Dingo crypto token flagged as scam over 99% transaction fee backdoor

Published at: Feb. 6, 2023

The research arm of cybersecurity software firm Check Point has flagged the Dingo Token (DINGO) as a “potential scam” after reportedly discovering a smart contract function that has been used to manipulate transaction fees.

In a Feb. 3 blog post, Check Point Research (CPR) said it looked into the code behind the Dingo Smart Contract, discovering a backdoor function "setTaxFeePercent," which can change the contract's buy and sell fee up to 99%.

This is despite the project’s whitepaper stating that there is only a 10% fee per transaction.

According to CPR, this essentially allows the project’s owner to withdraw up to 99% of the transaction amount whenever a user buys or sells the token.

In one case the cyber security software firm observed a user who spent $26.89 to purchase 427 million Dingo Tokens but instead received 4.27 million, or $0.27 worth of Dingo Tokens.

The firm said it decided to investigate the Dingo Token project after seeing the token rise 8,400% this year, and found at least 47 instances of the function being used to allegedly scam token investors.

"We all know that 2022 was a hard year in the crypto market. However, when we saw a token raised by 8400% this year, we had to investigate the project and understand what was unique about it. We examined the Dingo Smart Contract and quickly found it seemed like a scam,” it wrote.

The firm also pointed to the Dingo Tokens website, noting that it has "no real information about the owners of the projects," other than a four-page whitepaper.

"If you've incorporated crypto into your investment portfolio or are interested in investing in crypto in the future, you should make sure to only use known exchanges and buy from a known token with several transactions behind it," wrote the research firm.

As of writing, Dingo Token is ranked 298 on CoinMarketCap with a live market cap of $82,555,168.

Related: Sneaky fake Google Translate app installs crypto miner on 112,000 PCs

Cointelegraph reached out to the creators of Dingo Token for a response to the allegations but has yet to receive a reply before publication.

Users of Twitter and CoinMarketCap have also recently reported issues with the Dingo Token. Crypto trader IncredibleJoker said they could not sell their holdings in a Feb. 3 post.

@DingoToken when can I sell your scam coin?? My shit is worth $26,000 and I can’t sell any of them!!!!!!!!!!!

— IncredibleJoker (@IncredibleJ0ker) February 5, 2023

Dingo Token responded to the user's Twitter post, asking the user to message them privately, but no further updates have been made public.

While on CoinMarketCap, user mraff1579 appeared to reference the backdoor function raised by CPR.

"Wow dont lislisten to send to new wallet they took 30 billion coins and only received 300 mil because of fraudulent tax wow ppieces of Shit. . I was going to send to deployed for coin but got screwed , pretty sure anything you do will result in lost of 99%," the post said.

Tags
Blockchain
Business
Cryptocurrencies
Tokens
Cybercrime
Cybersecurity
Scams
Related Posts
‘No more rug pulls’: Project eliminates human involvement from token distributions
“A Polkadot project with a difference” says it is restoring trust and simplicity to complex token ecosystems and eliminating the centralized distribution models that can render the power of blockchain technology useless. Polkalokr offers a multi-chain token escrow platform that can be integrated into existing DeFi protocols, ensuring that network participants have full control over how tokens are distributed and treasuries are managed. The project’s goal is to remove human reliance and bring trust to token economies through governance-as-a-service — all while delivering security, scalability and a user-friendly experience. Explaining why Polkalokr is needed, the developers behind this initiative said: …
Technology / April 6, 2021
Comedian Stephen Colbert spoofs 'Colbert Coin' in response to rise in crypto scams
Stephen Colbert, the charismatic host of CBS’ The Late Show, is once again associating many cryptocurrencies with scams — but doing so by parodying the vernacular of a seasoned HODLer. In a Wednesday segment on members of Generation Z falling for scams inside and outside of the crypto space, Colbert referenced the rug pull behind a token inspired by Netflix’s show Squid Game, in which thousands of investors lost more than $3 million. Together with “certified young person” and staff writer Eliana Kwartler, Colbert debuted an “amazing investment opportunity” designed to obtain people’s credit card numbers, first pet names, and …
Business / Jan. 6, 2022
Sneaky fake Google Translate app installs crypto miner on 112,000 PCs
Crypto mining malware has been sneakily invading hundreds of thousands of computers around the world since 2019, often masquerading as legitimate programs, such as Google Translate, new research has found. In an Aug. 29 report by Check Point Research (CPR), a research team for American-Israeli cybersecurity provider, Check Point Software Technologies, the malware has been flying under the radar for years, thanks partly to its insidious design which delays instaling the crypto mining malware for weeks after the initial software download. .@_CPResearch_ detected a #crypto miner #malware campaign, which potentially infected thousands of machines worldwide. Dubbed ‘Nitrokod,” the attack was …
Blockchain / Sept. 1, 2022
5 sneaky tricks crypto phishing scammers used last year: SlowMist
Blockchain security firm SlowMist has highlighted five common phishing techniques crypto scammers used on victims in 2022, including malicious browser bookmarks, phony sales orders and trojan malware spread on messaging app Discord. It comes after the security firm recorded a total of 303 blockchain security incidents in the year, with 31.6% of these incidents caused by phishing, rug pull or other scams, according to a Jan. 9 SlowMist blockchain security report. Malicious browser bookmarks One of the phishing strategies makes use of bookmark managers, a feature in most modern browsers. SlowMist said scammers have been exploiting these to ultimately gain …
Blockchain / Jan. 10, 2023
BingChatGPT 'pump & dump' tokens emerging by the dozens: Peckshield
Blockchain security firm Peckshield has raised the alarm after finding dozens of tokens purporting to be related to artificial intelligence (AI) powered chatbot ChatGPT. In a Feb. 20 post, the firm revealed at least three "BingChatGPT" tokens appear to be part of honeypot schemes — a smart contract that tricks a user into sending Ethereum (ETH), which the attacker then traps and retrieves. According to Peckshield, at least two of the tokens identified have already lost nearly 100% of their value, while a third is at a 65% loss — in what is often referred to as a “pump and …
Blockchain / Feb. 21, 2023