ScamIntelLogs
Open-source intelligence archive of crypto scam operations — internal chats, admin panels, victim records, and infrastructure data for research and investigation
Install / Use
/learn @phishdestroy/ScamIntelLogsREADME
ScamIntelLogs
<div align="center"> <img src="https://github.com/phishdestroy/ScamIntelLogs/raw/main/baner.png" alt="ScamIntelLogs Banner" width="100%"> <p><strong>Open-Source Scammer Intelligence Archive</strong></p> <p>Internal data, chat logs, admin panels, and infrastructure from criminal scam networks</p>
📂 Browse Archive • 🤖 Report Scammers • 🐦 Twitter • 🌐 Website
</div>📋 Overview
ScamIntelLogs is a public intelligence archive containing leaked, dumped, and collected data from cryptocurrency scam operations. This repository preserves evidence that scammers typically delete to evade accountability.
What's Inside
| Data Type | Description | |-----------|-------------| | 💬 Internal Chats | Telegram group conversations, private messages, operational discussions | | 🎛️ Admin Panels | Screenshots, configs, and audits of scam infrastructure | | 👥 Scammer Identities | Telegram IDs, usernames, wallet addresses, known aliases | | 💰 Theft Records | Victim wallets, stolen amounts, transaction hashes | | 🎨 Phishing Assets | Design templates, clone sites, drainer configs | | 📊 Financial Flows | Payment records, affiliate payouts, laundering paths | | 🌐 Infrastructure | Domains, hosting providers, bot tokens, API endpoints |
⚖️ Methodology
We do NOT hack, attack, bruteforce, or compromise any systems.
All data is collected through passive intelligence gathering:
- 🔍 OSINT — Open-source intelligence from public sources
- 📥 Leaked Data — Community-submitted dumps from insiders
- 🕵️ Social Engineering Artifacts — Data exposed by scammers themselves
- 📡 Passive Monitoring — Public channels, forums, blockchain analysis
- 🎁 Voluntary Submissions — Victims and researchers sharing evidence
When admin panel access is obtained (through leaks or misconfiguration), we conduct non-destructive audits to document infrastructure without modification.
🎯 Purpose
Who Benefits
| Audience | Use Case | |----------|----------| | 🔬 Security Researchers | Study scam TTPs, drainer mechanics, social engineering | | 👮 Law Enforcement | Evidence for investigations and prosecutions | | 📰 Journalists | Exposés on organized crypto fraud | | ⚖️ Victims | Identify attackers, support recovery efforts | | 🛡️ Threat Intel Teams | IOCs, infrastructure patterns, actor tracking |
Why Archive This
Scammers systematically destroy evidence — deleting Telegram chats, burning wallets, rotating domains. This archive ensures:
- Permanent Record — Evidence survives deletion attempts
- Pattern Analysis — Cross-reference actors across operations
- Accountability — Public exposure deters future activity
- Community Defense — Shared knowledge protects potential victims
📂 Repository Structure
Each scam operation gets its own directory. Inside, evidence is organized by type:
TeamName/
├── chat/ # Internal Telegram group conversations
├── channel/ # Public channel announcements
├── successful_thefts/ # Confirmed theft records (wallets, tx hashes, amounts)
├── designs/ # Phishing page templates and clone assets
├── payments/ # Payment logs, affiliate payouts
├── scammers_login.txt # Known participant Telegram IDs and usernames
├── domains.txt # Associated phishing domains
├── iocs.json # Machine-readable indicators of compromise
└── index.html # Visual evidence browser for this team
Not every team has all folders — it depends on what evidence was collected. The root index.html lists all archived operations with descriptions and direct links to every subfolder.
🔗 Related Projects
This archive is part of the PhishDestroy threat intelligence ecosystem:
| Project | Description | |---------|-------------| | destroylist | 70,000+ malicious domains blocklist | | PhishDestroy Bot | Telegram bot for scam reporting | | phishdestroy.io | Main project website |
🤝 Contributing
We accept submissions of scam-related intelligence:
What We Accept
- Telegram chat exports (JSON/HTML)
- Admin panel screenshots/configs
- Scammer identity information
- Domain/infrastructure data
- Wallet addresses and transaction evidence
How to Submit
Option 1: Pull Request
git clone https://github.com/phishdestroy/ScamIntelLogs.git
# Add data to new directory: NewTeamName/
git commit -m "Add NewTeamName data"
# Submit PR
Option 2: Anonymous Submission
- Telegram: @PhishDestroy_bot
- We protect source confidentiality
Submission Guidelines
- Remove personal victim data (redact if necessary)
- Include context: team name, operation type, timeframe
- Provide source attribution if comfortable
- Structure data in readable format
⚠️ Disclaimer
- This repository contains evidence of criminal activity for research purposes
- Data is provided "as-is" without verification guarantees
- Do not use this data for harassment, vigilante justice, or illegal purposes
- Victim PII should be handled responsibly
- We are not responsible for misuse of this information
📜 License
MIT License — Free to use, clone, modify, and distribute.
Law enforcement agencies are explicitly authorized to use this data for investigations.
<div align="center">
🛡️ Fighting Fraud Through Transparency
Scammers delete evidence. We preserve it.
<br>
"The community must know its scammers."
</div>