1. What Are Rug Pulls & Exit Scams?
β Rug Pull
Timeline: Hours to weeks | Mechanism: Liquidity removal or massive token dump | Common in: DeFi tokens, memecoins, NFT projects | Result: Token price drops 90β100% instantly
β Exit Scam
Timeline: Months to years | Mechanism: Operators disappear with custodied funds | Common in: Exchanges, lending platforms, funds | Result: Total loss of deposited funds
The Scale of the Problem Chainalysis estimated $2.8 billion+ in rug-pull and exit-scam losses in 2024 alone, and Solidus Labs has reported that the majority of new ERC-20 tokens (~98% in some studies) have characteristics consistent with fraud. Learning to recognise these patterns isn't optional β it's essential survival knowledge.
2. Types of Rug Pulls
β Liquidity Theft Most Common
Developers add liquidity to create a trading pair, promote the token to attract buyers, then withdraw all liquidity from the pool β crashing the price to zero. Technical detail: LP tokens are not locked; the deployer wallet retains the ability to remove liquidity at any time.
β Sell Restriction / Honeypot Very Common
The smart contract allows buying but prevents selling (except for whitelisted addresses). Investors can buy tokens but are trapped β they cannot sell. Technical detail: The transfer() function includes a blacklist or conditional block that reverts all sell transactions for non-whitelisted addresses.
β Team Dump Common
The founding team pre-mines or allocates a large percentage of the token supply to themselves, then sells gradually or all at once after price pumps. Technical detail: Insider wallets are identifiable on-chain; check token distribution via blockchain explorer before investing.
β Hidden Mint Function Moderate
The contract contains a hidden or obfuscated function allowing the owner to mint unlimited new tokens, which are then sold to dilute existing holders to near zero. Technical detail: Look for mint(), _mint(), or owner-only functions in the contract source code; unverified contracts hide this entirely.
3. Red Flags Checklist
Team & Transparency: Anonymous team with no verifiable identities
Team & Transparency: No LinkedIn profiles, GitHub history, or prior project record
Team & Transparency: Founders refuse to verify identity via KYC or doxxing
Tokenomics & Liquidity: Liquidity not locked or locked for <6 months
Tokenomics & Liquidity: Top 10 wallets hold >50% of supply
Tokenomics & Liquidity: No smart contract audit from a reputable firm
Marketing & Community: Promises of guaranteed returns or 1000x gains
Marketing & Community: Telegram/Discord comments are disabled or heavily moderated
Marketing & Community: Sudden follower spikes with low engagement (bot activity)
Smart Contract: Contract is unverified on the block explorer
Smart Contract: Owner retains admin keys and upgrade privileges
Smart Contract: Token Sniffer or GoPlus flags high risk or honeypot warnings
4. On-Chain Analysis: How to Verify
Check the Contract
Is it verified on the block explorer? Scan with Token Sniffer and GoPlus. Look for hidden mint functions, sell restrictions, and owner privileges. If the contract isn't verified, stop here.
Verify the Team
Search team members on LinkedIn, GitHub, and Twitter. Cross-reference past projects. Check if identities are verifiable and if the team has a track record of legitimate work.
Read the Audit
Find the full audit report (not just a badge). Verify the auditor is a known firm (CertiK, Trail of Bits, Hacken, etc.). Check the audit date β audits older than 6 months may not cover recent changes.
Check Liquidity Lock
Use UNCX (formerly Unicrypt), Team.Finance, PinkLock, or Mudra Locker to confirm LP tokens are locked. Verify the lock duration (1+ year preferred) and the percentage of total liquidity locked. A low lock or no lock is a major red flag. On Solana, check Streamflow or DEXScreener's LP info pane.
Test with a Tiny Amount
Before committing significant funds, buy a tiny amount and immediately try to sell it back. If you can't sell, it's a honeypot. Never invest more than you can afford to lose in a new token.
5. Real-World Case Studies
β Squid Game Token (2021)
Capitalised on the Netflix series hype. Token rose 310,000% in days. Sell restriction (honeypot) prevented investors from selling. Developers drained $3.38M in liquidity. π Lesson: Viral hype + sell restrictions = classic honeypot. Always test-sell before committing funds.
β Thodex Exchange (2021)
Turkish crypto exchange founder fled with ~$2 billion in user funds. Exchange halted withdrawals, then went dark. Classic exit scam β built trust over years then disappeared. π Lesson: Keep only trading amounts on exchanges. Withdraw to self-custody wallets for long-term holdings.
β Pump.fun Memecoin Era (2024β2025)
Solana's Pump.fun launchpad enabled millions of memecoin launches with near-zero friction. Multiple analyses found that 95%+ of launches end in rug pulls or worthless tokens within days, with insider wallets exiting on first liquidity. π Lesson: launchpad volume is not a sign of quality β it's a sign of low-friction speculation. Treat any Pump.fun-style token as expected-to-fail unless audited, doxxed, and liquidity-locked for 12+ months.
β Multichain Bridge Collapse (2023)
A leading cross-chain bridge with $1.5B+ in TVL went silent in May 2023 after Chinese police arrested CEO Zhaojun He. Within weeks, $130M+ was drained from bridge contracts in suspicious withdrawals. The protocol shut down operations and users could not recover deposited assets. π Lesson: cross-chain bridges concentrate risk on small custodial teams. For any custodial bridge, evaluate team transparency and consider multi-bridge or native-token routes for large transfers.
6. The Token Verification Framework
Contract Verification
Open the token address on Etherscan/BSCScan. Confirm the contract is verified (source code visible). Run it through Token Sniffer and GoPlus Security for automated risk assessment.
Liquidity Analysis
Check UNCX (formerly Unicrypt), Team.Finance, PinkLock, or Mudra Locker for locked LP tokens. Verify total liquidity depth and lock duration. Use DEXTools, DEXScreener, or Birdeye (for Solana) to monitor liquidity trends and wallet activity in real time.
Token Distribution
Review the top holders list. If any wallet holds >10% of supply (outside of liquidity pools), that's a concentration risk. Check for wallets that received tokens at launch β these are insider wallets.
Team & Audit Verification
Verify team identities independently. Find and read the full audit PDF (not just a badge). Confirm the auditing firm's reputation and that the audit covers the deployed contract version.
Community Sentiment Check
Search [token name] + 'scam', 'rug pull', 'review' on Google and Twitter. Check Reddit and independent crypto forums. Look for organic discussion vs. paid promotion. Disable comments = huge red flag.
The 5-minute rule: If you can't find basic information (team, audit, liquidity lock) within 5 minutes of searching, the project likely doesn't want you to find it. That alone is a red flag.
7. Where Rug Pulls Happen Most
| Platform Type | Risk Level | Why |
|---|---|---|
| DEX (Uniswap, PancakeSwap) | π΄ Extreme | Anyone can list a token with no vetting β zero barrier to fraud |
| New memecoin launchpads (Pump.fun, etc.) | π΄ Extreme | Designed for rapid token creation; most tokens fail or are abandoned within days |
| Unaudited DeFi protocols | π΄ High | Smart contract bugs and intentional backdoors; no third-party review |
| Centralised exchanges (unregulated) | π Medium-High | Risk of exchange insolvency or exit scam; limited regulatory oversight |
| Centralised exchanges (regulated, e.g. Binance) | π‘ Low-Medium | Vetting process reduces rug pull risk; market volatility risk remains |
| Blue-chip DeFi (Uniswap, Aave, Compound) | π’ Low | Audited, time-tested, decentralised governance β not immune but far safer |
Frequently Asked Questions
What is a rug pull in crypto? +
How is an exit scam different from a rug pull? +
Can rug pulls happen on major exchanges like Binance? +
Are all new tokens scams? +
Can I get my money back after a rug pull? +
How do I report a rug pull? +
Derivatives & Leveraged Products β Important Risk Warning
Derivatives are complex financial instruments that carry a high risk of rapid capital loss. Leveraged trading (futures, perpetual contracts, margin trading, options) can result in losses that exceed your initial investment. The majority of retail investor accounts lose money when trading derivatives.
You should carefully consider whether you understand how derivatives work and whether you can afford to take the high risk of losing your money. This content is for educational purposes only and does not constitute financial advice, investment advice, or a recommendation to trade derivatives.
In the European Union, crypto derivatives are classified as financial instruments under MiFID II. Only platforms with appropriate MiFID II authorization may offer these products to EU residents. Regulatory treatment varies by jurisdiction β verify the legal status of derivatives trading in your country before participating.
Continue Learning
Stay One Step Ahead of Scammers
Trade on Binance β the largest crypto exchange by spot volume, with on-chain monitoring and a $1B+ SAFU insurance fund. Lower rug-pull risk than DEXs, but always do your own research before any token purchase.
Ad Β· Digital asset prices are subject to high market risk and price volatility. Don't invest unless you're prepared to lose all the money you invest. Terms & risk disclosure
This page contains affiliate links. We may earn a commission at no extra cost to you.