A rug pull is a fraudulent scheme in the cryptocurrency market where developers raise funds from investors, then abruptly abandon the project and disappear with the money, leaving participants holding tokens that have lost almost all their value. The term comes from the idiom "pulling the rug out from under someone," capturing the sudden collapse of what investors thought was solid ground. Rug pulls are most common in decentralized finance (DeFi) environments, where the lack of centralized oversight and regulation makes it easy for bad actors to launch and abandon projects with little accountability.
Rug pulls gained prominence alongside the explosive growth of DeFi platforms from 2020 onward. Decentralized exchanges (DEXs) like Uniswap and PancakeSwap allow anyone to list a new token by creating a liquidity pool without approval from any central authority. This permissionless model democratized access to financial tools but removed gatekeeping mechanisms that filtered fraudulent offerings. As capital flowed into DeFi seeking high yields, scam projects increased to exploit that enthusiasm. By 2024, rug pulls and related exit scams caused billions of dollars in losses, with DeFi platforms accounting for most incidents.
The mechanics of a rug pull usually follow a recognizable pattern, though technical execution varies by type. Developers launch a token or project with polished marketing materials, including a whitepaper, a professional website, and active promotion on social media. The token is then listed on a decentralized exchange by pairing it with an established cryptocurrency like Ether (ETH) or a stablecoin to form a liquidity pool. Early investment pushes the token's price upward, and the appearance of momentum draws in more buyers, often driven by fear of missing out (FOMO).
Once developers have accumulated enough capital, they execute the exit. Usually, this means draining the liquidity pool of its paired assets, causing the token's price to collapse near zero within minutes or hours. Investors cannot sell their holdings at any meaningful price. The project's website and social media channels are typically taken offline soon after, and the developers, often operating under pseudonyms, become untraceable.
Rug pulls are generally classified into two broad categories based on how they are technically executed.
A hard rug pull involves malicious code embedded directly into the project's smart contract. Through backdoors or hidden functions, developers can restrict investors from selling their tokens, mint unlimited new tokens to dilute supply, or drain the liquidity pool programmatically without any manual intervention. Because the exploit is coded into the contract itself, it can be executed instantly and is nearly impossible to reverse once triggered.
A soft rug pull does not rely on exploited code but is a behavioral form of fraud. Developers gradually sell their substantial token allocations on the open market, suppressing the price over time. Alternatively, they stop updating the project, cease community communication, and let the token decline without any formal announcement. Soft rug pulls are harder to distinguish from legitimate project failures, which partly explains their rising frequency. Between 2024 and 2025, soft rug pulls increased by about 33%, outpacing hard rug pull incidents.
Several rug pulls stand out for their scale or for the legal and cultural attention they attracted.
SushiSwap (2020) is among the earliest high-profile examples in DeFi. The project's pseudonymous founder, known as Chef Nomi, liquidated approximately $14 million worth of tokens from the development fund, causing the token's price to crash from over $9 to just over $1 within days. Chef Nomi eventually returned the funds after severe community backlash, an outcome that is atypical for this type of scam.
Squid Game Token (2021) capitalized on the global popularity of the Netflix series of the same name. The SQUID token surged to roughly $2,800 before its developers cashed out with more than $3 million. The token had been deliberately coded to prevent most investors from selling, meaning the collapse was effectively instantaneous for holders.
AnubisDAO (2021) raised close to $60 million before its creators vanished and removed nearly all liquidity from the project's pools within a single day, leaving investors with worthless ANKH tokens.
Thodex (2021) differed from most DeFi-based rug pulls in that it operated as a centralized Turkish cryptocurrency exchange. When CEO Faruk Fatih Özer abruptly halted trading and fled the country, he allegedly took an estimated $2 billion in user funds. He was later arrested in Albania, extradited to Turkey, and sentenced to over 11,000 years in prison, a symbolic figure under Turkish law reflecting the scale of the crime.
Frosties NFT (2022) raised over $1.1 million before its founders shut down the project's website hours after the sale concluded and transferred all funds to private wallets. Notably, the two founders were arrested and charged with wire fraud and money laundering, making the case one of the first successful prosecutions for an NFT-specific rug pull.
HAWK memecoin (2024) was launched by internet personality Haliey Welch and promoted heavily on social media. The token reached an initial market cap of approximately $490 million before collapsing after large early holders liquidated their positions.
The financial damage caused by rug pulls has grown with the broader crypto market. According to blockchain intelligence firm Merkle Science, investors lost over $500 million to memecoin rug pulls and related scams in 2024 alone. Tracking platform Comparitech estimates cumulative losses from crypto rug pulls and scams have exceeded $27 billion. In 2024, 58 documented rug pull cases caused losses totaling $106 million, with Binance Smart Chain (BSC) accounting for the highest number of incidents at 28 cases. Developers using anonymous identities were responsible for 92% of successful rug pulls tracked in 2025. About 40% of stolen funds were routed through transaction-obfuscating tools like Tornado Cash.
Certain patterns appear repeatedly across rug pull cases, and recognizing them early is one of the more practical defenses available to investors.
Anonymous or unverifiable teams are strong indicators of risk. Legitimate projects usually have publicly identified developers with traceable professional histories. When a team operates entirely under pseudonyms and no background can be verified, the risk of disappearing with funds is much higher.
Unlocked or minimal liquidity is another key signal. Projects that lock liquidity in a smart contract for a set period show commitment to continuity. When liquidity is unlocked, controlled by few wallets, or concentrated with developers, the risk of a sudden drain increases.
Abnormally rapid price increases without a related news event or product milestone often signal artificial hype. Developers and coordinated groups may buy tokens early to inflate the price, creating momentum and attracting retail investors before the exit.
Lack of a third-party audit is a practical red flag in smart contract projects. A credible audit from a reputable security firm identifies vulnerabilities and hidden functions in the code. Projects that launch without an audit or reference fake audit certificates carry much higher risk.
Selling restrictions embedded in the contract are a specific technical warning. If investors cannot sell a newly acquired token, or only the developer's wallet is whitelisted for selling, the project shows structural signs of a hard rug pull.
There are currently no laws in most jurisdictions that explicitly name or prohibit rug pulls as a distinct criminal offense. However, the conduct involved frequently satisfies the elements of existing crimes such as wire fraud, money laundering, and securities fraud. The Frosties NFT case and the Thodex conviction are among the clearest examples of prosecutors successfully applying established legal frameworks to crypto exit scams.
Regulatory attention is increasing. In 2024, a New York state bill proposed making it a criminal offense to sell 10% or more of a cryptocurrency's total supply within five years of launch. This targets coordinated dumps by project insiders. Globally, enforcement actions against crypto Ponzi schemes and exit scams rose about 48% between 2023 and 2024. Multinational task forces recovered $380 million in stolen crypto assets in the first quarter of 2025 alone.
Thorough research into a project's purpose, team credentials, smart contract code, and community history is the first line of defense. Checking if a project's liquidity is locked using verifiable on-chain tools and confirming the contract has been audited by a recognized third party reduces exposure significantly. Skepticism toward projects that promise outsized returns, rely heavily on influencer promotion, or show disproportionate token concentration among few wallets is well-founded based on past patterns. On-chain analytics and scam-monitoring tools have improved, with services like BlockScan's ScamWatch providing real-time detection across multiple DeFi platforms.
.webp)