What Is a Crypto Rug Pull? How to Spot One Before It Costs You Everything

You found a new token. The Telegram is buzzing. The chart is going vertical. Influencers are calling it the next big thing. You buy in — and 48 hours later the developers have vanished, the liquidity is gone, and your investment is worth nothing.

That’s a rug pull. And it happens every single day.

The rug pull is the most common crime in crypto — with more than 300,000 scam tokens created and 2 million investors defrauded. That’s greater than the number of investors harmed by the collapses of FTX, Celsius, and Voyager combined.

Crypto rug pulls cost investors $1.8 billion in 2025 alone. The frequency dropped compared to previous years, but individual scams got bigger and more sophisticated.

The good news is that rug pulls are almost always preventable. They follow a predictable playbook and leave clear warning signs — if you know what to look for.

What Is a Rug Pull?

A rug pull is a crypto scam where developers abandon a project and escape with investor funds, leaving token holders with worthless assets. The term originates from the phrase “pulling the rug out from under someone” — suddenly withdrawing support and leaving someone in a difficult position.

The mechanics vary but the result is always the same — you’re left holding tokens that can’t be sold and are worth nothing.

The Three Main Types of Rug Pull

1. Liquidity Rug Pull — The Most Common

In a liquidity rug pull, developers who control the liquidity pool suddenly withdraw all the paired cryptocurrency, leaving the new token with no trading value. Since the liquidity isn’t locked or is controlled by developer wallets, this drain happens instantly and the token price collapses.

Think of the liquidity pool as the reservoir that lets you sell your tokens. When it’s drained, your tokens still exist in your wallet — they’re just unsellable. You own something worthless.

2. Exit Scam — The Long Con

Developer exit scams involve the project team simply disappearing after raising funds. This often occurs after an initial coin offering, token presale, or new NFT mint. The developers promote the project heavily, collect investments, then delete social media accounts, shut down websites and abandon the project entirely.

Some exit scams happen within days. Others take months — building genuine community trust before pulling the rug when the money is significant enough.

3. Pump and Dump — The Classic

Developers and insiders hype a token through social media, influencer partnerships and aggressive marketing to artificially inflate its price. As retail investors pile in during the pump phase, insiders who hold large token allocations sell off their holdings at peak prices, causing the price to crash.

Unlike other rug pulls, pump and dumps don’t always involve stealing liquidity directly — the scam is in the coordinated selling by insiders who hold massive token allocations while retail buyers are still buying.

The Red Flags — What to Check Before You Buy

Almost every rug pull leaves warning signs before it happens. The five red flags covered here catch roughly 90% of them if you check before you buy.

Red Flag 1 — Anonymous Team With No Track Record

The single strongest predictor of a rug pull is an anonymous team with no verifiable history in the crypto industry. While pseudonymity is common in blockchain culture, there is a meaningful difference between pseudonymous builders with a track record and completely anonymous developers who appeared last week.

This doesn’t mean every anonymous project is a scam — but anonymous team plus other red flags is a serious warning combination.

Red Flag 2 — No Smart Contract Audit

Reputable projects have their smart contracts audited by independent security firms before launch. The most respected audit firms include CertiK, Trail of Bits, OpenZeppelin, Hacken, and Quantstamp.

Important caveat: Scammers frequently fabricate audit reports or claim audits from firms that have never reviewed their code. An audit does not guarantee safety — audits are point-in-time reviews and developers can modify contract code after an audit is completed if the contract uses upgradeable proxy patterns.

Always verify audits directly on the audit firm’s official website — never take the project’s word for it.

Red Flag 3 — Unlocked Liquidity

A liquidity lock sends the LP tokens to a time-locked smart contract so the developer physically cannot withdraw them before the lock expires. Legitimate projects lock liquidity for 6 to 12 months minimum, often longer. Locks under 30 days are a warning sign and no lock at all is a stop sign.

You can verify liquidity locks on Etherscan for EVM tokens or through RugCheck for Solana tokens. If the LP tokens are sitting in the developer’s wallet with no lock contract, walk away.

Red Flag 4 — Concentrated Token Ownership

If a small number of wallets hold a massive percentage of the total token supply, those holders can crash the price the moment they sell. Sophisticated rug pullers distribute tokens across dozens of wallets — to detect this, check if multiple top holders were funded from the same source wallet and use Bubblemaps for visual cluster analysis.

As a general rule, if the top 10 wallets hold more than 30-40% of the total supply you have serious concentration risk.

Red Flag 5 — Impossible Yields and Unrealistic Promises

If a project is offering 1,000% APY or guaranteeing returns — ask yourself where that yield is actually coming from. Legitimate yield comes from trading fees, protocol revenue, and lending interest. Unsustainable yields come from printing new tokens that dilute existing holders or from the next buyer’s money — classic Ponzi mechanics.

FOMO and social proof override due diligence. When a token is pumping 500% in 24 hours and an influencer with 200,000 followers is promoting it, checking the contract feels like it might cost you the trade. Scammers are counting on your urgency.

Red Flag 6 — Honeypot Smart Contract

A honeypot is a particularly cruel variant — the token is coded so you can buy but you can never sell. Before buying, use GoPlus or Honeypot.is to simulate whether selling is possible. On DEXTools, if you see only green buy candles with no red sell candles, that is a classic honeypot signature.

Red Flag 7 — Aggressive Paid Marketing With No Substance

Today’s scam platforms are polished. They copy UI patterns from established brands, integrate real-time price feeds, and even simulate activity to appear trustworthy.

Watch for: multiple influencers promoting the same unknown token simultaneously, Telegram groups with thousands of members but almost no real conversation, bots spamming positive sentiment across social media, and pressure to buy before it’s “too late.”

Real projects don’t need to manufacture urgency. If the marketing feels like a coordinated push rather than organic excitement — trust that instinct.

The Free Tools That Can Save You Money

You don’t need to be a developer to do basic rug pull screening. These free tools take about five minutes per token:

RugCheck (rugcheck.xyz) — Solana token scanner. Checks for mint authority, freeze authority, liquidity locks, and bundle analysis. Gives tokens a risk score.

TokenSniffer (tokensniffer.com) — EVM token scanner. Checks contract code for known scam patterns, copycat code, and honeypot mechanics.

Honeypot.is — Simulates a buy and sell transaction to check whether selling is actually possible before you commit real money.

Bubblemaps (bubblemaps.io) — Visual tool that shows wallet connections and token distribution. Makes it easy to see if wallets that appear independent are actually controlled by the same person.

DEXScreener (dexscreener.com) — Shows buy/sell ratios, holder counts, liquidity size, and trading history. A token with only buy transactions and no sells is a red flag.

This free detection stack catches amateur and intermediate scams before your money is at risk, and the entire process takes less time than scrolling through the project’s Telegram.

Famous Rug Pulls — Real Examples

Squid Game Token (2021) — Capitalised on the Netflix show’s popularity. Price pumped to $2,861 before developers pulled the liquidity and disappeared with approximately $3.3 million. The token had a honeypot mechanic — buyers could not sell.

AnubisDAO (2021) — Raised $60 million in ETH in 20 hours by impersonating OlympusDAO. Entire liquidity pool was drained within 24 hours of launch. Developers were anonymous and vanished.

SafeMoon — Federal prosecutors alleged the project’s founders and executives misled investors about supposedly “locked” liquidity, then diverted and misappropriated millions of dollars for personal use. SafeMoon’s market cap had grown to more than $5.7 billion before the alleged fraud unraveled.

MetaYield Farm (2025) — Vanished with $290 million in February 2025 — one of the largest single rug pulls on record.

What to Do If You’ve Been Rug Pulled

The honest answer is that recovery is very rare. Enforcement is accelerating but recovery rates for victims are extremely low — typically under 5% of stolen funds. Blockchain transactions are irreversible.

However, there are steps worth taking:

1. Document everything — transaction hashes, wallet addresses, project website, social media. Screenshots of everything before it disappears.
2. Report to the FBI’s IC3 — ic3.gov. Reports help investigators identify patterns and build cases.
3. Report to the FTC — reportfraud.ftc.gov
4. Report to the project’s blockchain — Ethereum, Solana, and BNB Chain all have fraud reporting channels
5. Post publicly — warning others prevents more victims and creates a paper trail
6. Consult a crypto recovery specialist cautiously — be careful here, recovery scams targeting rug pull victims are extremely common. Never pay upfront fees to “recover” your funds.

The Bottom Line

For the average retail trader, spending five minutes on due diligence before every new token purchase is the single highest-ROI habit in crypto — because the money you do not lose to scams compounds just as powerfully as the money you make on legitimate trades.

The crypto space is full of genuine opportunities — but it rewards the careful and punishes the impulsive. Run the free tools. Check the liquidity lock. Look up the team. If something feels designed to create urgency and override your judgment — it probably is.

For more on staying safe in the crypto space, check out our crypto security guide, our real scam DM article, and our guide to evaluating crypto projects.