As a seasoned investor with over two decades in the financial market under my belt, I must say that the crypto world, while brimming with potential and innovation, is also a veritable playground for scammers and swindlers. My personal experience has taught me to be vigilant and discerning, as the allure of quick profits can often blind even the most astute investor to the red flags that signal a potential rug pull.
As cryptocurrency markets soar to unprecedented levels, reaching a staggering market cap of $3.89 trillion, the world of Decentralized Finance (DeFi) has seen an alarming spike in instances of “rug pulls.
On November 14th, there were 31 instances of “rug pulls” reported in a single day, which is a concerning increase. The total loss from these events over the past month reached approximately $15 million, demonstrating the growing complexity of fraudulent activities.
Despite many occurrences involving modest sums – usually below $100,000 – the frequent occurrence and growing intricacy of these fraudulent activities have raised substantial concerns about the security and reliability within the Decentralized Finance (DeFi) sector.
According to Allen Zhang, who’s both a co-founder and the chief technology officer at GoPlus – a company specializing in Web3 cybersecurity, he revealed to CryptoMoon that the rug pull scheme most frequently encountered is known as the “honeypot token” swindle. Since November, this deceitful tactic has been spotted in over 5,688 tokens.
He said that modern scammers have adapted by implementing sophisticated multi-wallet control strategies, making it difficult to assess risk purely based on holder concentration metrics.
Crypto scammers change their tactics
Observing from afar, it’s clear that the contemporary rug pull strategy has progressed from a simple grab-and-run scheme into a complex psychological tactic.
According to Michael Heinrich, one of the founders of 0G Labs, a company specializing in Web3 infrastructure, scammers these days use sophisticated marketing tactics that even legitimate startups might envy.
He stated, “We’re encountering carefully constructed stories intended to deceive unwitting investors. The lack of thorough identity verification processes enables unscrupulous token creators to launch and publicize fake tokens anonymously, which makes it difficult for law enforcement to identify and prosecute them.
As a researcher, I’ve found an intriguing case study in the rapid rise and fall of the Peanut (PNUT) memecoin. In the first week following its November 1st launch, PNUT experienced an astounding 161-fold price surge. Unfortunately, this meteoric rise also attracted unscrupulous individuals who capitalized on the hype by creating counterfeit versions of the token. These scammers managed to rug pull, resulting in the loss of over $103,000 from unsuspecting investors.
Regarding this topic, the usage of bots that preemptively trade based on detecting potential transactions (front-running attacks) within a pool of pending transactions has turned out to be a very subtle and harmful approach.
Recent: Microsoft’s Bitcoin dilemma: Ride $5T BTC wave or avoid risk
Zhang explained that deceitful entities are starting to create automated strategies for launching tokens, which they plan to use against front-running bots as a form of manipulation.
From my perspective, this setup has sparked an intriguing game theory scenario. As a crypto investor, I find myself navigating through a more sophisticated and intelligent competition between token issuers and trading bots, making each move a strategic challenge.
Steven Walbroehl, co-founder and chief technology officer of Web3 security firm Halborn, told CryptoMoon that front-running bots are aiding rug pull scams, especially during token launches.
Frequently, this process begins with a ‘buzz and market surge.’ Specialized bots, known as front-runners, quickly spot new token launches and immediately place aggressive buy orders ahead of regular investors.
“These actions artificially inflate token prices and volumes, creating an illusion of high demand and enticing more investors to participate.”
Consequently, security specialists are required to delve deeper into comprehensive examinations, employing techniques that surpass basic intensity measurements and instead utilize advanced markers signifying possible harmful actions.
Heinrich highlighted an emerging aspect of deceptive practices in the crypto world: the “fair launch” of meme token offerings, particularly in the context of Pump.fun, a Solana-based platform enabling users to generate and distribute their own tokens, mostly memecoins. He noted that a significant 90% of the wallets on this platform appeared to be connected.
In simpler terms, developers are adding meme tokens onto Pump.fun and employing bots as well as other strategies to artificially increase the price. Once the price is inflated, they then sell these tokens to unwary retail users. A recent instance of this occurred when a 13-year-old made $30,000 by using the same method.
Kid makes a coin then dumps on people for $30k while live-streaming 😭
— TTI (@TikTokInvestors) November 20, 2024
Walbroehl noted an increasing pattern of unscrupulous initiatives misleadingly connecting themselves with reputable brands for credibility. He explained that one such instance was a project which dishonestly tied itself to the Lego brand, luring investors under false promises, only to later execute the fraudulent scheme.
Detection, prevention and community defense
As meme coin scams become more prevalent, the blockchain safety network is now taking advanced steps to combat them effectively.
Security research group Anaxi Labs, together with Carnegie Mellon University’s CyLab, have devised methods aimed at streamlining blockchain elements and improving clarity.
Speaking to CryptoMoon, Kate Shen – one of Anaxi Labs’ co-founders – expressed that the upcoming months could hold significant importance for blockchain security and audibility, notably due to Andreessen Horowitz debuting their inaugural in-house product, Jolt, earlier this year.
[Jolt aims to provide tools that are easier, quicker, and more transparent, in contrast to the existing developer experience that can be quite demanding and provides ample opportunities for security vulnerabilities to arise],” she explained.
GoPlus has unveiled the SafeToken Protocol, offering predefined security blueprints aimed at minimizing instances of fraudulent practices like rug pulls, which often involve harmful code. As explained by co-founder Zhang, this move helps foster a more secure environment for token launches within the Web3 landscape.
Besides these particular resolutions, Nanak Nihal Khalsa, one of the founders of Holonym – a Web3 security protocol, recommended to CryptoMoon that crypto wallets ought to utilize automated code-checking tools whenever users engage with contracts, for enhanced safety measures.
He mentioned that this issue cannot be resolved at the user level, but it can be addressed at the wallet level instead. It would be beneficial for the wallets to implement this feature, alongside their existing transaction simulation capabilities.
Heinrich advocates for DeFi platforms to regularly collaborate with well-respected external audit firms when it comes to contract reviews. He also emphasizes the importance of fostering open-source coding within these platforms, similar to GitHub. Furthermore, he proposed that the contracts should be immutable and non-editable once they are deployed.
The psychological aspect of rug pulls is understated
Cryptocurrency scams may use advanced techniques to influence people psychologically. According to Ben Caselin, Chief Marketing Officer at VALR, a digital asset trading platform, many cryptocurrency investors are aware of the inherent risks in these markets. He further stated:
They’re basically betting on a hunch, purchasing several tokens with lower market values, hoping that one or two of them will experience success quickly.
In this situation, these conditions have created an ideal environment for fraudsters to thrive, as anxious investors, enticed by the prospect of swift earnings and fearful of losing opportunities (FOMO), often find themselves easy targets for such scams.
Heinrich said today’s scammers have become adept at creating extremely professional facades. “I receive at least one email per week from an ‘investment fund’ claiming interest in my project,” he revealed.
The role of social media and influencer marketing has also become undeniable, with fake endorsements, fabricated success stories and coordinated marketing campaigns becoming standard tools.
Scammers use fear-of-missing-out (FOMO) strategies on social media platforms to take advantage of impulsive investors’ behavior. It’s concerning that some fraudsters replicate this scheme across various projects, continuously improving their methods to ensnare more unsuspecting victims, as Shen pointed out.
Recognizing red flags
There are a number of signals that traders can look for to recognize a potential rug pull.
One alternative expression for “token concentration” could be “manipulating token distribution by controlling various, apparently separate wallets,” where Khalsa suggests that scammers deceive potential investors by giving the impression of a widespread distribution while actually maintaining control over numerous individual wallets.
As an analyst, I find that tokens with a more concentrated supply tend to carry a greater risk and potential for a so-called “rug pull.” In simpler terms, when a larger portion of a cryptocurrency’s total supply is held by a few entities, the likelihood and severity of a sudden exit or manipulation (which we refer to as a rug pull) become higher.
Recent: Why crypto needs to fix its ‘dangerously low’ knowledge gap
Fraudulent ventures often issue tokens with little trading volume, which makes it simpler for those in control to suddenly abandon the project (rug pull). Ventures with a small number of tokens distributed within the community are especially susceptible because widespread token distribution reduces the risk of manipulation.
It’s relatively simple to give the appearance of a decentralized token supply when in fact it is centralized, such as by dispersing funds across multiple addresses that one person manages or creating a deceptive ERC-20 token contract capable of falsifying supply and account balances. As Khalsa explained, these tactics might not be detected by the average user.
In the given context, Shen points out that tools such as Etherscan and Token Sniffer can be useful for identifying cryptocurrency projects in which a small number of wallets hold a significant portion of the asset ownership.
Khalsa pointed out that although it’s unattainable to eradicate every risk entirely, we can significantly minimize them by emphasizing education, fostering technological advancements, and cultivating a shared sense of accountability.
Read More
- TRB PREDICTION. TRB cryptocurrency
- GBP EUR PREDICTION
- OKB PREDICTION. OKB cryptocurrency
- TNSR PREDICTION. TNSR cryptocurrency
- HBAR PREDICTION. HBAR cryptocurrency
- RLC PREDICTION. RLC cryptocurrency
- POL PREDICTION. POL cryptocurrency
- API3 PREDICTION. API3 cryptocurrency
- SEI PREDICTION. SEI cryptocurrency
- CNY RUB PREDICTION
2024-12-12 17:06