Chuyển đến nội dung

    How to Spot Rug Pulls & Exit Scams (2026)

    12 red flags that reveal rug pulls before they happen. Real case studies, on-chain verification tools, and how to protect your investments.

    📖

    1. What Are Rug Pulls & Exit Scams?

    Rug Pull

    Timeline: Hours to weeks | Mechanism: Liquidity removal or massive token dump | Common in: DeFi tokens, memecoins, NFT projects | Result: Token price drops 90–100% instantly

    Exit Scam

    Timeline: Months to years | Mechanism: Operators disappear with custodied funds | Common in: Exchanges, lending platforms, funds | Result: Total loss of deposited funds

    ⚠️

    The Scale of the Problem In 2025, rug pulls and exit scams accounted for over $2.8 billion in losses globally. An estimated 50–90% of tokens launched on decentralised exchanges had characteristics consistent with fraud. Learning to recognise these scams isn't optional — it's essential survival knowledge.

    2. Types of Rug Pulls

    Liquidity Theft Most Common

    Developers add liquidity to create a trading pair, promote the token to attract buyers, then withdraw all liquidity from the pool — crashing the price to zero. Technical detail: LP tokens are not locked; the deployer wallet retains the ability to remove liquidity at any time.

    Sell Restriction / Honeypot Very Common

    The smart contract allows buying but prevents selling (except for whitelisted addresses). Investors can buy tokens but are trapped — they cannot sell. Technical detail: The transfer() function includes a blacklist or conditional block that reverts all sell transactions for non-whitelisted addresses.

    Team Dump Common

    The founding team pre-mines or allocates a large percentage of the token supply to themselves, then sells gradually or all at once after price pumps. Technical detail: Insider wallets are identifiable on-chain; check token distribution via blockchain explorer before investing.

    Hidden Mint Function Moderate

    The contract contains a hidden or obfuscated function allowing the owner to mint unlimited new tokens, which are then sold to dilute existing holders to near zero. Technical detail: Look for mint(), _mint(), or owner-only functions in the contract source code; unverified contracts hide this entirely.

    ⚠️

    3. Red Flags Checklist

    Team & Transparency: Anonymous team with no verifiable identities

    Team & Transparency: No LinkedIn profiles, GitHub history, or prior project record

    Team & Transparency: Founders refuse to verify identity via KYC or doxxing

    Tokenomics & Liquidity: Liquidity not locked or locked for <6 months

    Tokenomics & Liquidity: Top 10 wallets hold >50% of supply

    Tokenomics & Liquidity: No smart contract audit from a reputable firm

    Marketing & Community: Promises of guaranteed returns or 1000x gains

    Marketing & Community: Telegram/Discord comments are disabled or heavily moderated

    Marketing & Community: Sudden follower spikes with low engagement (bot activity)

    Smart Contract: Contract is unverified on the block explorer

    Smart Contract: Owner retains admin keys and upgrade privileges

    Smart Contract: Token Sniffer or GoPlus flags high risk or honeypot warnings

    📄

    4. On-Chain Analysis: How to Verify

    1

    Check the Contract

    Is it verified on the block explorer? Scan with Token Sniffer and GoPlus. Look for hidden mint functions, sell restrictions, and owner privileges. If the contract isn't verified, stop here.

    2

    Verify the Team

    Search team members on LinkedIn, GitHub, and Twitter. Cross-reference past projects. Check if identities are verifiable and if the team has a track record of legitimate work.

    3

    Read the Audit

    Find the full audit report (not just a badge). Verify the auditor is a known firm (CertiK, Trail of Bits, Hacken, etc.). Check the audit date — audits older than 6 months may not cover recent changes.

    4

    Check Liquidity Lock

    Use Unicrypt or Team.Finance to confirm LP tokens are locked. Verify the lock duration (minimum 1 year preferred) and the total percentage of liquidity locked. A low lock or no lock is a major red flag.

    5

    Test with a Tiny Amount

    Before committing significant funds, buy a tiny amount and immediately try to sell it back. If you can't sell, it's a honeypot. Never invest more than you can afford to lose in a new token.

    📊

    5. Real-World Case Studies

    Squid Game Token (2021)

    Capitalised on the Netflix series hype. Token rose 310,000% in days. Sell restriction (honeypot) prevented investors from selling. Developers drained $3.38M in liquidity. 📌 Lesson: Viral hype + sell restrictions = classic honeypot. Always test-sell before committing funds.

    Thodex Exchange (2021)

    Turkish crypto exchange founder fled with ~$2 billion in user funds. Exchange halted withdrawals, then went dark. Classic exit scam — built trust over years then disappeared. 📌 Lesson: Keep only trading amounts on exchanges. Withdraw to self-custody wallets for long-term holdings.

    SafeMoon Controversy (2021–2023)

    Promoted by celebrities and influencers, SafeMoon attracted billions in investment. SEC charged founders with fraud and unregistered securities. Insiders manipulated liquidity pools and misappropriated funds. 📌 Lesson: Celebrity endorsements are not due diligence. Always check who benefits from token promotion.

    AnubisDAO (2021)

    Raised $60M in ETH in under 20 hours. 20 hours after launch, all funds were drained to a single wallet. No website, no doxxed team, no audit. 📌 Lesson: Speed of fundraising is not validation. Anonymous teams with no audit and no locked liquidity are the highest-risk category.

    🛡️

    6. The Token Verification Framework

    1

    Step 1 — Contract Verification

    Open the token address on Etherscan/BSCScan. Confirm the contract is verified (source code visible). Run it through Token Sniffer and GoPlus Security for automated risk assessment.

    2

    Step 2 — Liquidity Analysis

    Check Unicrypt or Team.Finance for locked LP tokens. Verify total liquidity depth and lock duration. Use DEXTools or DEXScreener to monitor liquidity trends and wallet activity.

    3

    Step 3 — Token Distribution

    Review the top holders list. If any wallet holds >10% of supply (outside of liquidity pools), that's a concentration risk. Check for wallets that received tokens at launch — these are insider wallets.

    4

    Step 4 — Team & Audit Verification

    Verify team identities independently. Find and read the full audit PDF (not just a badge). Confirm the auditing firm's reputation and that the audit covers the deployed contract version.

    5

    Step 5 — Community Sentiment Check

    Search [token name] + 'scam', 'rug pull', 'review' on Google and Twitter. Check Reddit and independent crypto forums. Look for organic discussion vs. paid promotion. Disable comments = huge red flag.

    ⚠️

    The 5-minute rule: If you can't find basic information (team, audit, liquidity lock) within 5 minutes of searching, the project likely doesn't want you to find it. That alone is a red flag.

    🎯

    7. Where Rug Pulls Happen Most

    Platform TypeRisk LevelWhy
    DEX (Uniswap, PancakeSwap)🔴 ExtremeAnyone can list a token with no vetting — zero barrier to fraud
    New memecoin launchpads (Pump.fun, etc.)🔴 ExtremeDesigned for rapid token creation; most tokens fail or are abandoned within days
    Unaudited DeFi protocols🔴 HighSmart contract bugs and intentional backdoors; no third-party review
    Centralised exchanges (unregulated)🟠 Medium-HighRisk of exchange insolvency or exit scam; limited regulatory oversight
    Centralised exchanges (regulated, e.g. Binance)🟡 Low-MediumVetting process reduces rug pull risk; market volatility risk remains
    Blue-chip DeFi (Uniswap, Aave, Compound)🟢 LowAudited, time-tested, decentralised governance — not immune but far safer

    Câu hỏi thường gặp

    What is a rug pull in crypto? +
    A rug pull is a scam where developers create a token, attract investment through hype and marketing, then suddenly withdraw all liquidity or sell their holdings — crashing the price to zero and leaving investors with worthless tokens. The name comes from 'pulling the rug out from under' investors. It's the most common type of crypto fraud, particularly in DeFi and memecoin markets.
    How is an exit scam different from a rug pull? +
    A rug pull typically involves a token launch where liquidity is drained quickly (hours to weeks). An exit scam is broader — it can involve any crypto project (exchange, lending platform, fund) where operators build trust over months or years, then disappear with user funds. The BitConnect collapse and QuadrigaCX exchange are examples of exit scams. Both result in total loss, but exit scams often involve larger sums and longer timeframes.
    Can rug pulls happen on major exchanges like Binance? +
    Tokens listed on major regulated exchanges undergo vetting processes, making traditional rug pulls much less likely. However, even listed tokens can lose 90%+ of value due to team selling, poor fundamentals, or market conditions — which isn't technically a rug pull but feels similar. The highest rug pull risk is on decentralised exchanges (DEXs) where anyone can list a token without approval.
    Are all new tokens scams? +
    No, but a significant percentage are. Studies estimate that 50–90% of tokens launched on DEXs in 2024–2025 had characteristics consistent with rug pulls or pump-and-dumps. Legitimate new projects exist, but they're the minority. The key differentiators: audited contracts, transparent teams, locked liquidity, realistic roadmaps, and organic community growth rather than paid hype.
    Can I get my money back after a rug pull? +
    Almost never. Blockchain transactions are irreversible, and rug pull operators typically convert stolen funds through mixers or cross-chain bridges within hours. In rare cases, law enforcement has recovered funds (e.g., the Squid Game token case), but this is the exception. Your best protection is prevention — never invest more than you can afford to lose, and use the red flag checklist before buying any new token.
    How do I report a rug pull? +
    Report to: 1) Your local financial regulator (SEC, FCA, BaFin, ESMA), 2) The blockchain's scam reporting channels (e.g., BSCScan's report feature), 3) CoinGecko and CoinMarketCap to flag the token, 4) Law enforcement via IC3 (US), Action Fraud (UK), or equivalent. Also post on-chain evidence on Twitter/X and crypto forums to warn others. Keep all transaction records as evidence.

    Phái Sinh & Sản Phẩm Có Đòn Bẩy — Cảnh Báo Rủi Ro Quan Trọng

    Phái sinh là các công cụ tài chính phức tạp mang rủi ro mất vốn nhanh chóng ở mức cao. Giao dịch có đòn bẩy (futures, hợp đồng perpetual, margin trading, options) có thể dẫn đến thua lỗ vượt quá khoản đầu tư ban đầu của bạn. Phần lớn tài khoản nhà đầu tư cá nhân đều thua lỗ khi giao dịch phái sinh.

    Bạn nên cân nhắc kỹ lưỡng xem mình có hiểu cách thức hoạt động của phái sinh hay không và liệu bạn có đủ khả năng chấp nhận rủi ro cao khi mất tiền hay không. Nội dung này chỉ mang mục đích giáo dục và không cấu thành tư vấn tài chính, tư vấn đầu tư, hay khuyến nghị giao dịch phái sinh.

    Tại Liên minh Châu Âu, phái sinh crypto được phân loại là công cụ tài chính theo MiFID II. Chỉ các nền tảng được cấp phép MiFID II phù hợp mới được phép cung cấp các sản phẩm này cho cư dân EU. Quy định pháp lý khác nhau theo từng khu vực — hãy xác minh tình trạng pháp lý của giao dịch phái sinh tại quốc gia của bạn trước khi tham gia.

    Tiếp tục học

    Crypto Scams Risk Management Guide

    Stay One Step Ahead of Scammers

    Trade on Binance — a regulated exchange with rigorous token vetting, on-chain monitoring, and industry-leading security. Your safest entry point into crypto.

    Quảng cáo · Giá tài sản kỹ thuật số chịu rủi ro thị trường cao và biến động giá mạnh. Đừng đầu tư nếu bạn chưa sẵn sàng mất toàn bộ số tiền bỏ ra. Điều khoản & công bố rủi ro

    Trang này có chứa các liên kết tiếp thị liên kết. Chúng tôi có thể nhận hoa hồng mà không phát sinh thêm chi phí cho bạn.