beta

Home

Company

Regulatory

Agency warning

Exposure

News

Assistant

  • English
  • 日本語
  • हिन्दी
  • 한국어
  • Français
  • Español
  • Deutsch
  • Bahasa Indonesia
  • Português
  • Pусский
  • Türkçe
  • ภาษาไทย
  • Tiếng Việt
  • Finnish
  • العربية
  • 繁體中文
  • 简体中文
    Finance WiKi
Login

AI risk analysis - Coin98 Wallet (2025-04-29 17:35:45)

2025/04

FinanceWiki-AI-Agent

Below is a comprehensive analysis of Coin98 Wallet (official website: https://coin98.net/) based on the requested criteria, including online complaint information, risk level assessment, website security, WHOIS lookup, IP and hosting analysis, social media presence, red flags, regulatory status, user precautions, and potential brand confusion.

1. Overview of Coin98 Wallet

Coin98 Wallet is a non-custodial, multi-chain cryptocurrency wallet designed to connect users to decentralized finance (DeFi) and Web3 ecosystems. It supports over 140 blockchains, including Ethereum, Binance Smart Chain, Solana, and Polygon, and offers features like NFT management, token swaps, staking, and a built-in decentralized exchange (DEX) aggregator. The platform aims to bridge traditional finance (TradFi) users to DeFi services through its wallet, exchange, and cross-chain bridge (Space Gate).

2. Online Complaint Information

Online complaints about Coin98 Wallet are mixed, with some users reporting serious issues while others praise its functionality. Key findings include:

  • Scamadviser Reviews: Coin98.com has a low average review score of 1.6 stars from 8 reviews. Complaints include frozen accounts, unapproved payouts, and significant financial losses (e.g., one user reported losing $108,000 to a supposed binary options scam linked to Coin98). Some users claimed recovery through third-party services, but these claims are unverified and could be promotional.
  • App Store Feedback: On the Apple App Store, users have reported technical issues, such as the in-app browser failing to connect to dApps, displaying black screens, or showing zero balances despite assets being staked or farmed. Customer support responses were minimal, often acknowledging receipt without resolution.
  • Positive Feedback: Some reviews highlight Coin98’s ease of use, multi-chain support, and innovative features like Cloud Sync and ENS/SNS integration. However, negative experiences dominate complaint platforms.
  • Critical Analysis: The severity of complaints (e.g., frozen accounts, large losses) raises concerns, but the low volume of reviews (only 8 on Scamadviser) suggests these may not represent the broader user base of over 10 million. Lack of detailed support responses is a recurring issue, indicating potential weaknesses in customer service.

3. Risk Level Assessment

Based on available data, Coin98 Wallet’s risk level is moderate to high, depending on user context and precautions:

  • Pulsedive Risk Rating: Pulsedive reports an elevated risk for coin98.com, though specific reasons are not detailed.
  • User-Reported Scams: Allegations of scams (e.g., frozen accounts, demands for additional fees like a 25% “large-amount certification fee”) suggest potential fraudulent practices or vulnerabilities to phishing/scams mimicking Coin98’s platform.
  • Non-Custodial Nature: As a non-custodial wallet, Coin98 does not hold user funds, reducing the risk of custodial losses but increasing user responsibility for private keys and passwords. Loss of these credentials can result in permanent asset loss.
  • Market Position: Coin98’s $C98 token has a market cap of ~$62.2 million and ranks #461 on CoinMarketCap, indicating moderate market trust but not top-tier status. Price volatility (e.g., down 99.1% from its all-time high) adds financial risk for token holders.
  • Critical Analysis: The non-custodial model mitigates some risks, but user complaints about account freezes and technical issues suggest operational or security gaps. The elevated risk rating and scam allegations warrant caution.

4. Website Security Tools and Analysis

The security of https://coin98.net/ has been evaluated using tools like OWASP ZAP, Nmap, and TLS scans, with mixed results:

  • OWASP ZAP Vulnerabilities: A 2022 scan by Idyllum Labs identified 83 vulnerabilities, including:
  • Cookies without the HttpOnly flag, allowing potential JavaScript access.
  • Missing secure flags for cookies containing sensitive information.
  • Third-party script files, which could be exploited if sourced from untrusted domains.
  • Leaked server information via “X-Powered-By” headers, potentially aiding attackers in identifying vulnerabilities.
  • SSL/TLS Status: The site has a valid SSL certificate, ensuring encrypted connections.
  • Open Ports: Four open ports were detected, which could be entry points for attacks if not properly secured.
  • Security Features: Coin98 Wallet offers advanced security options like Matrix Password, Cloud Sync, and hardware wallet support (Ledger, Trezor), enhancing user asset protection.
  • Critical Analysis: The presence of 83 vulnerabilities in 2022 is concerning, though it’s unclear if these have been addressed by 2025. The valid SSL and hardware wallet support are positive, but open ports and cookie issues suggest the website may not fully meet 2023 security standards. Users should ensure they access the correct domain and avoid phishing sites.

5. WHOIS Lookup

WHOIS data for coin98.net provides insight into its registration and ownership:

  • Domain Creation: Registered on November 1, 2017, with 103 days remaining as of early 2022 (suggesting renewal through at least 2025). Long-term registration is a positive signal, as scammers often use short-term domains.
  • Registrar: GoDaddy.com, LLC, a reputable registrar.
  • Owner Information: Likely redacted for privacy, as is common with legitimate domains. No specific owner details are publicly available.
  • Registrar Risk: The registrar hosts many low-scoring websites, but this is not unique to Coin98 and may reflect lax “Know Your Customer” processes rather than Coin98-specific issues.
  • Critical Analysis: The long-term domain registration and reputable registrar are reassuring, but the lack of transparency in ownership is standard for privacy-conscious projects and not inherently a red flag.

6. IP and Hosting Analysis

IP and hosting details provide context on the infrastructure behind coin98.net:

  • IP Address: 104.21.57.156, hosted in the United States by Cloudflare, Inc., a leading content delivery network (CDN) known for security and performance.
  • Hosting Provider: Cloudflare is widely used by legitimate websites, offering DDoS protection and SSL support. However, 637,900+ other websites use the same provider, including some with low trust scores, which dilutes its specificity as a trust indicator.
  • Ping Response Time: The server responds efficiently, indicating reliable hosting.
  • Critical Analysis: Cloudflare’s involvement is a strong positive, as it enhances security and performance. No specific IP-related red flags were identified, though shared hosting environments require vigilance for potential vulnerabilities.

7. Social Media Presence

Coin98 maintains an active social media presence, which can indicate legitimacy but also poses risks:

  • Official Channels: Coin98 has accounts on Twitter, Telegram, Discord, and other platforms, with communities for updates and support. The Twitter account has a relatively low follower count compared to its 10M+ user base, which may suggest limited mainstream engagement.
  • Community Engagement: Coin98 Insights and Sapiens channels provide educational content and ecosystem updates, fostering community trust. FrontierDAO and scholarship programs further enhance engagement.
  • Risk of Impersonation: Social media platforms are prone to fake accounts mimicking Coin98. Users have reported phishing attempts via Telegram and Twitter, offering fake giveaways or support.
  • Critical Analysis: The active social media presence and community initiatives are positive, but the low Twitter following and risk of impersonation highlight the need for users to verify official channels (e.g., via coin98.com or coin98.net).

8. Red Flags and Potential Risk Indicators

Several red flags and risk indicators emerged during the analysis:

  • User Complaints: Frozen accounts, unapproved payouts, and demands for additional fees (e.g., 25% certification fee) suggest either platform issues or sophisticated scams impersonating Coin98.
  • Website Vulnerabilities: 83 OWASP ZAP vulnerabilities, including cookie and header issues, indicate potential security weaknesses.
  • Technical Issues: App Store reviews highlight persistent bugs, such as black screens and zero balance displays, which could erode trust.
  • Lack of Regulatory Clarity: No clear information on regulatory compliance (see below), which is common for DeFi but increases risk in jurisdictions with strict crypto laws.
  • Scam Allegations: Pulsedive’s elevated risk rating and user-reported scams (e.g., $108,000 loss) are concerning, though not conclusively tied to Coin98’s core operations.
  • Critical Analysis: While some red flags (e.g., vulnerabilities, complaints) are significant, others (e.g., regulatory ambiguity) are typical for DeFi. The scam allegations may stem from phishing or user error rather than Coin98 itself, but they warrant caution.

9. Website Content Analysis

The content on https://coin98.net/ and https://coin98.com/ (linked domains) is professional but requires scrutiny:

  • Content Quality: The websites provide detailed information about Coin98’s ecosystem, including Coin98 Wallet, Exchange, and Insights. Educational content (e.g., Coin98 Insights) covers crypto basics to advanced DeFi topics, enhancing credibility.
  • Transparency: The team is partially identified (e.g., Vinh The Nguyen and Khiem Dang as co-founders of Kytek Software), but full team details are not disclosed.
  • Privacy Policy: The privacy policy (effective October 22, 2021) outlines data handling practices, including account data (e.g., email, wallet address) and cookie usage. It complies with EEA/UK data rights but notes that blockchain wallets cannot be deleted due to distributed ledger technology.
  • External Audits: Coin98 claims audits by Certik (for the wallet) and Armor (for $C98 smart contracts), adding credibility. However, audit details are not publicly linked on the website.
  • Critical Analysis: The content is polished and informative, aligning with a legitimate DeFi project. However, partial team transparency and lack of audit links reduce openness. Users should verify claims independently.

10. Regulatory Status

Coin98’s regulatory status is ambiguous, typical of many DeFi platforms:

  • No Clear Licensing: No evidence suggests Coin98 is registered with financial regulators (e.g., SEC, FCA, MAS). As a non-custodial wallet, it may not require traditional licensing, but this depends on jurisdiction.
  • Global Operations: Coin98 operates globally, with a focus on Vietnam and expanding to other regions (e.g., English, Thai, Chinese support). This exposes it to varying regulatory risks.
  • DeFi Context: DeFi platforms often operate without formal regulation, relying on smart contract audits and decentralization. Coin98’s audits by Certik and Armor provide some assurance, but they do not replace regulatory oversight.
  • Critical Analysis: The lack of regulatory status is not inherently a red flag for a non-custodial DeFi wallet but increases risk in regulated markets. Users in strict jurisdictions (e.g., US, EU) should consult local laws before using Coin98.

11. User Precautions

To mitigate risks when using Coin98 Wallet, users should:

  • Verify Official Domains: Only access https://coin98.net/ or https://coin98.com/. Beware of phishing sites with similar URLs (e.g., coin98.org, coin98.io).
  • Secure Private Keys: Store private keys and recovery phrases offline, never sharing them. Use hardware wallets (Ledger, Trezor) for added security.
  • Avoid Unofficial Channels: Engage only with verified social media accounts and support channels (e.g., livechat.coin98.com, support@coin98.com). Avoid unsolicited messages offering giveaways or recovery services.
  • Monitor Permissions: Use Coin98’s Wallet Approval feature to revoke token allowances from dApps, reducing exposure to malicious contracts.
  • Test Small Transactions: Send small amounts initially to verify functionality before transferring large sums.
  • Check for Updates: Ensure the app or extension is updated to address known bugs (e.g., black screen issues).
  • Research Local Laws: Confirm compliance with local crypto regulations, especially in regulated markets.
  • Critical Analysis: These precautions address the non-custodial nature of Coin98 and the risks of phishing, scams, and technical issues. Users must take primary responsibility admired its role in advancing DeFi accessibility, its unresolved security and support issues temper enthusiasm. The platform’s long-term domain registration, Cloudflare hosting, and external audits suggest a commitment to legitimacy, but users must remain vigilant.

If you need further details or specific aspects analyzed (e.g., deeper social media analysis or $C98 token economics), please let me know!

Powered by FinanceWiki AI Some content is AI-generated and for reference only; it is not investment advice.
Contact us
app