What is a Crypto Rug pull and How do you Avoid It?

By Ehis Ohiwerei

Wise investors are those who search for suitable protocols in their beginning stages, hoping to reap great rewards if they get in early. The Winklevoss twins, for example, put their money in Bitcoin almost ten years ago and are now billionaires.

However, if you make the mistake of jumping into a project without proper research, it can lead to a financial catastrophe. A crypto community collectively lost $2.6 million to malicious developers behind the Baller Ape Club NFT.

The desire of users and investors for high-risk, high-reward investments is very common in the crypto community, where a continuous flow of new projects generates excitement and attracts new investments.

But unlike financial markets in the real world that are regulated, the crypto industry is still in its early stages, and malicious users frequently deceive unsuspecting investors.

One of the most common scams in the crypto space is a “rug pull,” where a developer or creator promotes a project such as a new coin or NFT release and then vanishes with the investors’ money.

Unfortunately, these fraudsters are challenging to locate after the fact since the decentralized and anonymous nature of blockchain enables those involved to hide their identities. Nonetheless, there are ways you can identify potential rug pulls and shield yourself from financial loss.


  • Rug pull is when a developer takes off with the money invested into his protocol by his investors.
  • Rug pulls are more frequent in DeFi because of the autonomous nature of smart contracts.
  • A rug pull can either be hard or soft.
  • A hard rug pull involves developers using codes and back doors in a protocol for malicious acts.
  • Soft rug pull involves developers influencing their coins with overhyping and then cashing out quickly, reducing the coin’s value.

What are Crypto Rug Pulls?

Rug pull is a crypto scam where deceitful individuals trick people into investing in a project and then steal their digital tokens. Developers promoting rug pulls typically advertise their tokens on social media to attract many retail investors.

When they get several people to invest, these developers transfer the funds into their personal accounts or quickly cash it out on a DEX. Rug pulls frequently happen in DeFi apps; because DeFi is mainly unregulated and inherently decentralized, it’s simpler for users not to keep their identities and be able to steal these funds.

Rug pulls happen more often in DeFi because of the way smart contracts work. Tricky developers can sneak harmful code into smart contracts on sneaky dApps (decentralized apps).

These scams also happen in the NFT world, where there’s been a lot of interest in crypto art and many new projects that fraudsters can exploit. Many new collectors are trying to figure out the space, and popular projects like CryptoPunks have made early investors millions of dollars.

According to the blockchain analysis firm Chainalysis, investment fraud is a big deal, with scammers taking a total of $2.8 billion in 2022, which works out to $7 million a day.

What are the Most Common Types of Rug Pulls?

Liquidity Pool Rug Pull

Liquidity theft is a common exit scam in the world of cryptocurrency. It involves the token creators extracting all the coins that investors have pooled into a project. In DeFi (decentralized finance) trading platforms, crypto tokens are required to facilitate actions like trades, exchanges, or loans secured through smart contracts.

However, this security system can be easily breached if developers design it with malicious intent. In such cases, the developers can have privileged access to the locked funds when they exit. As a result, the native token loses its value, causing it to crash to zero.

Limiting Sell Orders

In the crypto world, there’s a type of scam called the “limiting sell order” scam. Here, dishonest coders pre-program their coins to sell only at their command. Users have access to these tampered coins and can buy them through decentralized exchanges, but they can’t sell them.

This is because these developers have written specific types of codes into their coins to make sure that they’re the only ones with the authority to sell these coins or digital assets. Once enough people have invested in this fake crypto; the developer will then activate the sell codes and cash out.

Dumping Schemes

Rug pulls, also known as “pump-and-dump” schemes, rely on fabricated public hype, often fueled by social media. These schemes aim to attract a large number of crypto investors who will help increase the value of a new token associated with a trendy and promising project.

However, at the opportune moment, developers unload their shares and exit, causing the token’s value to plummet, leaving unsuspecting investors caught off guard.

Hard Pulls vs. Soft Pulls

Rug pulls are a type of crypto scam that comes in two forms: hard and soft. Hard rug pulls are when developers intentionally code their project with malicious backdoors or write commands into their token’s smart contract that allow them privileged access to the locked funds upon exit.

These types of “rug pulls” are deliberate and designed to defraud investors of their funds. Liquidity stealing is another type of hard rug pull that occurs when token creators extract all of the coins invested into a project, leaving the native tokens worthless.

On the other hand, soft rug pulls occur when token developers dump their crypto assets quickly, causing the token’s value to drop and leaving remaining investors with devalued tokens.

While unethical, this type of rug pull may not necessarily be illegal in the same way that hard pulls are. Soft rug pulls are often driven by fabricated hype fueled by social media, which lures eager crypto investors to invest in a shiny new token tied to a trending project.

What are the Ethics and Legality of Rug Pulls?

In general, liquidity pool pulls, and limiting sell orders are illegal because they are designed to trap retail investors. These types of scams are referred to as “hard rug pulls” because the fraud is hardwired into the project’s code.

“Pump and dump” schemes, on the other hand, fall into a legal gray area. While they are unethical, proving that scammers have engaged in illegal activities can be challenging. If users purchase crypto on the market and promote it online, it may not be unlawful.

This is particularly true if the scammers did not create the token. Some people categorize “pump and dump” schemes as “soft rug pulls” since the project’s code is not designed for failure.

How to Spot a Crypto Rug Pull

Unclear Whitepapers

When considering a crypto project, it’s important to read the whitepaper, which should clearly outline the project’s goals and strategies. Beware of vague or poorly written whitepapers, which may indicate a scam project.

Anonymous Developers

Knowing the identity of a project’s developers can help hold them accountable and make it easier to identify Rug pulls. Be cautious of projects with anonymous developers.

No Third-Party Audit

To have confidence in a project’s code, look for a formal review from a reputable auditing firm. Projects without third-party audits may be riskier to invest in.

Suspicious Price Action

Sudden changes in a token’s price history or trading volume may signal market manipulation. Be cautious of price surges that aren’t supported by important news related to the project.

Excessive Social Media Marketing

If a project is excessively spamming social media, it may be a red flag. Take a closer look at projects that rely heavily on marketing tactics rather than substantive information.

How to Avoid Rug Pulls

Watch out for High Liquidity Pool Yields

If a liquidity pool offers absurdly high annual percentage yields (APYs), it’s most likely bait for a liquidity rug pull. Stick to well-established dApps that offer APYs that are well below triple digits.

Stick With Trusted dApps

As a user looking to invest, it is advisable to stick with long-standing projects. These projects are verified and have communities and legitimate tokens. Instead of seeking out new projects, as a user, you might consider investing in dApps such as UniSwap or Aave, for instance.

Test Small-cap Tokens on a Trusted DEX

If you need help selling a token, buy a small amount of the cryptocurrency and trade it on a high-quality DEX like Uniswap. If you can’t swap the crypto, it’s a limit sell scam.

Research Token Addresses on top coin Aggregator Sites

There are some websites that are trusted in the crypto community to have verified projects. Among these sites are CoinMarketCap and CoinGecko.

These sites are called coin aggregators and are a better way to determine if a project is genuine than social media.

Look out for Unknown or Anonymous Developers

If you are looking to invest in a project, it is important to find out who the developers of the project are. This is important because the credibility of the developers will be a plus for the project.

If the developers are known and are popular in the crypto community because of their track records, then you should invest. Anonymous developers and developers need a track record to serve as a point to get your support.

If they are anonymous, do not support them by investing.

Check for Liquidity Locks

One of the easiest ways to distinguish a scam coin from a legitimate cryptocurrency is to see if the currency has a liquidity lock. Without a liquidity lock on the token supply, the project creators could run off with the entire liquidity.

Liquidity is secured through time-locked smart contracts that ideally last three to five years from the token’s initial offering. While developers can script their own time locks, third-party lockers can provide greater peace of mind.

Investors should also check the percentage of the liquidity pool that has been locked, known as the “total value locked” (TVL), which should be between 80% and 100%.

Crypto Rug Pull Examples:


Back in 2014, a group led by Ruja Ignatova established a Bulgarian cryptocurrency firm named OneCoin Ltd. They allegedly tricked people into investing by falsely claiming that the coin had immense value.

Suddenly, Ignatova vanished, and the exchange closed in 2017, resulting in over $4 billion loss.

In June 2022, the FBI added Ignatova to their Ten Most Wanted list, and she faces several charges, including conspiracy to commit fraud and money laundering.


Thodex, a Turkish cryptocurrency exchange started in 2017, has gathered roughly 400,000 users. However, in 2021, the exchange’s founder, Faruk Fatih Ozer, disappeared after the exchange froze the ability of its users to withdraw their funds.

Some users reported that the prices of certain cryptocurrencies had fallen dramatically before the protocol was shut down.

Overall, the Thodex community lost over $2 billion worth of cryptocurrency, and Turkish prosecutors are pursuing jail sentences for Thodex’s founders and executives.

Squid Game

Squid Game is a popular Netflix series, but it has nothing to do with the Squid Game coin rug pull. The people behind the rug pull project stated that they were creating a play-to-earn game that would require a specific number of SQUID tokens to participate.

Unlike the TV series, where there was a limit on the prize and the number of players, the rug pull project said there would be no such limits, and the final bonus would have no cap, attracting a lot of attention.

The developers then suddenly ran off with the investors’ money, deleting their official website and leaving many penniless.


AnubisDAO, a dog-themed DeFi project, was launched in 2021, and investors poured nearly $60 million worth of ether into it.

However, less than 24 hours after the sale, the liquidity in the pool was transferred by the project owners to another address, and the project’s main Twitter account disappeared, causing ANKH’s value to plummet to zero.

Whether the developers were in on the scam is unclear, but all signs indicate a standard rug pull.


In 2021, Frosties’ NFT collection made waves. For users, the protocol assured them of its endless benefits. After the NFT sold its 8,888 editions, the rug pull happened.

The protocol owners transferred about $1.1 million into their accounts and shut down the project. Users later charged them with conspiracy to commit fraud and money laundering.

Baller Ape Club

Le Ahn Tuan funded the Baller Ape Club, an FT project promising VIP benefits. Still, when investors attempted to purchase the Solana-based NFTs, they were falsely informed by the protocol that the transactions had failed.

The project owners then performed a rug pull with a massive $2.6 million SOL worth of the coin.


SudoRare, a new decentralized NFT marketplace, was launched in August 2022. Its developers drained the liquidity pool and stole over 514 ETH, worth approximately $815,000. They then deleted the project’s social media accounts and websites.

Wrapping up

It’s unfortunate, but the crypto community has its bad days. Some people have made it their agenda to take advantage of people. However, there’s good news: the more experience you have, the less likely you are to be a target.

Rug pulls, or scams, tend to happen to new or unsuspecting investors, but even experienced investors sometimes fall for this trap. To avoid these scams, it’s best to stick to what you know and observe the market closely before making any financial decisions.

As a careful person, you cannot allow yourself not to be cautious of things. So, take your time and make informed decisions to protect your investments.

What is a Crypto Rug pull and How Do You Avoid Them?

What is a Crypto Rug pull and How Do You Avoid Them?

By Ehis Ohiwerei - min read
Continue loading