Rugpull reports in the DeFi jungle

A rising category of cryptocurrency scams called ‘rugpulls’ accounted for 37% of all cryptocurrency scam revenue in 2021. A rugpull is an exit scam in the DeFi (Decentralized Finance) ecosystem where developers abandon a project without fully delivering and run away with investors’ funds. Thodex, a Turkish centralized exchange, ran away with $2 billion from victims. In March 2022, the U.S. Department of Justice charged two defendants for a $1.1 million NFT rugpull scam called Frosties.

In our paper to be presented next week at Financial Cryptography and Data Security 2023, we analyze an updated list of rugpulls from an online discussion forum – This forum provides a platform for everyone to discuss anything on crypto that also attracts scammers to advertise their projects. We observe that since 2020, the number of rugpull threads has increased, while the ones containing exit scams have decreased; the total mention of either of these terms is relatively stable over time. This means that users have started using the term ‘rugpull’ instead of ‘exit scam’ since the DeFi space emerged.

Using keywords to search for threads discussing rugpulls, we found 101 rugpulls from six services, summarised in Table 1. Our dataset is available from the Harvard Dataverse as doi:10.7910/DVN/SMGMW8.

Service Type Definition Observation
Initial Coin Offerings (ICOs) Raising money to create a new ERC20 token 73
Yield farms Lending crypto assets to earn interest on the loan 16
Exchanges Platforms for users to buy/sell cryptocurrency 5
Non-Fungible Tokens (NFTs) Unique, non-interchangeable digital asset that can be bought and sold 5
Initial Dex Offerings (IDOs) Similar to ICO, but on a decentralized exchange 1
Cloud mining Fractional shares of a mining operation 1
Table 1: DeFi service types by quantity of observed rugpulls (N=101)

We find that Initial Coin Offerings (ICOs) form the majority of rugpulls, and most of them pulled the rug in less than six months. For example, the SquidGame Token, named after a famous TV show, rugpulled within days in 2021.

Projects rugpulled before September 2021 were active for a much longer time than those that were rugpulled later. This likely demonstrates that they engaged in a scam after seeing the success of the earlier ones. Is this the only reason? We hypothesize that the longer-running projects wait for a reasonable ETH exchange rate before pulling the rug to gain maximum profits. More noted occurrences of rugpulls would help answer this hypothesis statistically.

Additionally, we uncover that the number of rugpulled ICOs has decreased since the second half of 2022, perhaps pointing to the scammers and legitimate project owners moving to new DeFi attractions like IDOs and NFTs. This could also be due to the low exchange rates of cryptocurrencies.

The analysis shows that rugpull scams are progressing in the DeFi space targeting new services. But, we want to reduce their instance by finding systemic fixes.

Can platform moderators recognize rugpull scam advertisements and remove them? We apply the seven lure principles adapted from Stajano and Wilson on the content extracted from the announcement posts of the identified rugpulls. We discovered that these schemes primarily use authoritative and financial lures at the announcement stage of the project to mimic legitimate projects. This shows that moderating project advertisements is a tough task!

Do we have regulations in the European Union (EU) to deal with such scams? The upcoming MiCA (Markets in Crypto-Assets) regulation could harmonize cryptocurrency rules across the EU. The framework will require issuers to be legal entities that draft, notify, and publish a detailed white paper. This should include clear and transparent information about the project and the marketing communications following the notification and publication process where applicable. It should also include clear details of the issuers/offerors themselves (articles 4, 5, 6, 7, 8). MiCA will also grant consumers who are retail holders (not qualified investors) the right to withdraw their funds or even be reimbursed when possible (article 12). But with delays and a general lack of enforcement of existing regulations, it’s unclear if this will have a beneficial effect for this sort of scam.

For more details, including our data collection methodology to collect and identify rugpulls and discuss see our paper: ‘DeFi Deception — Uncovering the prevalence of rugpulls in cryptocurrency projects’ co-authored with collaborators from the Cambridge Cybercrime Group and UCL Crime Science.


Many thanks to Dr. Marie Vasek for editing and Marilyne Ordekian and Gilberto Atondo-Siu for reviewing a draft of this article.

Leave a Reply

Your email address will not be published. Required fields are marked *