Aurora Labs manager tells about crypto scam with OTC transactions
As part of the escrow transaction, the attackers tried to impersonate themselves as a trusted business partner of a company employee
08.08.2022 - 14:10
886
2 min
0
What’s new? Matt Henderson, head of product at Aurora Labs, the company that developed the Ethereum-compatible developer platform Aurora, has revealed details of an over-the-counter (OTC) transaction scam he almost fell victim to. Henderson said that on August 5 he was contacted on Telegram by a user under the pseudonym Olai asking to sell him AURORA tokens for USDC stablecoins. Henderson detailed the crypto scam scheme on his Twitter account.
Today I nearly got caught by a fascinating and devious crypto scam during an OTC transaction. Read on to learn what happened, so you can avoid it happening to you.👇— Matt Henderson (@dafacto) August 5, 2022
More details about the scheme. Henderson and Olai agreed to conduct the transaction through escrow, a common strategy in which a trusted, neutral third party holds both parties’ assets and releases them to the counterparties when payment terms are met. Henderson chose Aurora Labs’ head of security, Frank Braun, whom he named Steve, as the intermediary. Olai, in turn, created a Discord chat room where he also added his “business partner” under the pseudonym Gerard.
Henderson became suspicious when Steve shared a screenshot of him supposedly giving the go-ahead to release the full amount of AURORA tokens to the buyer. Henderson speculated that scammers copied his Discord profile and instructed Braun to release the balance of AURORA tokens to the scammers. Discord’s blocking feature prevented Henderson from seeing these messages.
After successfully avoiding the scam, Henderson warned anyone trading cryptocurrencies through OTC to be extremely careful not to fall victim to this “sophisticated scheme.”
In July, representatives of the US Federal Bureau of Investigation (FBI) warned crypto investors about a fraudulent investment strategy using liquidity mining. The scheme has already resulted in more than $70 million in combined losses.
Useful material?
Telegram 
Twitter Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Incidents
According to Blockaid, the attack may have been carried out by the same hacker behind the 1inch Fusion V1 exploit.
May 7, 2026
Incidents
The attacker gained administrative access and altered contracts to drain user funds
Apr 30, 2026
Cryptocurrency rates
-
Bitcoin
$63 304
BTC
-3.2%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.17
XRP
-2.41%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.08876
DOGE
-3.25%
-
Zcash
$522.94
ZEC
-12.82%
-
Stellar XLM
$0.208286
XLM
-2.87%
-
Cardano
$0.18507
ADA
-9.05%
-
Polkadot
$3.32
DOT
+5.27%