link to a proof of concept and asked me to navigate through it and provide suggestions for improvement.

Suspicious Activity

While interacting with the proof of concept, I noticed something unusual: my MetaMask wallet was unlocked without my authorization. Upon checking, I discovered that my entire wallet had been emptied, resulting in a theft of 13,750 USDC (approximately 13,060 Euros). I have reported this theft to the wallet provider.

Aftermath

Immediately after the interview, both the recruiter and tech lead blocked me on all communication channels, preventing any further contact. A police complaint has been filed in Amsterdam, Netherlands, with an appointment scheduled for December 13, 2024, to submit all evidence related to this incident.

Key Information

• Recruiter: Alia Milano (https://au.linkedin.com/comm/in/alia-milano-a08722145)

• Project Website: UltraX Dex (https://ultrax.io)

• Project Task List: Detailed requirements for the role (https://twentyfour7dev.notion.site/January-March-2025-Tasks-15-weeks-46804901fc5e4d108ded8cf91734f2ad)

• Assignee Task List: Assigned to jacobgb334@gmail.com

• GitHub Invitation: Invitation to review the project code

• Interview Scheduling Link: Link to schedule a meeting with the tech lead (https://calendly.com/tf7)

• Tech Lead: Silas Monteiro (https://www.linkedin.com/in/silas-monteiro-b89088316) (Email: cyrrus.dev007@gmail.com)

• Project GitHub Page: Repository for the UltraX Dex codebase (https://github.com/DoNotCare745/UltraX-DEX)

• Project Demo Page: Live demonstration of the project (https://demo-ultrax.vercel.app/)

• Ethereum Wallet Tracker: Tool to track wallet activity (https://etherscan.io/address/0x221811183cF321c5E8AB4C9E98f9095714179022)

• Metamask State Logs: Logs related to wallet activity

• LinkedIn Conversation: Communication history with the recruiter

• Police Appointment: Scheduled meeting to submit evidence regarding the theft

Evidence collected so far: https://drive.google.com/file/d/1GY7NaFT5w37oyI_XvhTJQ-79-vucGneL/view?usp=sharing

https://demo-ultrax.vercel.app

https://ultrax.io

Report 2

Date:: December 16th, 2023

Amount Stolen:: $9,582

0x8Bff7C3576B4E6f8738320D4cd7589Ca3419AC9F

Receives from:

• 0x7f352c3f42e68892acfc0bdd91b92803fee346e6 - Victim
• 0xdb720ff01c348f9be3679c40f49f5bf1c7d3d30a - Other Theft?

Sends to;

• 0x6a8e4fcd7aff6b056035b35e525e0791fe0199e3
• 0x3b97c100672a61a8d15bdab4d7304834a579e4ea

https://www.chainabuse.com/report/d262626f-6dc8-4ff5-b9ab-b26e68fa50e6?context=search-address&a=0x8bff7c3576b4e6f8738320d4cd7589ca3419ac9f&chain=ETH

I work at web3 and recently got laid off. I was looking for a job and I was approached from a person from Linked In.

We decided to have a interview and during the interview, CTO was trying to demo his dApp which required a wallet connect. I used my metamask brainlessly and suddenly he was dropped from the call (google hangout) and did not come back.

I just thought he had bad connection and tried to reach via Linked In but account became in-activate. (Even until this point, I wasn't sure what is going on)

When I check my Metamask wallet, that's when I realise my assets were all gone

https://demo-ultrax.vercel.app/#/trade