When investors saw Livecaster trending on Base this October, it looked like another promising memecoin breakout: slick website, active socials, rising market cap. But beneath the marketing gloss hid one of the newest and most common new types of scam, "siphon" or "drainer" tokens.
How the Livecaster Smart Contract Was Designed to Steal
The Livecaster (LIVECASTER) contract, deployed at 0x7dade1cad47583e7718ab64a7deb307ac990516a, looked like a normal token at first glance. But hidden in its code was a subtle and dangerous trap.
Instead of checking for user approval before moving tokens, as a standard token would, the contract was designed to secretly skip that step for one specific wallet.
This wallet, set by the scammer at launch, was given unlimited access to take tokens from any holder without permission.
In short:
- The scammer’s address became an all-powerful spender.
- The contract inserted confusing malicious code in the standard ERC-20 logic.
- Every other user saw “normal” behavior.
A perfect disguise, until the draining began.
How $690K Was Stolen in the Livecaster Scam
At its peak, Livecaster’s market cap hit $4.94 million on Uniswap v3. Then, in a series of 13 coordinated siphon transactions, the scammer used a custom facilitator contract they deployed
(0xab76135dab0db997b96e74e514408c876) to execute 225 token transfers affecting 224 unique victims.
In total:
- 757,037,445 tokens siphoned
- 173 ETH ($690,000) in estimated losses
- 9.28 ETH removed from the LP
The facilitator contract wasn’t just draining wallets, it was buying tokens to pump price momentum and trick listing sites into marking Livecaster as “trending.” Once visibility peaked, the attacker sold off everything, including the stolen funds.
The Digital Remains of Livecaster
Even after the rug, traces of Livecaster remain scattered across the web:
Like many scams on Base, the project’s shell remains, but the liquidity, trust, and user funds are long gone.
What We Learned from the Livecaster Token Scam
The Livecaster exploit shows how scammers can weaponize token logic to fool both users and automated tools. The contract looked normal to explorers, even passing standard honeypot tests, but the attacker manipulated one line of allowance logic to seize unlimited control.
This case is part of a broader surge Token Sniffer has tracked across Base:
- Over 100K scam tokens identified this quarter alone
- Many using obfuscation, encoded variables, and fake frontends
- A growing trend toward industrialized scams that scale code reuse
How Token Sniffer Detected the Livecaster Exploit
Token Sniffer’s detectors identified Livecaster’s malicious allowance bypass using code-level heuristics and transaction graph analysis, before most victims even realized they were compromised.
Detection modules flagged:
- Hidden allowance override
- Privileged address mapping
- Obfuscated logic via nested function calls
The takeaway: visibility doesn’t equal safety. As more exchanges and chains surface nearly every token, embedded detection must evolve faster than the scams themselves.
Key Takeaways
- Livecaster exploited ERC-20’s allowance logic to grant unlimited transfer rights to one wallet.
Over $690K in user funds were stolen through automated siphons. - Fake engagement boosted visibility before the rug.
- Token Sniffer caught the pattern, one of many under “Scammer X’s” growing portfolio.
Protect your users and your protocol with real-time token risk detection by requesting a demo of the Token Sniffer API.
