This service is a SCAM! Proof
- Aggregator
[SCAM] No logs and no KYC crypto swap service.
- moleswap.xyz
Scores
- Guaranteed no KYC
- Terms explicitly state KYC will never be requested.
-
Is SCAM 0 -30
Confirmed as a SCAM or not what it claims to be. Read more about the listing statuses.
Check out the proof.
0 Privacy-30 Trust -
New service 0 -4
The service started operations 2 months ago and it does not have a proven track record. Use with caution and follow the safe swapping rules.
0 Privacy-4 Trust -
Currently in beta 0 -1
The service is in pre-release phase and may have bugs or missing features. Feedback is welcome to help improve it. Frequent updates are expected.
0 Privacy-1 Trust -
Source code is private 0 -1
The service’s source code is not public, so it cannot be reviewed or audited by the community. This limits transparency.
0 Privacy-1 Trust -
Guaranteed no KYC +25 0
-
Strict no-log policy +5 +3
The service has a strict no-log policy, which means that it does not collect or store any information about its users.
+5 Privacy+3 Trust -
Accepts Monero +5 0
This service accepts Monero, a privacy-focused cryptocurrency that provides enhanced anonymity.
+5 Privacy0 Trust -
No registration needed +5 0
Users can access and use the service without creating an account. This enables a faster and more convenient user experience while also offering enhanced privacy and anonymity.
+5 Privacy0 Trust -
Own liquidity 0 +2
The service provides its own liquidity for swaps, meaning it does not depend on external, third-party sources.
0 Privacy+2 Trust -
JavaScript needed 0 0
The service requires the user to enable JavaScript in order to access and use its features.
0 Privacy0 Trust -
Some countries are restricted 0 0
Offered services may not be available in some countries due to logistics, regulations or arbitrary decisions. Please check for any restrictions before use.
0 Privacy0 Trust - Base score +50 +50
Overall = 60% Privacy + 40% Trust (Truncated)
Terms of Service Review
Not available on scam services
Events
View all-
Description update
Description was updated
-
Verification step added
"CrowSwap, Zeroslip, and Moleswap Identified as Scam Operations" was added
-
Verification update
Verification status changed from COMMUNITY_CONTRIBUTED to VERIFICATION_FAILED
-
Verification step added
"Investigation 03" was added
-
Verification step warning
"Investigation 01" status changed from pending to warning
-
Verification step warning
"Investigation 02" status changed from failed to warning
-
Verification step pending
"Investigation 01" status changed from failed to pending
-
Verification update
Verification status changed from VERIFICATION_FAILED to COMMUNITY_CONTRIBUTED
-
Verification step added
"Investigation 02" was added
-
Verification step added
"Investigation 01" was added
-
Attribute change
An attribute was removed (details unavailable)
-
Attribute change
An attribute was removed (details unavailable)
-
Verification update
Verification status changed from COMMUNITY_CONTRIBUTED to VERIFICATION_FAILED
-
Attribute added
Attribute "Can't analyze ToS" was added to MoleSwap.xyz
Verification
Learn moreConfirmed as a SCAM or not what it claims to be.
Investigation suggests this service is a scam. Read the verification section for detailed proof.
Verification proof
We made an extensive investigation, with collaboration of some community members. Read it below.
Verification Steps
- FailedCrowSwap, Zeroslip, and Moleswap Identified as Scam Operations
Due to a client-side database call, we were able to dump the service's database. We confirmed that CrowSwap, Zeroslip, and Moleswap are interconnected scam services.
Trusted user Plowsof reported that the platforms were operating with publicly exposed databases due to client-side database calls, allowing for a full review of their fraudulent activities. You can explore the database dumps here here.
Key findings:
- Shared Infrastructure: All three services share an identical user interface (UI), database schema and backend, proving they were built by the same operator. Their domain names were also registered within a few days of each other.
Archived Moleswap.xyz | Archived Crowswap | Archived ZeroSlip
Fraudulent Support Practices: A review of ZeroSlip’s support messages revealed direct evidence of scam tactics. When a user inquired about a missing order, an administrator instructed them to send the exact same amount of cryptocurrency a second time, promising a full refund of both payments. This is a classic “double-dip” scam designed to extract more funds from a victim.
Fabricated Order History: Analysis of the
orderstables shows that most transactions are fake, designed to create an illusion of legitimacy. Furthermore, the same deposit addresses are repeatedly used for orders and appear across the databases of both Crowswap and Zeroslip, definitively linking the operations.
Current Status: As of Plowsof’s report, the operators have secured the Moleswap database after being exposed. However, the CrowSwap and Zeroslip databases remain exposed, and the services are presumed to be active.
Recommendation: These services are fraudulent. Do not send any funds to CrowSwap, Zeroslip, Moleswap, or any similar-looking exchange.
- WarningInvestigation 03
crowswap.exchange and zeroslip.finance have the exact same UI, simmilar telegram activity and were registered on simmilar dates.
- Archived crowswap.exchange
- Archived zeroslip
- crowswap.exchange was registered on 2025-06-19 (moleswap was registered on 2025-06-04)
- zeroslip.finance was registered on 2025-07-03 (moleswap was registered on 2025-06-04)
Furthermore, the three services share the some assets that are the same:
- WarningInvestigation 02
Telegram channel for Moleswap has 592 members. Yet the service is very new, since it was registered and created this very same month. To this date, the service is 8 days old.
- Domain was registerd on 2025-06-04
- Telegram Channel has 592 users (in just 8 days)
The telegram channel growth seems unnatural, and probably fabricated.
- WarningInvestigation 01
They use a single deposit address for all transactions at or above 0.00915 BTC. UPDATE: This is no longer the case. This step will be left for record.
UPDATE 2025/06/13: They fixed this and now addresses seem to no longer repeat. However, we think they may have added more addresses.
We observed suspicious behavior when testing a BTC to ETH exchange. The exchange provided unique deposit addresses for amounts below 0.00915 BTC. However, for all tested amounts at or above 0.00915 BTC, it repeatedly provided the exact same Native Segwit (bc1) address.
This pattern suggests the exchange may be selectively scamming users who deposit larger amounts.
- ✅ Archived Page 01 - 0.00914 BTC
- ✅ Archived Page 02 - 0.001 BTC
- ⚠️ Archived Page 03 - 0.009915 BTC
- ⚠️ Archived Page 04 - 0.01 BTC
- ⚠️ Archived Page 04 - 0.0095 BTC
- ⚠️ Archived Page 06 - 0.25 BTC
However, for smaller amounts we performed a successful swap. Investigating the network calls, it seems they are wrapping ChangeNow:
- Screenshot - This makes us belive the
bc1address is hardcoded, ignoring the ChangeNow input address.
Comments
Just created an account on here to write a review for Moleswap. Perfect instant swapper and one of the best UX in the market IMO. Team is always helpful on TG. Sleeper.
You mentioned two main red flags “address reuse and unnatural channel growth”. How do address reuse and “unnatural telegram channel growth” confirm something is a scam? We have completed 173 exchanges so far, and there have been ZERO reports of people being scammed. You, admin, have also successfully completed an exchange. Yet, reusing addresses is now considered a confirmed scam. I received my money but they’re reusing an address, scam! I understand that it can be difficult for people to admit their mistakes, so they may look for anything to support their claims, such as adding a new red flag citing our telegram member count as an argument for labeling us a scam. At this point you just want us labeled as a scam and there’s nothing i can say or do to change that outcome. Apparently no victim no crime doesn’t apply here. Guilty until proven innocent, very disappointing.
I have removed the SCAM label based on your feedback and the absence of user reports. However, I will maintain the failed verification steps for now, as I believe these remain legitimate concerns that warrant user awareness.
To clarify my process: I have no personal motivation to label services as scams. My primary responsibility is protecting kycnot.me users, which requires exercising caution when identifying patterns commonly associated with scam services. Based on my experience maintaining this directory, both address reuse for larger amounts and artificially inflated social media growth are red flags in the privacy services space, and more so if the two are spotted together.
The address reuse pattern is particularly concerning because it suggests different handling of high-value versus low-value transactions - a common selective scamming technique. While your service may have legitimate reasons for this behavior, it represents a deviation from standard security practices that users should be aware of.
Given that no scam reports have been filed and considering your response, I’m reclassifying the service as COMMUNITY_CONTRIBUTED while keeping the verification warnings visible. This allows users to make informed decisions while acknowledging that the service hasn’t been definitively proven fraudulent.
I remain open to removing these warnings if the underlying concerns can be adequately addressed.
Address reuse is no long applicable since we’re now testing privately.
And the telegram comment is just ridiculous, now you’re just searching for reasons to keep us labeled as a scam.
Message from Moleswapxyz team:
We’re still in beta and continuously improving our platform. We’re integrating a system that allows for the routing of transactions based on size and risk. Smaller and less risky transactions are routed through aggregated streams, while larger and riskier transactions are routed through our own pools and/or our partner’s pools (which also have strict no kyc/freezing protocols). To facilitate these transactions, we use a different system for routing. Addresses are refreshed based on usage, so the same address remains active as long as it isn’t used. Your claims of a hard-coded Segwit address are false, you’re just jumping the gun on labeling us a scam. There is not one person who has actually been scammed, only bad faith assumptions have been made. While it’s true that crypto is prone to scams and one should always be cautious, we should try to refrain from labeling everything as a scam. Especially since there’s not a single person claiming to be scammed while quite a few people can tell you they’re satisfied with our service.
Hi. The reuse of addresses is a pattern that we have seen in many exit scams, so it’s preferred to mark a service as scam and be proven otherwise when we see some scam-like patterns. That being said, I want to ask what happens in the event where two persons create a trade at the same time for the same amount, or even different amounts (a thing that could happen in high volume situations); how do you detect who paid what in this case?
Absolutely understandable and i respect any effort trying to protect the community. To your question; This feature is still experimental and is still undergoing testing, We disabled this feature on the main site now and are testing in private. Once core functionality works flawlessly we will introduce unique addresses alongside other features before fully integrating into the exchange, however in your scenario we could refund both sender addresses based on txid.
Recommended by a friend and it works like a charm - I use it to swap between XMR and ETH. No KYC and no CeX games I am tired of.
swap worked seamlessly. would use it again
i got scammed 100 XMR on crowswap, stay away from those exchanges.