LoopX, a cryptocurrency startup that claimed to be developing an artificial-intelligence-powered trading platform, raised approximately $4.5 million in Bitcoin and Ethereum from investors across five consecutive token sale rounds in January and early February 2018. The company’s website, YouTube channel, Facebook page, and Telegram community were deleted without warning around February 8, 2018 — approximately one week before the platform’s scheduled public launch. No product was ever delivered. No member of the LoopX team has ever been publicly identified by name. No criminal charges have been filed against any individual. As of 2026, the LoopX exit scam remains a fully unresolved case in which the operators are at large, their identities unknown, and their location undetermined.
The $4.5 million raised consisted of 276 Bitcoin and approximately 2,446 Ether contributed across the five presale rounds. Investors tracking the funds on BitcoinTalk attempted to follow the on-chain transfers before the trail fragmented. The movement of funds from collection wallets was organized and coordinated — consistent with a pre-planned withdrawal, not the chaotic activity that follows a genuine security breach.
LoopX occupied a specific archetype in ICO-era fraud: the anonymous-team exit scam. Unlike PlexCoin (PA-002), Centra Tech (PA-003), or Titanium Blockchain (PA-004), LoopX had no named founders, no identified executives, no corporate registration that law enforcement could trace, and no disclosed jurisdiction of operation. The whitepaper named no individuals. The promotional videos featured animated graphics rather than on-camera presenters. Every element of the project’s public-facing identity was designed to be disposable — and on February 8, 2018, it was disposed of.
The LoopX exit was the fifth documented ICO exit scam in the first two months of 2018 alone, occurring in a concentrated period when anonymous-team ICOs were proliferating faster than any regulatory or platform framework could screen them. It has become a reference case in security research and investor-education literature as the cleanest example of the anonymous-team archetype: sufficient technical production value to attract real investment, no accountability infrastructure of any kind, and a vanishing that took less than a day to execute.
GPay Network, a Swiss-registered ICO project that also operated under the brand name “Kali-X,” raised more than $33 million across multiple jurisdictions between 2018 and 2019 through a series of token sales marketed to investors in Europe, Asia, and North America. The project presented itself as a global payment infrastructure platform with its own token, promising to deliver a fast, low-cost payment network powered by blockchain technology. Its operators communicated through pseudonyms throughout the project’s lifespan; no verified natural persons behind the founding team have been publicly identified in law enforcement records. GPay Network rebranded at least once — emerging as “Kali-X” under fresh marketing materials and updated whitepapers — before both the GPay and Kali-X web presences went offline without warning. No proceeds were returned to investors. No public arrest or criminal charge linked to the scheme’s operators has been documented as of this writing.
The GPay Network case illustrates a pattern common to a distinct subset of 2018–2019 ICO frauds: schemes structured not with a single exit event but with rolling rebrands that extended the fundraising period, rotated the narrative, and diluted investor organizing capacity. By the time the Kali-X brand had itself collapsed, investors who had participated in the original GPay raise were already fractured across different communication channels, legal jurisdictions, and stages of financial loss. The rebrand served simultaneously as a fundraising refresh and as a clock-reset that complicated victim coordination and regulatory attribution.
Swiss financial regulators at FINMA documented a significant increase in fraudulent ICO activity during this period, placing multiple projects on its public warning list and pursuing enforcement actions against unauthorized token issuers. In 2019, FINMA reported having investigated sixty ICO-related inquiries and taken formal action against multiple unauthorized schemes. GPay Network’s Swiss registration — a common choice for ICO operators in this era due to Switzerland’s regulatory reputation and relative openness to blockchain projects — did not subject the project to effective oversight before its collapse. The operators remain unidentified and at large.
WCX Exchange, a cryptocurrency trading platform project that marketed itself as a “low-fee digital currency exchange built by ex-Apple engineers,” raised approximately $12.5 million from investors through a token sale that ran from late 2017 into 2018. The project promoted its WCXT token — priced at ten tokens per US dollar during the ICO — as a profit-sharing instrument that would pay holders a percentage of the exchange’s future trading revenues. The exchange was never launched in functional form. By mid-2019, the WCX website and all associated social media channels had gone dark without any communication to token holders. No returns were distributed. The team operated under pseudonyms throughout; the claimed identities of the two publicly named team members were found to be fabricated before the ICO had closed. No public arrest or enforcement action against any individual connected to WCX has been documented.
WCX arrived on BitcoinTalk in July 2017 — the primary forum through which ICO projects recruited early investor communities at the height of the token sale boom — and rapidly accumulated followers through a referral and bounty campaign that rewarded users for sharing the project with new contacts. Its marketing narrative combined two claims with strong appeal in the 2017 crypto market: technical credibility, through the Apple engineer backstory, and financial return, through the profit-sharing model that promised passive income to token holders from an exchange that would undercut competitors on fees. Neither claim survived scrutiny. The Apple connection was fabricated. The exchange never generated fees to distribute.
The WCXT token, which traded on secondary markets after the ICO closed, lost more than 90 percent of its ICO-price value within months of the sale’s conclusion. The discrepancy between the token’s market performance and the project’s promotional claims attracted escalating skepticism in the crypto community from late 2017 onward, but WCX continued to raise funds by extending and relaunching its ICO over successive rounds. The final disappearance of the website and social media in 2019 came after a period of progressively reduced communication that itself followed a pattern of unfulfilled launch promises. The identities of the natural persons who designed, operated, and benefited from the scheme remain unconfirmed.
DavorCoin was a Croatian-linked cryptocurrency lending platform that launched in December 2017 and raised more than $10 million from investors before its website went offline in March 2018 — fewer than four months after it opened. The platform promised monthly returns of up to 38 percent through a “lending program” whose mechanics were functionally identical to those of BitConnect, the most prominent crypto Ponzi scheme of the era. Investors deposited DAV tokens into the lending program, which purportedly deployed them through an automated trading system to generate the promised returns. No such trading system existed in any verifiable form. When the platform closed, investors lost access to their deposited tokens and their promised earnings. The operator or operators using the name “Davor” were never publicly identified; no individual has been arrested or charged in connection with the scheme as of the research date.
DavorCoin’s rise and collapse occurred within a compressed window framed by BitConnect’s own trajectory. BitConnect, the lending platform that DavorCoin most directly replicated, had been operating since mid-2016 and began receiving cease-and-desist letters from US state securities regulators in January 2018. BitConnect shut down its lending and exchange operations on January 16, 2018, less than six weeks after DavorCoin launched. DavorCoin continued operating through February 2018 despite the obvious structural parallel — some investors explicitly migrated funds from the closed BitConnect into DavorCoin during this window — before its own closure in March. The overlap between BitConnect’s collapse and DavorCoin’s continued operation, followed immediately by DavorCoin’s exit, is one of the more clearly documented examples of how the collapse of one Ponzi can briefly accelerate the growth of its imitators before the same structural failure overtakes them.
The funds raised by DavorCoin — documented by on-chain analysis of the DAV token contract and investor reports — are estimated at more than $10 million, though precise figures are difficult to establish because the platform’s records were not made available for any regulatory proceeding. No charges have been filed in any jurisdiction. The identities of the individuals behind the platform remain unknown.
Prodeum was a Lithuanian blockchain project that raised $11 from investors in January 2018 before its operators deleted the project website and replaced it with a single obscene word. The project had claimed to build a blockchain-based tracking system for fruit and vegetable supply chains, using ERC-20 tokens to record the provenance, transport, and sale of agricultural produce on the Ethereum network. Its whitepaper described a functional product roadmap, a named team of advisors, and a token economy designed to incentivize supply-chain participants. None of the team members could be verified as real people. The project’s social media presence and website disappeared within days of the ICO’s soft-cap period closing. The homepage replacement with an obscene word was the operators’ only public communication after the exit.
The $11 raised — verified through on-chain analysis of the PRE token’s contribution address — is not a typographical error or a rounding artifact. It is the confirmed total of investor funds received. At face value, this makes Prodeum an insignificant financial event: eleven dollars is less than the price of a cup of coffee at a specialty cafe in Vilnius. But the case’s significance has never rested on its financial scale. Prodeum became one of the most extensively documented exit scams of the ICO era because it illustrated, with unusual clarity and almost no noise from financial complexity, the complete anatomy of a token-sale fraud: the whitepaper fabrication, the false team construction, the ICO mechanics, the social media presence, the trust-building period, and the exit. Every element of the fraud was present. The only anomaly was the amount raised.
Prodeum’s documentation in the cryptocurrency press, in academic and regulatory analyses of ICO fraud, and in investor education materials has been disproportionate to its financial harm because it serves as a clean teaching case. The identities of its operators have never been confirmed. No charges have been filed in any jurisdiction. The obscene-word homepage is preserved in web archive records.