Rug Pull Tide Sweeps Through Crypto Community: Almost $3 Million Stolen in a Day

One of the tokens involved in the recent series of rug pulls capitalized on the success of the PulseX cryptocurrency exchange, which has its own legitimate native token.

A skull on a pile of money
Exit scams were identified as the most prevalent form of security exploit in 2023

After a relatively peaceful week marked by low activity among cybercriminals, who, according to Web3 security firm SlowMist, stole less than $700,000 from cryptocurrency users, the blockchain community was struck by an unexpected wave of rug pull scams. Since yesterday, another on-chain security team, PeckShield, has been reporting numerous incidents of exit scams, leading to a total loss of approximately $2.9 million so far.

In the past few hours, PeckShield has reported a series of four rug pulls involving tokens such as BorzoiCoin (BORZOI), MOE (MOE), FoxFunnies (FXN), and PulseXIncentiveToken (INC). In all of these cases, the coins have experienced a drastic 100% drop in price.

Read also: Private Key Compromises and Exit Scams Are Current Major Web3 Threats

In the case of BorzoiCoin, the deployer executed a swap of 100,100,100,100,100,100,100.1001 BORZOI for approximately 986.4 BNB, equivalent to around $311,000.

The exploit of MOE holders was conducted through another address. The deployer swapped the same amount of tokens for roughly 1,008.5 BNB, totaling approximately $318,000.

A similar fate awaited FoxFunnies holders, as yet another address swapped 100,100,100,100,100,100,100.1001 FXN for around 1,001.6 BNB, with a market value of about $316,000.

The last incident involved an attempt to capitalize on the popularity of PulseX, a decentralized exchange (DEX) built on the PulseChain network, a fast and low-cost blockchain environment derived from Ethereum. The legitimate project has a native token, PLSX, offering attractive yield farming opportunities.

MOE rug pull
Source: PeckShield, X

Unfortunately, many cryptocurrency users fell into the rug pull trap and invested in PulseXIncentiveToken, resulting in a loss of almost $283,000. The PeckShield team warns the community of the high possibility of scam tokens sharing names with tokens issued by genuine projects.

These incidents followed a series of six rug pulls witnessed by the crypto community yesterday. The tokens involved in yesterday's incidents were SolDragon (DRAGON), Speero (SPEERO), Audify (AUDI), StarkPepe (SPEPE), BoxyDude (BOX), and MAR3AI (MAR). In all these cases, the affected tokens experienced a 100% price slippage.

For all these assets, the rug pull deployment involved swapping 100,100,100,100,100,100,100.1001 tokens for BNB. Interestingly, the income gained from all these exit scams is quite similar, ranging between $270,000 and $304,600.

While all these instances share certain similarities, cybersecurity experts have not yet commented on the possible links between the recent rug pulls.

Read also: Crypto Crook Issues Over 120 Scam Tokens in 3 Months

The reports from PeckShield seem to be just a fraction of an unusually high number of exit scams that have occurred since yesterday. For example, AegisWeb3, part of the PeckShield formation, has informed the X community of two more instances of rug pulls, BLONDIE and WEWE. The total amount looted was not disclosed.

"Multiple addresses engaged in token dumping one hour ago, causing a decline in price," AegisWeb3 described the exit scam involving BLONDIE on X, adding that "subsequently, a majority of the funds were transferred to the address 0xbfEc58...13d45aC5, which appears to have financial transactions with the deployer as well."

Exit scams remain a prominent threat in the crypto community

Earlier this year, the blockchain security team CertiK shared its Hack3D Web3 security report, revealing the exceptional prevalence of rug pulls in 2023. Despite the considerably smaller amount stolen by crypto criminals in rug pulls compared to the most damaging exploit of 2023 - a private key compromise, exit scams were reported as the most frequent security incidents. CertiK documented 306 cases of rug pulls in the past year, with the actual number potentially being even higher.

As per CertiK's data, exit scams emerged as a pervasive threat in 2023, causing collective losses exceeding $152 million. This staggering figure surpassed damages from phishing attacks by over $50 million.

The recent surge in rug pulls indicates that the trend is still active in 2024.

To safeguard your funds from investing in scam projects, exercise vigilance, especially when encountering unfamiliar projects promising significant returns. At the same time, do not let the fear of missing out overwhelm you, and always take sufficient time to conduct comprehensive research on a project's background.

Best practices to prevent rug pulls also include a thorough examination of a project's code for potential vulnerabilities that could expose investors to the risk of exit scams. While code validation tools are helpful, it is essential not to depend solely on their results.

Furthermore, if assessment becomes impossible due to a lack of project transparency and accessibility for potential investors, this fact should be considered a serious red flag.