AI-powered MEV bots: the scam that exploits the ChatGPT buzz

Blockchain security continues to uncover new variants of an already established scam: cybercriminals have dusted off old trading bot scams and reincarnated them with a modern veneer—artificial intelligence. According to security firm SlowMist, a growing wave of users is falling victim to these repurposed MEV bots, which promise astronomical profits through arbitrage strategies on the Ethereum blockchain. What makes this evolution particularly insidious is how scammers have exploited the hype around ChatGPT and AI to make their schemes more convincing and harder to detect.

The Reinvention Mechanism: From “Uniswap Arbitrage” to “ChatGPT Arbitrage”

The scammers’ strategy is as simple as it is effective. In the past, fake MEV bots were advertised as “Uniswap Arbitrage MEV Bot,” attracting experienced traders familiar with the Uniswap protocol and MEV extraction mechanisms. However, realizing this approach was losing effectiveness, scammers decided to adapt to the current trend: artificial intelligence. The new MEV bots were renamed “ChatGPT Arbitrage MEV Bot,” a move that completely changes the perception of the average user.

“By labeling their scam as ChatGPT, they manage to gain the trust of a broader audience and appear much more credible than before,” explains SlowMist in its security report. The scammers claim to have used OpenAI’s ChatGPT to generate the underlying code of the bot, a narrative that helps dispel users’ suspicions about potential vulnerabilities or malicious features in the code itself. For many inexperienced traders, the idea that a bot was “generated by ChatGPT” sounds safer and more professionally built than it actually is.

How the Scam Works: From MetaMask Wallet to Theft via Smart Contract

The scam process follows a tried-and-true, dangerously effective script. Scammers lure users with promises of significant gains, claiming that the MEV bot automatically monitors new token launches and price fluctuations on Ethereum to identify profitable arbitrage opportunities. The proposal seems irresistible: intelligent software working 24/7 to make money for you.

Victims are then guided through a series of seemingly harmless steps. First, they must create a MetaMask wallet if they don’t already have one. Next, they are provided with a link directing them to Remix, a legitimate open-source platform for developing and deploying smart contracts. Here, the fraudulent code of the MEV bot is presented as if it were a legitimate product ready to be copied and deployed on the network.

Once the “bot” is “activated” on the blockchain, victims are told they need to fund the smart contract to start generating profits. The scammers promise that the more ETH they deposit, the higher their arbitrage gains will be. This is where the real theft occurs. When the user clicks the “start” button to begin operations, the deposited ETH vanishes instantly, drained directly into the criminal’s wallet via a backdoor embedded in the smart contract itself. The stolen funds are then quickly transferred to cryptocurrency exchanges or sent to temporary wallets to obscure the trail of the theft.

Scam Numbers: Thousands of Victims, Millions in Losses

SlowMist has identified at least three blockchain addresses used by this network of scammers to carry out their fraudulent operations, and the numbers are alarming. One address has stolen 30 Ether (ETH)—worth over $78,000—from more than 100 victims since August of this year. Two additional addresses each stole 20 ETH, equivalent to over $52,000, from a total of 93 victims.

What emerges from the data is a deliberate strategy by the criminals: they operate with a “broad network approach,” stealing relatively small amounts from many different victims. This tactic is far from random. SlowMist notes that because individual losses remain contained, most victims lack the time or resources to pursue legal action or recover their funds. The effort and costs to seek justice often outweigh the actual amount stolen, creating a perverse incentive to remain inactive. As a result, scammers can continue their operations virtually undisturbed, simply rebranding their scheme with a new name when old variants lose effectiveness.

Where the Scams Live: The Role of YouTube and Social Media

The proliferation of these fraudulent MEV bots is fueled by massive promotion through videos on YouTube and other platforms. Criminals leverage the virality of social media to reach a global audience of traders seeking quick, automated solutions to their financial problems.

However, many of these scam videos can be recognized if you know what to look for. SlowMist points out several warning signs that should trigger immediate alarm. Non-synchronized video and audio are common indicators—scammers often recycle material from other sources, resulting in noticeable audio-video mismatches. Also, an unusually high number of praise and thank-you comments in the initial messages of a thread, followed by later updates where users expose the scam, clearly signal organized fraud.

Recognizing these patterns is crucial because each promotional video represents a potential wave of new victims ready to fall for the MEV bot scams. Being vigilant against signs of fraud is not only a matter of personal caution but also a collective effort to protect the entire cryptocurrency ecosystem from criminals who exploit technical complexity and media buzz to enrich themselves illegally.