Crypto Rug Pulls: How to Identify and Avoid Them
Rug pulls have cost crypto investors over $14 billion since 2020. Learn to identify scams before losing money, covering liquidity drains, team dumps, and honeypot detection.
What is a Rug Pull?
A rug pull is a type of exit scam where developers or team members abandon a cryptocurrency project and steal investor funds. The term comes from the analogy of "pulling the rug out from under" someone—suddenly removing support while funds are locked in. Unlike slow project failures, rug pulls involve deliberate theft of liquidity or tokens.
Understanding this concept is a prerequisite for making informed decisions in DeFi. Most losses in crypto come from misunderstanding the fundamentals.
The industry has tracked over $14.1 billion in rug pull losses across multiple blockchain networks. These scams disproportionately target DeFi protocols, NFT collections, and new altcoins where regulation is minimal and verification is difficult. The damage extends beyond individual losses—mass rug pulls create market-wide distrust and attract regulatory scrutiny.
Types of Rug Pulls
Liquidity Pool Rug Pulls
The most common type, where developers drain all liquidity tokens (LP tokens) from an automated market maker (AMM) contract. When someone tries to sell their tokens, no liquidity exists to swap into—all proceeds have been withdrawn by the team. The Squid Game token became infamous for this: it launched on PancakeSwap with $2.1 million in liquidity on November 2, 2021. Within hours, developers pulled all liquidity, wiping out $12 million in investor holdings as the token became unsellable.
Team Exit Scams
Developers simply dump their allocation of tokens on the market, crashing the price and cashing out. AnubisDAO promised decentralized governance but concentrated voting power within founder wallets. In April 2022, founders authorized a $60 million treasury transfer to themselves, liquidated their positions, and disappeared. Investors who held governance tokens could not prevent the exit.
Mint Function Rug Pulls
Developers retain unlimited mint privileges to create new tokens at will, inflating supply to zero value. This is common in poorly designed NFT and governance token contracts where there is no cap on token creation. The team can mint billions of tokens, dump them, and render the token worthless while claiming technical failure.
Fee-Based Rug Pulls
Developers set extremely high transaction fees (30-99%) on buys or sells, hidden in contract code. Users buy expecting to receive tokens but only receive a fraction. The difference flows to developer wallets. GoPlus reported that over 8% of new token launches in 2024 contained hidden fee mechanisms.
Red Flags and Warning Signs
Unlocked or Expiring Liquidity
Legitimate projects lock liquidity for 1-5 years using specialized platforms like Unicrypt, Team Finance, or LockFi. If LP tokens are unlocked or the lock expires within weeks, developers can remove liquidity at any time. Always verify the lock timestamp on the contract by checking Block Scout or searching for the LP token address on the locking platform.
Anonymous or Unverifiable Teams
Check LinkedIn, GitHub, and social media profiles for team members. Many successful projects require public team doxxing (revealing real identities). Anonymous teams reduce accountability—if a developer steals funds, there is no legal recourse. Cross-reference social media accounts for creation date; accounts created weeks before project launch are suspicious.
Skewed Tokenomics
Watch for allocations over 30% going to the team, zero burn mechanisms, no vesting schedules, and excessive transaction fees. If 70% of tokens are held by a single wallet or locked in a developer address with no time-lock, the founder can dump and crater price at any moment. Compare against established projects: Uniswap locked founder tokens for 4 years, and Aave has team tokens vesting over 3 years.
Unrealistic Promises
Projects promising guaranteed returns, celebrity endorsements without verification, or revolutionary technology with no working product are typically scams. Rug pull projects often use aggressive marketing and Discord hype to create FOMO. Red flag language includes "moon mission," "100x guarantee," and "limited time offer."
Renounced Ownership Without Verification
Renounced ownership (transferring ownership to address 0x0000) makes the contract immutable—no function calls can be made to change parameters. However, many scams claim renounced ownership while maintaining hidden admin functions or multi-signature wallets controlled by founders. Always verify the actual contract code, not just the claimed ownership status.
Detection Tools and Verification
Token Sniffer
Token Sniffer performs automated analysis on Ethereum, BSC, and other chains, scanning for hidden fees, self-destructs, mint functions, and proxy owner access. It simulates buy and sell transactions to detect honeypots. A red risk rating indicates high likelihood of rug pull. The tool is free and supported by community review.
GoPlus Security API
GoPlus provides open-source security checks including holder concentration analysis, liquidity verification, and contract audit results. It can identify if the top 10 addresses hold >90% of supply (major red flag) and whether the token is flagged as a honeypot across multiple networks.
RugDoc and RugPull.io
RugDoc and RugPull.io maintain databases of identified rug pulls and provide educational materials. RugDoc offers team doxing verification and liquidity lock verification. These tools rely on community reporting and blockchain analysis to flag projects after detection.
Manual On-Chain Verification
Check the contract owner address on Block Scout. If it is address 0x0000 or owned by a multi-sig with 3-of-5 requirement, it is safer than single-owner contracts. Search the owner address for previous projects—if they have a history of rug pulls, avoid. Review transaction history for the LP token address; if it was recently created and has zero lock timestamp, liquidity is unprotected.
| Detection Tool | Specialization | Accuracy | Cost |
|---|---|---|---|
| Token Sniffer | Honeypot, fees, mints | ~92% | Free |
| GoPlus | Holder analysis, liquidity | ~88% | Free API |
| RugDoc | Manual review, team dox | ~95% | Premium |
| Manual verification | Custom analysis, owner history | ~99% | Time-intensive |
Real-World Rug Pull Examples
Squid Game Token (November 2021)
A Squid Game–themed token launched on PancakeSwap with $2.1 million in initial liquidity, capitalizing on the Netflix show's popularity. The token spiked to $0.12 from an initial $0.001, reaching a $12 million market cap. Developers then removed all liquidity from the pool on the same day of launch. The contract was also a honeypot—tokens could be bought but not sold. Investors were left holding worthless tokens with no way to exit.
AnubisDAO (April 2022)
AnubisDAO promised a fully decentralized governance platform for Egyptian-mythology-themed crypto. The project raised $60 million through a presale, claiming to be led by anonymous "Core Team" members. In reality, a single private key holder controlled 99.9% of voting power. Three weeks after launch, the team authorized a treasury transfer to themselves, dumped all positions, and transferred funds to Tornado Cash (a mixing service) to obscure the theft.
OneCoin (2014-2018)
One of crypto's largest Ponzi schemes, OneCoin defrauded 3.6 million victims of $14 billion globally. The token was never actually on any blockchain—the company maintained a fake wallet system. Founders promised returns of 5,000% per year and ran an MLM structure where affiliates earned commissions for recruiting others. Law enforcement eventually arrested founder Ruja Ignatova (now disappeared) and shut down the operation.
Protection Strategies
Never FOMO Into Launches
Legitimate projects benefit from proper due diligence—give yourself at least 1-2 weeks before buying. During this window, rug pulls typically execute their exit, leaving failed projects clearly identified. Use this time to verify liquidity locks, audit reports, team identities, and tokenomics. Wait for at least 500 holders and meaningful liquidity ($500k+) before deploying capital.
Position Size Discipline
Allocate only 0.1-1% of your portfolio to unproven tokens, no matter how promising. This "high-risk tolerance" sizing limits catastrophic loss while allowing exposure to potential 10x+ winners. Even if a position goes to zero, it will not devastate your overall capital.
Verify Everything Independently
Do not trust whitepaper claims. Check the contract code on Block Scout, verify liquidity locks by searching the LP token address, and confirm team members exist outside of crypto channels. Many projects list fake LinkedIn profiles or stolen photos. Reach out to team members directly through verified channels to confirm affiliation.
Use Multi-Signature Wallets for Launches
Projects requiring 3-of-5 multi-signature approval for treasury access or liquidity withdrawal are significantly safer than single-owner controlled projects. This creates friction for exit scams and requires multiple parties to collude. Established protocols like Aave, Uniswap, and Compound use multi-sig for all governance treasury actions.
FAQ
What is the most common type of crypto rug pull?
Liquidity pool rug pulls are the most common, where developers drain all liquidity tokens from the contract and lock them forever. The Squid Game token lost $12 million this way in 2021 when developers removed $2.1 million in liquidity immediately after launch.
How can I check if liquidity is locked?
Use Block Scout, RugDoc, or GoPlus to check LP token locks. Legitimate projects typically lock liquidity for 1-5 years using platforms like Unicrypt, Team Finance, or LockFi. Look for timestamp values showing when the lock expires; if LP tokens are unlocked or expiring soon, it is a major red flag.
What does renounced contract ownership mean for security?
Renounced ownership makes the contract immutable, preventing developers from increasing fees, pausing transfers, or pulling liquidity. However, many rug pull projects claim renounced ownership to build trust, then use backdoor functions or alternative owner addresses to drain funds. Always verify on-chain code; renounced ownership alone is not a guarantee.
How do honeypot contracts prevent token selling?
Honeypot contracts have hidden logic that allows buying but blocks selling or transfers. They typically use a hidden owner function that forbids token transfers after purchase. Tools like Token Sniffer and GoPlus can detect these by simulating buy and sell transactions on a forked blockchain to check if trades fail.
What tokenomics red flags should I watch for?
Watch for excessively high transaction fees (>10%), massive initial allocations to the team (>50% of supply), no vesting schedules, and zero burn mechanisms. AnubisDAO claimed to have a decentralized treasury but concentrated voting power in founder wallets, enabling them to authorize $60 million in exit scam transfers.
Are audited contracts guaranteed safe from rug pulls?
No. Audits prevent certain technical vulnerabilities but cannot detect team behavior or exit scam intent. A team with renounced ownership and multi-sig wallets is more trustworthy than an unaudited token with unilateral control. Always combine audits with fundamental team verification and conservative allocation strategy.
Educational disclaimer: This guide is for informational purposes only and does not constitute financial advice. Crypto involves significant risk — do your own research before making any decisions. Learn more about our team.
Educational disclaimer: This guide is for informational purposes only and does not constitute financial advice. Crypto involves significant risk — do your own research before making any decisions. Learn more about our team.