Here is how I've been able to replicate the same "behavior" showed at Atlas "prove" video.
Take a closer look when the balance page starts to show, and "error" appears at the page top, this specific error ONLY triggers when the website could not establish a connection to the HitBTC socket (as anyone can see at the code) So to test it, I've developed this in 30 minutes:
Step 1) Edit computer network hosts and add:
127.0.1.1 st.hitbtc.com
This will prevent the website to find the socket to account info, so the error will appear at the top of the balance page, as we can see here:
Step 2) Install any JS injection like "tampermonkey" and add the script to run at the balance pages:
// Removes the error message (https://imgur.com/ykCViVM)
$("div[class*=styles__alert]").remove()
// Set all balances to zero (as we can see at the video) (https://imgur.com/ggRzH6G)
$("div[class*=main-balance]").html("0");
$("div[class*=styles__cell__cash]:not(:first)").html("0");
// Update BTC and USDT balance (https://imgur.com/ggRzH6G)
$("div[class*=styles__cell__cash]:not(:first)").eq(0).html("1,862.39021193");
$("div[class*=styles__cell__cash]:not(:first)").eq(2).html("5,418,742.84");So this shows how easily people can be fooled by these scams:
I think no one is better than HitBTC to say how it's layout is made... it's pretty common to developers create methods to "align" elements after adding it to the page. It's like "fingerprints"... that's why Atlas got caught