Discord server of Mento Lab used for scamming

Blessings. Last friday, I had a very sad experience with the discord server of Mento Labs.

  1. On 30 May 2025, around 4:00PM EST I saw a campaing about Mento airdrop that was requiring roles in the discord server. It required interacting with a ticket that had some instructions to gain roles (I cannot see that ticket anymore). I followed the instructions, gained roles and I gain access to channels that I didnt see before (like #scholars-chat):

  2. In a channel #shill-mento I saw a message written by “Mento Bot”, with a link to gain more roles:

  3. The link directed to Mento Labs that that happened to be a second (fake) Mento Labs Discord server.
    In the following picture that I did that day is white, while the official is purple (I recreated the problem that friday and made the following screenshots).

  1. I didn’t realize fully in that moment, I went to the verified channe of the fake Mento Labs that required using a fake website and connect to a wallet:



  2. Interacting with that fake website it requested some approvals and signatures that I gave fast thinking it was a usual initial verification of my wallet, but after some of them it requested transfering the funds of my wallet and I realized it was a scam website, and made this screenshot:

  3. I though everything was ok, because I didn’t transfer funds, and anyway later, around 6:00PM, thinking in reporting I repeated the steps, made the screenshots and posted them to the General channel of the Mento Labs Discord server.

  4. I couldn´t pay much attention to my accounts yesterday, today in the morning when I went to check my funds in the positions I had in Uniswap (of around US$8900) and I couldn’t find them. I wrote to the support team of Uniswap and began checking my wallet history. Later they told me that my positions were transferred to the address https://celoscan.io/address/0xac822b956a41cd0959fc8cdc7262a34b54048df6 with this transaction CELO Transaction Hash: 0xa67207c2b1... | CeloScan

  5. Going to the discord server of Mento Labs I found that my report had been deleted from the General chat, and that someone was requesting me to create a ticket and report there. That message is still there: Discord

  6. I found that the link in the #shill-mento channel was still there directing to the fake mento labs discord. I made two videos repeating the procedure I did on friday (hoping they will not be deleted from the Celo - Offcial Telegram group):

  1. Since it was weird that my posts were deleted from the General channel but the scamming link stayed in it, I preferred not to use discord to report this, but I wen to Telegram and asked contact of someone in Mento Labs in the group Telegram: View @minipayFXhackathon After confirming that @behiceuzun was contact in Mento Labs. I wrote private message but since she was not answering I posted one of the videos in that group but it was deleted Telegram: View @minipayFXhackathon

  2. Later @behiceuzun answered DM saying she would share the video with Mento Labs team and that someone else from Mento Labs would contact me.

  3. I noticed that the channel #shill-mento is not visible anymore in the discord server of Mento Labs, that is good. But no one from Mento Labs has contacted me after more than 6 hours, so I’m writing this post.

I wonder

  1. Is there a program to report formally vulnerabilities in Mento Labs ? (cLabs Celo uses https://r.xyz/ )
  2. How many people has reported this before? How long was that link there? How it could be from “Mento Bot”? Was edited? Is maybe this problem the reason why OKX doesn’t allow transactions in app.mento.org ?
  3. Can Mento Labs help to recover my funds or can compensate?

Hi Vladimir,

Thank you for bringing this issue to our attention and for alerting the Mento community. We take the safety and trust of our users very seriously.

Following your report, our community team conducted an audit and confirmed that the previous vanity Discord URL was compromised and reassigned to a malicious server impersonating Mento Labs. The fraudulent server was using a fake verification flow designed to deceive users into signing harmful transactions.

We have since:

We are truly sorry this incident affected you. To help protect yourself and others, please keep the following in mind:

  • Never share your wallet seed phrase or private keys with anyone
  • Avoid clicking links from unofficial sources, especially those promising rewards or requiring wallet connections
  • Report any suspicious activity to our team or moderators immediately

We are still actively investigating the root cause of this issue and will follow up with you as soon as we have more information. In the meantime, feel free to reach out to us directly at contact@mentolabs.xyz if you have any further concerns or information.

Kind regards,
Mento Labs Team

Thank you. Contacting contact@mentolabs.xyz

Two days ago I wrote an email from vtamara@pasosdeJesus.org with subject " About security breach in discord server of Mento Labs" but I have not received answer. Could you please confirm if you received?

I’m still waiting for an answer to my email.

Meanwhile I noticed:

  1. https://discord.com/invite/mentolabs is also leading to the fake discord server
  2. There are still links to the fake discord server around Internet, for example:
  3. There are links to discord.com/invite/mentolabs in your own content https://x.com/MentoLabs/status/1797636058101985785
  4. Why don’t you ask Discord help to regain control of discord.gg/mentolabs and discord.com/invite/mentolabs ?

Sad to read Mento Labs answer today, that you guys will not compensate me. You don’t acknowledge the error you made by having links in your official content to a wallet draining site.

Anyway I was able to download the malicious code available at guildme.net/requestMobile.php and published it in a github repository for further analysis: GitHub - vtamara/evidence-guildme.net: Evidence of the malware at guildme.net/requestMobile.php Analyzing it, although expensive, I was able to prove that it contains the address where my funds were sent: https://celoscan.io/address/0xac822b956a41cd0959fc8cdc7262a34b54048df6 completing the evidence that the robbery started in a link in official content of MentoLabs.

Thanks for suggesting @seal_911_bot. They said there was not much to do and that I was victim of the Angelferno Drainer and suggested to fill the form of ic3.gov that I had already done.

I wish from MentoLabs a full disclosure with the root cause of the incident and the anaysis you did to the malware of your link.