“There is no AI. There is no trading. There is only a system designed to move your money to someone else — and we can now prove it.”

I published Part 1 of this investigation on my YouTube Channel in early 2026, where I followed the money — specifically, the TRON blockchain wallet network behind BG Wealth Sharing and DSJ Exchange.

What that analysis revealed was clear: no trading revenue entering the system. Only deposits from new participants being redistributed to earlier ones. Classic Ponzi mechanics, verifiable on-chain.

While preparing Part 2, something unexpected emerged. Community investigators Agent 00bob and Agent 001 identified a series of public GitHub repositories connected to the operation — including the DSJ Exchange website itself.

This investigation documents what those repositories reveal: the exchange source code, the automation backend, a network of affiliated projects, fabricated executive identities, and the technical fingerprints behind the operation.

This is not a theory. It is evidence.

The Setup: What BGW Tells Victims

If you’ve been approached about BG Wealth Sharing, the pitch typically sounds like this.

You are invited to join a sophisticated crypto trading system, supposedly backed by a global hedge fund. Twice a day — at 6:30 PM and 10:30 PM — you receive a signal code via an encrypted messaging app called BonChat. You open the DSJ Exchange platform, navigate to Futures, select “Invited Me,” paste the code, and submit.

Moments later, a profit appears on screen — usually between 1.3% and 2.6% per day. At that rate, your balance is projected to double roughly every sixty days.

You are told the system is powered by artificial intelligence, managed by hundreds of professional analysts, and licensed by major regulators including the SEC, ASIC, MAS, and DFSA. The message is simple: guaranteed returns, no experience required.

The minimum entry point is typically $500 USDT.

At the same time, regulators across multiple jurisdictions have already issued warnings. The UK Financial Conduct Authority classified the operation as an unauthorised firm in May 2025. The Alberta Securities Commission followed with an investor alert in February 2026. DSJ Exchange Limited itself was incorporated in the UK in July 2024 and dissolved by October 2025.

This post is not focused on whether the scheme is legitimate — that question has already been addressed by investigators, regulators, and independent analysts including Danny de Hek and BehindMLM.

What follows is something more direct: an examination of how the system actually operates, based on its own source code.

Finding 1: The DSJ Exchange Website Was Built by a Student in India in a Single Day

The GitHub repository Navyakushwaha/DSJ-Exchange contains the complete React/Vite frontend for the DSJ Exchange website — the very page victims land on when deciding whether to trust this platform with their money.

The developer, Navya Kushwaha, is a student and junior developer connected to Techsima, a coding training institute in Lucknow and Ayodhya, Uttar Pradesh. All 42 files in the repository share the same commit timestamp: 11 February 2026. One developer. One day. Built using a free Vite React template.

It’s important to be precise about what this means before drawing conclusions about individual responsibility. Techsima operates a project-based training model where students build real-world websites as commissioned work. This was almost certainly a freelance request — build a crypto exchange interface.

Whether Navya Kushwaha understood the full context of what she was building is unknown. However, what can be confirmed is what exists within those 42 files.

While individual developers may not fully understand the systems they are contributing to, the platform itself — as revealed through its code — is unmistakably fraudulent.

Smoking Gun 1: A Fake SEC Licence Number, Hardcoded

Right there in the ticker bar at the top of the website, written directly into the source code:

Good news: DSJX successfully applied for a SEC licence from the U.S. Securities and Exchange Commission on July 11, 2025. CLK:0002078856

That CIK number is real. It belongs to BGW’s Colorado shell company, registered as an Exempt Reporting Adviser. Filing as an Exempt Reporting Adviser requires no approval, no audit, no verification. It is the minimum possible SEC filing — a status that scam operations specifically use because it sounds legitimate without being legitimate. It is not an exchange licence. The SEC does not grant exchange licences this way. This claim is deliberate misrepresentation, hardcoded into the website that victims see.

Smoking Gun 2: A Fabricated Founding Date

The footer of every page on the DSJ Exchange website reads:

Copyright © 2018-2026 DSJ Exchange All Rights Reserved

DSJ Exchange Limited was incorporated in the UK in July 2024. The earliest any regulator or investigator has placed its existence is 2022. The 2018 date is invented. Someone changed the template default specifically to make a one-year-old fraud look like a seven-year-old institution.

Smoking Gun 3: Hardcoded Fake Prices — No Market Connection Whatsoever

The “live” price ticker on the DSJ Exchange website shows Bitcoin and Ethereum with a change of +0.00. Those aren’t live prices. They are hardcoded static numbers in the JavaScript source file with no API connection to any market data feed. Bitcoin was nowhere near $69,000 in February 2026. The +0.00 change means nobody even remembered to update the numbers before shipping the site.

Real exchanges — Binance, Coinbase, Kraken — update their prices via API every millisecond. DSJ Exchange updates its prices never.

Smoking Gun 4: Lorem Ipsum in Production

The Trade Anywhere section of the DSJ Exchange website, visible to every victim who visits it, contains the following text:

Lorem ipsum dolor sit, amet consectetur adipisicing elit. Dignissimos, eligendi recusandae alias ipsum saepe ipsam?

That is a template placeholder. It was never replaced. The world’s most advanced AI trading exchange deployed its production website with Lorem ipsum visible to users. This is not a legitimate exchange. It’s a rushed template deployment.

Smoking Gun 5: Machine-Translated Chinese in the About Us Section

The About Us section reads:

DSJ Exchange Global Professional Station is an innovative digital asset trading users around the world, focusing on discovering and opportunities.

That sentence is broken. Words are missing. It ends on “discovering and opportunities” — a fragment that makes no grammatical sense in English. This is the specific broken syntax that results from machine translation from Mandarin Chinese. The content was written in Chinese first, run through a translation tool, and deployed without correction.

Navya Kushwaha didn’t write this. It was handed to her by whoever commissioned the site. And the people who wrote it did so in Chinese. That content trail leads back directly to the Chinese scam factory infrastructure that BehindMLM’s Oz and Danny de Hek have both documented as the origin of the BGW operation.

Finding 2: The Trading Mechanism Is a 400-Line Python Script

The second repository, XiaolanLin808/BG-Wealth_SCript, has since been deleted — but before its removal, it exposed exactly how the DSJ Exchange “trading” system operates behind the scenes.

The code reveals a Python Flask web application designed to manage user accounts and automate platform activity. It stored DSJ Exchange credentials — including phone numbers, passwords, and full names — in a database, and exposed them via an API. A single request to /api/accounts returned a list of active accounts, ready to be used by external scripts. Another endpoint, /api/deduct, handled token deductions for each automated action.

Two scripts defined the entire process: automate_login.py and automated_entry.py.

Step one: log in.
Step two: submit the entry.

That is the full extent of the so-called “trading” mechanism.

There is no trading engine in this system. No exchange integration, no order book, no market data feed, and no price execution logic. Nothing resembling legitimate trading infrastructure exists within the code.

Deployment documentation — preserved by investigators Agent 00bob and Agent 001 before the repository was removed — showed the system running on Railway.app, with Stripe integration allowing operators to purchase token bundles. The default administrator password was set to “admin123.” If unchanged, this would have left the entire database — including user credentials — openly accessible to anyone who discovered the endpoint.

Notably, one example within the API documentation contained a real U.S. phone number with an 808 area code, placing it in Hawaii. This was not test data or a placeholder — it appears to have been an actual user account used during development.

The Role of Agent 00bob and Agent 001

This evidence exists because of two community investigators working within Danny de Hek’s Avengers group.

Agent 00bob identified the XiaolanLin808 repository during a live stream and immediately flagged it to the community. Agent 001 then documented the repository’s contents in detail — including the README deployment guide, which contained a real phone number and exposed admin credentials — before the repository was taken down.

Both agents submitted formal reports through GitHub’s abuse channels, actions which appear to have alerted individuals connected to the operation. The repository was deleted shortly after.

Agent 00bob subsequently made direct contact with the developer. In a Recorded Conversation — now preserved and provided to law enforcement — the developer confirmed they were a user of BG Wealth. The repository was removed soon after that exchange.

Key finding

Code tied to legitimate systems is not typically removed the moment investigators make contact. The timing of this deletion, combined with the preserved evidence, is significant.

All materials captured by Agent 00bob and Agent 001 have been secured and submitted to the appropriate authorities.

Finding 3: An Entire Affiliate Ecosystem on GitHub

The two repositories outlined above were only the beginning. Further investigation uncovered a broader network of related projects.

Repository 3: Live Victim Data Harvesting

The repository ameykumar1211-ui/BG-Wealth-Sharing is a Hindi-language recruitment site deployed on Vercel. Its promotional messaging claims users can earn between 30,000 and 300,000 rupees per month with just one minute of daily activity.

Behind the interface, a hidden admin panel displays a live feed of incoming registrations — including names, phone numbers, and WhatsApp details — in real time. During this investigation, real user data was actively appearing in this feed. The site has been reported to Vercel.

Repository 4: An Investment Calculator Proving Its Own Fraudulence

The repository sonyho2715/bg-wealth-simulator is a Vietnamese-language investment calculator, showing over 1,457 simulations already run. It was developed using Claude AI, as confirmed by a CLAUDE.md file within the project.

The calculator advertises returns of 1.8% per day — equating to approximately 67,000% annually.

It then compares these figures to legitimate benchmarks: traditional savings accounts at 4.5% APY and the S&P 500 averaging 10% annually. Both comparisons are accurate — and in doing so, the tool unintentionally highlights the impossibility of its own claims.

No legitimate investment in financial history has sustained returns anywhere near this level. Even Warren Buffett has averaged approximately 20% annually over his career. The calculator effectively disproves itself using real-world data. This repository has also been reported to Vercel.

Repository 5: A Hardcoded Referral Code and a Live DSJ Exchange Iframe

This repository, flagged by Agent 001, hosted a full affiliate recruitment portal at copytradingsignals.org (now offline following abuse reports). The site embedded DSJ Exchange within an iframe and pre-filled a referral code: bo124pet6o00.

Visitors were explicitly instructed to ensure this code appeared during registration — ensuring commissions were credited to the operator behind it.

Every user who signed up through this portal generated revenue tied to that referral identifier. If transaction records become available through legal channels, this code provides a direct link to financial flows within the system.

The site also linked to an active Telegram recruitment channel (t.me/+fyRGxnhsEKkwYzg5), which has since been reported to Telegram’s abuse team.

Repository 6: A Named Senior Affiliate

The repository sonyho2715/lee-meadows-saas — created by the same developer behind the Vietnamese calculator — is a fully developed Next.js 15 SaaS platform with database integration, authentication systems, and 48 recorded commits. It was also built using Claude AI.

The repository description explicitly states:

“Professional cryptocurrency investment platform for Lee Meadows — BG Wealth Sharing Investment Group Partner.”

This is a direct attribution of affiliation within publicly available source code.

This connection is further supported by multiple independent sources. The name appears in Danny de Hek’s documented list of BGW Zoom promoters, and the Instagram account @leequynhm (with over 23,000 followers) uses identical recruitment language: “I help ordinary people earn global income. Freedom Blueprint.”

The platform, branded as TradePulse AI, claims 99.6% signal accuracy and displays fabricated regulatory badges for the SEC, ASIC, MAS, and DFSA — all implemented as front-end elements. A contact email (support@tradepulse-ai.com) is embedded directly within the code. This repository has also been reported to Vercel.

Finding 4: The Executive Team Is Fabricated

BGW’s promotional infrastructure presents two named executives. Neither has a verifiable existence outside of the organisation’s own marketing materials.

Professor Stephen Beard — described as the founder, a former Gemini Exchange executive, Oxford-educated, and now affiliated with the IMF — has no LinkedIn presence, no academic records, no regulatory registrations in any jurisdiction, and no independently verifiable identity. The UK Financial Conduct Authority referenced this name in its May 2025 warning. Further analysis by BehindMLM suggests the profile images used may be AI-generated or digitally altered. Danny de Hek has also extensively documented the lack of any verifiable footprint. There is no credible evidence that this individual exists as presented.

Joseph Smith, identified as the COO of DSJ Exchange, appears in a professionally produced promotional video featuring a broadcast-style chyron labelling him as “COO of DSJEX.” In the video, he claims the platform operates similarly to established exchanges such as Coinbase. However, there is no LinkedIn profile, no regulatory registration, and no verifiable employment history linking any individual to this role.

The name “Joseph Smith” is one of the most common in the English-speaking world, making independent verification inherently difficult. While a person appears in the promotional material, there is no evidence confirming that the identity presented is genuine or connected to a legitimate executive role within a real organisation.

Taken together, the available evidence strongly indicates that these executive identities are constructed for promotional purposes. This investigation represents the first documented public analysis of the “Joseph Smith” role in connection with DSJ Exchange.

The Trading App: What It Actually Is

A question that comes up repeatedly is whether there is an app available to download and analyse. The answer is no — and that absence is revealing in itself.

The DSJ Exchange “app” is not a native iOS or Android application. It is a mobile-optimised, browser-based platform accessed through rotating domains such as dsj080.com/pc/. Everything users interact with is delivered via a web interface controlled entirely by the operators.

Crucially, there is no publicly accessible application code to inspect. The system is designed so that all core functionality remains server-side, beyond the reach of independent analysis without authorised access.

This lack of transparency is not incidental — it is structural. The platform is built to present a convincing interface to users while preventing meaningful scrutiny of what is happening behind the scenes.

In contrast, legitimate exchanges operate with a high degree of transparency. They provide documented APIs, publicly visible order books, and verifiable transaction data. Their systems can be independently assessed and validated.

DSJ Exchange presents the appearance of a trading platform, but the underlying infrastructure remains entirely opaque. The operators retain full control over user balances and displayed activity, with no external verification.

The TRON on-chain analysis from Part 1 provides critical context: funds entering the system are redistributed between wallets, with no evidence of trading revenue. When combined with the lack of any observable trading infrastructure, this strongly indicates that the platform’s apparent functionality does not reflect genuine market activity.

Two Lines of Evidence — One Conclusion

This investigation reveals two independent lines of evidence — both leading to the same conclusion.

The blockchain exposes the movement of money. As shown in Part 1, deposits flow between wallets with no evidence of trading revenue. New funds are used to pay earlier participants — a classic Ponzi structure, verifiable by anyone using a TRON blockchain explorer.

The source code exposes the mechanism. The so-called “trading” process is nothing more than a login and form submission. The exchange interface is built from a template with hardcoded data, the executive identities cannot be independently verified, and the wider affiliate ecosystem is spread across publicly accessible repositories.

These are two separate systems of truth — financial flow and functional design — and they align perfectly.

The blockchain shows where the money goes. The code shows how the system operates.

Conclusion

There is no AI-driven trading. There is no hedge fund infrastructure. There is no verifiable executive leadership.

What exists is a controlled system built around a simple interaction — a button, a referral code, and the movement of funds from one participant to another.

What the Regulators Have Already Said

Regulatory authorities across multiple jurisdictions have already issued formal warnings regarding BG Wealth Sharing and DSJ Exchange:

  • FCA (UK) — May 2025 — Unauthorised firm, suspected phishing
  • ASC (Canada, Alberta) — February 2026 — Investor alert
  • FCAA (Canada, Saskatchewan) — March 2026 — Unregistered securities
  • ASIC (Australia) — January 2026 — Investor alert
  • FMA (New Zealand) — November 2025 — High-risk scam warning
  • SEC (Philippines) — January 2026 — Unregistered and illegal
  • National Reserve Bank of Tonga — December 2025 — Fraud alert
  • Central Bank of the Bahamas — April 2026 — Fraud warning
  • Utah Division of Securities (USA) — March 2026 — Investor warning
  • Central Bank of Samoa — 2026 — Public warning
  • SEBI (India) — 2026 — Fraud-related reports
  • Companies House (UK) — DSJ Exchange Limited incorporated July 2024, dissolved October 2025

These warnings span multiple continents and regulatory frameworks, yet they all point to the same underlying concern: an unregistered and high-risk investment operation targeting the public.

This is not a startup struggling to navigate compliance requirements. It is a coordinated operation that continues to evolve — registering new domains, shifting infrastructure, and recruiting new participants as quickly as older channels are exposed.

The pattern is consistent, and it is ongoing.

If You’ve Been Affected

If you or someone you know has deposited money into BG Wealth Sharing or DSJ Exchange, the following agencies accept reports and can assist:

Do not pay any withdrawal fees, tax compliance fees, or verification fees. There is no money to retrieve. Every fee payment is a secondary extraction by the same operation that already took your initial deposit.

A Note on the Developers

Several developers are referenced in this investigation, including Navya Kushwaha, Xiaolan Lin, and contributors behind the affiliated repositories. The code itself forms part of the evidence.

Any determination of individual responsibility — whether these developers were knowingly involved or acting as contractors without full awareness of the broader system — is a matter for law enforcement, not for this report.

What the code demonstrates, however, remains consistent regardless of authorship.

All evidence gathered during this investigation — including a recorded admission from the XiaolanLin808 developer confirming their BGW user status — has been preserved and submitted to the appropriate authorities.

Thank You

To Agent 00bob — you identified the XiaolanLin808 repository during a live stream, reported it immediately, preserved critical evidence before its removal, and made the direct contact that led to a recorded admission now in the hands of law enforcement. This investigation would not exist without your work.

To Agent 001 — you documented the repository contents in detail, captured key deployment evidence including the hardcoded referral code and exposed admin credentials, and flagged the TheAugDev/BG affiliate portal. Your actions through the proper reporting channels helped bring this system into the spotlight.

To Danny de Hek and the Avengers community — your live investigative work brought visibility to the repository and applied the pressure that led to its removal. The timing of that deletion is significant.

To BehindMLM’s Oz — your years of documenting these operations laid the foundation that this investigation builds upon. A tip of the hat to Oz.

The code may be gone. The evidence remains.

Disclaimer: How This Investigation Was Conducted

This investigation was conducted by CrYptOG, an independent investigative YouTube Channel focused on on-chain cryptocurrency fraud analysis. All findings are based entirely on publicly available OSINT — Open Source Intelligence — including GitHub repositories, public websites, regulatory disclosures, and blockchain data. No systems were accessed without authorisation, and no private data was obtained through unlawful means.

Part 1 of this investigation — TRON on-chain wallet analysis of the BGW network — is available here: youtu.be/exgrNmrqA08

Index of References, Links & Evidence

CrYptOG Investigation — Videos

Primary Source Code Repositories

Regulatory Warnings & Official Notices

Prior Investigations & Further Reading

Report This Scheme

Persons & Entities Named in This Investigation

Agent 00bob
Danny de Hek Avengers community member. Identified the XiaolanLin808 repository, preserved critical evidence prior to deletion, made direct contact with the developer, and obtained a recorded admission now provided to law enforcement.

Agent 001
Danny de Hek Avengers community member. Documented repository contents in detail, captured key deployment evidence, and identified the referral code used in the TheAugDev/BG affiliate portal.

Danny de Hek
OSINT investigator (dehek.com) and primary independent researcher into BG Wealth Sharing and DSJ Exchange. Founder of the Avengers investigative community.

BehindMLM (Oz)
Independent MLM fraud investigator. Documented Chinese backend indicators and domain rotation patterns associated with the operation.

Professor Stephen Beard
Claimed BGW founder. No verifiable identity outside of promotional materials. Referenced in the FCA warning issued in May 2025.

Joseph Smith
Claimed COO of DSJ Exchange. Appears in promotional video content. No independently verifiable identity. First formally documented in this investigation.

Lee Meadows
Named as a BG Wealth Sharing Investment Group Partner within publicly available GitHub source code. Also identified in Danny de Hek’s Zoom promoter records and associated with the @leequynhm Instagram account (23,000+ followers).

Navya Kushwaha / Techsima
Developer of the DSJ Exchange website frontend (Navyakushwaha/DSJ-Exchange). Associated with Techsima coding institute, Uttar Pradesh. Assessed as a likely commissioned developer.

XiaolanLin808 (Xiaolan Lin)
Developer of the BG-Wealth_SCript automation backend. Repository was removed following contact from investigators. A recorded admission confirming BGW user status has been preserved and provided to authorities.

Evidence Submitted to Law Enforcement

  • FBI IC3 — Online complaint submitted: ic3.gov
  • FBI Honolulu Field Office — Referral relating to Xiaolan Lin, including recorded admission
  • USACIDC / Army CID — Referral due to identified developer’s potential military affiliation and clearance status
  • Action Fraud (UK) — Evidence submitted
  • Vercel — Abuse reports submitted for associated repositories (ameykumar1211-ui, sonyho2715)
  • GitHub — Abuse reports submitted (XiaolanLin808/BG-Wealth_SCript, TheAugDev/BG)
  • Telegram — Abuse report submitted for recruitment channel: t.me/+fyRGxnhsEKkwYzg5