On March 23, on-chain investigator ZachXBT revealed a coordinated network of accounts on the X platform leveraging fear-driven content related to war and crises to attract traffic and funnel users into crypto scams. This model combines social media amplification with on-chain financial exploitation, forming a highly sophisticated fraud pipeline.
AI-Driven Traffic Manipulation
The investigation found that the network purchases established accounts with existing followers and posts sensational “doomsday” content to gain attention. Multiple secondary accounts amplify the content through coordinated reposting, generating millions of views.
Attackers also use AI-generated personas to enhance credibility, including fake industry influencers. Once traffic is secured, these accounts promote fraudulent airdrops and crypto schemes, such as pump-and-dump projects like ORAMAMA.
On-Chain Fund Flow Patterns
On-chain analysis shows that the network has generated six-figure profits, distributing funds across multiple addresses to evade detection. Meanwhile, legitimate high-profile accounts often unintentionally amplify the content through engagement, increasing the scam’s reach and effectiveness.
How KYT Detects Such Threats
To address this evolving threat model, Trustformer KYT provides real-time monitoring of on-chain transactions, identifying abnormal fund flows and linked high-risk addresses. Through behavioral analysis and risk scoring, it enables early detection of suspicious activity and helps mitigate potential financial losses.
A New Era of Crypto Security Challenges
ZachXBT warns that the combination of AI content, traffic manipulation, and crypto fraud is highly scalable and could evolve into broader tools for information manipulation. In this environment, adopting advanced solutions like Trustformer KYT, along with user vigilance, is essential to counter emerging risks.