Right as the weekend was about to start, crypto Twitter sounded the alarm on a possible rugpull scam on Aptos.
A relatively new blockchain environment touted as a “Solana-killer,” Aptos is Layer-1, PoS blockchain built by two former devs from the Diem Group, Mo Shaikh and Avery Chang. The pair reportedly worked on developing Libra/Diem, Meta’s now-defunct stablecoin project.
Although Diem was halted due to regulatory pressure – who worried that allowing Meta to create its own currency could cause monopoly issues – the two devs allegedly saw potential in the tech they’d worked on and opted to continue the project by themselves, ultimately creating Aptos.
In a Twitter post by D3gens.apt, a fan page for the Aptos community, the alarm was sounded about a potential drain of 1.5 million APT tokens by AptosChimps, another NFT project looking to capitalize on both the popularity of Bored Apes and the hype factor of a new blockchain.
The project allegedly promises free mints, with only the gas fees necessary for the mint to be paid. However, D3gens reported that the wallet connected to the AptosChimps project was reportedly being drained to the tune of $12 million. A follow-up video cautioning users against interacting with the project was also posted to YouTube several hours later, although it is unclear if the two are connected.
The video explains the transaction chain that allegedly got the alarm bells ringing. It also shows the Aptos Chimp wallet that receives the gas fees for the free mint sending a big chunk of the funds to another wallet with constant transactions, believed to possibly be an exchange wallet.
Although the original tweet claimed 1.5 million APT – Aptos’s native token – were drained from the wallet, for a total of about $12.6 million, a follow-up update corrected the mistake, stating that, in fact, only about 4-5k APT were siphoned.
This amount only adds up to several tens of thousands – which could be explained as necessary to cover operational costs, to build collateral to ensure the safety of the project, or for other perfectly legitimate reasons.
Nevertheless, the event serves as a reminder to the blockchain community at large to be on the lookout for fishy projects. If large, verified projects like Harmony, Phantom, and others can become the victims of bad actors, so can over-eager investors.