Folks at Poly cat have alerted us that Helios Cash developers are steeling funds directly from user wallets. Infact, even if you interacted once with Helios Cash website using metamask, they can still steel your funds.
So what is the solution? You need to remove / revoke all permissions as soon as possible. To check if you have approved address or not, visit this polygonscan page and check yourself. Enter your address and tap on search icon. Also, Helios Cash contract is unverified, not that we have not heard of steeling funds from verified contracts but unverified contracts are clearly red flags.
This means if people have any allowances still in that contracts, it is basically waiting for Helios Cash developers to do a rug pull on you. Also, looking at logs, you can see that there is another contract that was being interacted with and that leads directly to helios cash farm.
More power to folks at polycat for notifying us and making DeFi world a safe place by taking down one scam website at a time. Just revoke the permissions and you’ll be safe.
I am from Brisbane, Queensland and I hold post of Associate Editor at Cryptocoindaddy.