Hello, with cooperation of admins of adapools.org we uncovered a mesh of over 50 pools that seem to be operated by 1 group or person. Many of these pools are obvious red-flag scam pools (MELD4 being one of them).
Few of the tickers are - MELD4, NAMI, ITC3, BIDEN, SODA, PIGY, WMT, ADA01, GRAB, EVE6 and many others.
All these pools seem to originate from pool FIMI - some Vietnamese pool / organization with website https://fimi.vn/ada/ (this pool seems first one that started using these relays).
They all share same set of relays, hosted in Germany by company Contabo, in Dusseldorf, some of the IPs they all share are:
The pattern for these pools is more or less the same - register a new domain such as relaystakepoolservice.site or relaytera.asia, create 3 relay subdomains pointing to these contabo IPs, and create some pool that is supposed to either lure people pretending it is supporting someone they clearly don’t (such as BIDEN pool), or simply fake existing project (MELD, EVE, WMT, PIGY etc) and pretend you get tokens when you stake with them.
So far this group is massively successful, they have combined stake probably of more than 100 million ADA, some of their pools are 99% margin.
Check some of their pools - [EVE6] Everstake | Cardano Staking [MELD4] MELD ISPO 4 (100% MELD) | Cardano Staking [BIDEN] BIDEN president pool | Cardano Staking [SODA] SODA | Cardano Staking [PIGY] PIGY token 🐷 | Cardano Staking
I really would like to hear some explanation by guys behind fimi.vn for all this - at some point the scammer group could theoretically just decide to use someone else’s relays for their producer nodes, but there is just too many red flags pointing to same origin.
I think these relays should be blacklisted by most pools so you don’t peer with them. Delegators should probably also reconsider staking with legitimate pools instead.