Rug Pull: A detailed analysis of DeFi scam routines

Rug pulls are one of the most common scams in the cryptocurrency industry, and frankly, while quite a few have been exposed, there should still be many that have gone undetected. According to SolidusLabs, at least 188,000 Rugpulls potential scams are deployed on Ethereum, BNBChain, and some of the top Layer 1 blockchains.

Dismantling Rug Pull: A detailed analysis of DeFi scam routines

Which blockchains have the most RugPulls token projects?

The data shows that 12% of BEP-20 tokens on BNB Chain show fraudulent characteristics, while 8% of ERC-20 tokens in Ethereum show signs of fraud, while approximately $910 million in fraud-related ETH is processed through centralized or regulated cryptocurrency exchanges. According to blockchain analytics unit Chainalysis, 11 DeFi protocols were attacked in October, affecting $718 million in crypto assets, setting a monthly record for crypto losses so far this year.

As one of the largest crypto trading platforms in the blockchain ecosystem, the constant addition of new features and an expanding user base can be the main reason scammers and hackers target Binance. Binance seems to be aware of the prevalence of smart contract scams on its blockchain network and has integrated risk monitoring tools to detect risks in real time and notify users of potential risk projects in a timely manner, including RugPulls and other scams. Let’s analyze it in detail.

Rug Pulls project “routine”

Also known as “fraud tokens” or “DeFi scams,” RugPulls involves projects that craft code in smart contracts to steal money from retail investors, typically with code design goals involving:

1. Secondary sales are prohibited

2. Allow project developers to mint new tokens freely

3. Charge buyers 100% of the sales fee

The RugPulls project hides these scripts in tokens, which are at great risk if unexplained retail investors buy them. In most cases, the RugPulls token looks exactly like any other cryptocurrency on the market and “adheres” to the blockchain’s fungible token standard, but the real problem is hidden in the deeper smart contract source code.

Since the birth of Bitcoin, the cryptocurrency industry has become more and more mature, and at the same time, fraudsters have also figured out the underlying routines of cryptocurrencies, and can make a large number of changes to the underlying smart contracts that govern the conditions and rules of recorded transactions on the blockchain. To execute RugPull, fraudsters often embed malicious rules into smart contracts in a hard-coded way, not only giving themselves additional power, but also depriving buyers of their basic rights. Generally, fraudsters launch the RugPulls project after deploying one or more vulnerable tokens.

Once the token is deployed, fraudsters create liquidity pools on decentralized exchanges (DEXs) and then pair the tokens with other “legitimate” cryptocurrencies. Next, they artificially create trading volume on a large scale and in this way inflate the value of the token, ultimately attracting the interest of retail investors.

In addition to the “conventional means” described above, the RugPulls project may also “wrap” its own legitimacy in the following ways, such as:

1. Create fake websites and fake project development roadmaps

2. Share fake partnerships and hang out some fake well-known developer “avatars”

3) Advertise on Twitter, Discord, Telegram or other social media

As more and more people buy RugPull project tokens, the fraudsters behind the project will start brewing a sell-off, and when enough users buy tokens, they will quickly sell the tokens and exchange them for other cryptocurrencies on decentralized exchanges, such as ETH, USDT, etc. A large-scale sell-off in a short period of time will quickly bring the token price to zero, and the RugPull conspiracy will succeed.

RugPulls token fraud type inventory

There are many ways fraudsters can deploy malicious code in smart contracts of RugPulls tokens, but there are three main types of RugPulls in the current market, namely:

1. Hidden deployment honeypot vulnerability

2. Hidden private token function

3. Hidden balance modification back door

Honeypot vulnerabilities often prevent token buyers from reselling, while only developers can sell their own cryptocurrencies, and ordinary investors are often given a deal when trading something like “The transaction cannot be successful due to an error that is not defined; It may be due to a problem with one of the tokens you exchanged”, resulting in the inability to withdraw. Honeypot scams often cause token prices to rise in a short period of time, and then induce more unknown users to buy, a more typical example is Squid Game Token (SQUID), which uses the name of Netflix’s hit series “Squid Game” to attract many people to buy, but the project side embedded a honeypot vulnerability in the smart contract, making Squid Game Token look like a promising cryptocurrency. In just a few days after launch, more than 3.36 million US dollars were entered, but they were eventually looted by the project side. According to the data, as of October 25, 2022, the number of token projects hiding honeypot vulnerabilities in the market is about 96,008.

The private token creation feature, and one of the most common tactics used by fraudsters, gives one or more “externally owned accounts (EOAs)” specific permissions that allow them to mint new tokens using hidden features in token contracts. When fraudsters successfully invoke the minting function, they will own a large number of tokens and dump them on the market, resulting in other holders’ tokens being greatly reduced in value or even worthless. According to the data, as of October 25, 2022, there are about 40,569 token projects on the market with hidden token creation functions.

Deploying a balance modification backdoor is somewhat similar to deploying privately minted tokens, in that fraudsters give one or more “externally owned accounts (EOAs)” specific permissions to modify the balance of token holders, and when the “EOA” sets the balance of token holders to zero, they cannot sell withdrawals, and fraudsters can remove liquidity or mint/sell tokens to exit.


Crypto scams are on the rise, and to make matters worse, there are still many that go undetected to this day. Investors need to assess the risk of crypto fraud when choosing crypto projects, and regulators should step up their efforts to prevent consumers from being harmed, ultimately raising the standards of market integrity, transparency, and consumer protection.

Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2022-10-31 10:19
Next 2022-10-31 10:21

Related articles