The Altman vs Musk conflict is generating headlines. On Ethereum, it is generating honeypots.
This is a pattern we have documented repeatedly: within hours of any name trending in crypto — a celebrity, a project, a geopolitical event — scam deployers spin up tokens using that name or ticker and list them on Uniswap. Buyers searching for the “official” token get drained instead.
Here is what our database of 69,000+ analyzed Ethereum contracts shows for AI and tech-adjacent tickers right now.
The numbers
| Ticker | Total contracts | Scams (score 70+) | Scam rate |
|---|---|---|---|
| $xAI | 2 | 2 | 100% |
| $SAM | 40 | 16 | 40% |
| $AGI | 31 | 13 | 42% |
| $MUSK | 31 | 13 | 42% |
| $ELON | 114 | 23 | 20% |
| $GPT | 12 | 2 | 17% |
| $Grok | 5 | 1 | 20% |
| $ALTMAN | 6 | 1 | 17% |
Every single $xAI contract in our dataset is a confirmed scam. $SAM, $AGI, and $MUSK all cluster around the 40% mark — meaning nearly half of every token using these tickers is a honeypot designed to steal your ETH.
The confusion play: tokens named “Grok 5” with ticker $AGI
The most cynical pattern in our data: scammers deliberately cross names and tickers to maximize confusion.
Three contracts in our database use the name “Grok 5” with the ticker $AGI. All three score 100/100 on our risk model. Their flags:
honeypot+sell_failed+buy_failed— you can buy but never sellhidden_owner— a secret address controls the contractcreator_holds_all_lp— the deployer holds all liquidity, can rug instantlyscam_factory_name— deployed from a factory known to produce scamsmulti_flag_confirmed_scam— multiple independent signals all confirming fraud
A buyer searching for “AGI token” or “Grok token” hits one of these. The name “Grok 5” evokes Elon Musk’s AI. The ticker $AGI evokes artificial general intelligence hype. Neither has anything to do with each other — the combination is pure social engineering.
Similarly, a contract called “X AI Mascot” uses the $Grok ticker and scores 88/100, with honeypot, buy_failed, and creator_holds_all_lp flags.
Why this happens every time
The mechanics are straightforward:
- A name starts trending (Altman fired, Musk launches something, a token pumps)
- Scam factory operators — who have pre-built honeypot bytecode templates — deploy a new token in minutes
- They pick a name and ticker that matches current search terms
- They add a few ETH of liquidity on Uniswap
- Buyers searching DEX aggregators or Telegram groups find the token
- Buyers can purchase but not sell — liquidity gets pulled within hours
The whole cycle from deployment to rug can take less than 24 hours. By the time anyone notices, the deployer wallet has already forwarded proceeds to a mixer.
What the flags mean
For the worst contracts in this dataset, the flag combination is consistent:
| Flag | What it means |
|---|---|
honeypot | Sell transactions fail for all wallets except deployer |
hidden_owner | Contract has an undisclosed owner with drain privileges |
creator_holds_all_lp | All liquidity is held by deployer — instant rug possible |
scam_factory_name | Deployed from a known scam factory address |
multi_flag_confirmed_scam | 3+ independent signals all flagging the same contract |
A single one of these is a red flag. All five together is a guaranteed rug.
How to check before you buy
- Get the contract address — not the name, not the ticker
- Paste it into app.rektradar.io
- If you see
honeypot,hidden_owner, orscam_factory_name— walk away - Check the deployer: has the same wallet deployed other flagged contracts before?
The drama will fade in a few days. The scam tokens will stay on-chain forever. The only way to avoid them is to check the contract before the buy, not after.
All tickers mentioned in this article are searchable at app.rektradar.io/scam/AGI, /scam/SAM, /scam/MUSK, and /scam/xAI.