Skip to main content
Sign in
Vkevin1 decision on this page

Audit log

Every state-changing event for Vkevin: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-19 01:06:44Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 420,667,265
    sig
    442aXRbkmbrP…UbHBDVCLexplorer ↗
    hash
    Bx8i9Jgweok7…GbWmpYprsha256 → base58
    verifying row…full verify ↗
    canonical bytes (2265 B) ▸
    {"actor":"system:backfill","investigation_id":"cbeba182-ab12-4020-8008-d4ff96d07eaa","kind":"publish","page_slug":"vkevin","published_at":"2026-05-19T01:06:44.268Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Vkevin","sections":[{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]}],"sources_used":[],"summary":"Vkevin is a pseudonymous threat actor known for operating fake Safeguard Telegram bot phishing campaigns that have allegedly drained seven figures from victims' cryptocurrency wallets. On January 23, 2025, blockchain investigator ZachXBT published a 31-minute video exposing Vkevin in the act of running these scams from what was described as a New York school, and confirmed the individual had been doxxed. Vkevin is additionally alleged to have conducted a 2022 Discord attack against DigikongNFT using a spoofed MEE6 bot, resulting in over $300,000 in NFT losses.","timeline":[{"date":"2022-08-14","event":"Vkevin allegedly attacks DigikongNFT's Discord server using a fake MEE6 bot webhook, exfiltrating Discord authentication tokens via a bookmarklet phishing site at mee6.ca/verify. NFT holders lose over $300,000.","source":"","source_url":"https://cryptonews.net/news/security/30413765/"},{"date":"2025-01-23","event":"ZachXBT publishes a 31-minute video on X secretly recording Vkevin running fake Safeguard Telegram bot phishing operations across multiple Telegram channels, with seven figures in victim losses alleged. ZachXBT confirms Vkevin has been doxxed.","source":"","source_url":"https://cryptorank.io/news/feed/733e8-zachxbt-fake-safeguard-telegram-bot-scammer"},{"date":"2025-01-23","event":"Multiple crypto media outlets including Cryptopolitan, CryptoNews.net, and blockchain.news report on ZachXBT's exposure of Vkevin. Leviathan News characterizes losses as 'draining millions via Telegram.'","source":"","source_url":"https://x.com/leviathan_news/status/1882374359869763974"}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision eee93d27-a766-457e-96ad-91db33f04e4f
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.