Recently, the scammers are making their contract address to be having a backdoor which enables them to withdraw the investors funds into their private wallets.
This can be modified same like ethereum smart contract. Why blame the smart contract that has been used on the scam activity hence should focus on finding those users doing a mint and cheat sheet function on the codes. Scammers are eventually doing or adding some functions that can definitely cheat investors. So better to learn the simple code for finding these projects that plan to do modus like this.