What is a Rug Pull and How Can You Avoid It

Bright Union
8 min readOct 20, 2021


There’s no doubt that crypto veterans are more focused on the benefits of DeFi than the inherent risks. However, the disruptive advantages of crypto assets attract innocent investors as well as digital scammers see potential to make quick gains in the industry.

Often these hackers and attackers pose as credible representatives offering ‘too good to be true’ reward incentives for buying digital tokens.

Although DeFi is a relatively new and developing industry, the emergence of sneaky strategies of scammers are resulting in million-dollar losses of eager and often affluent investors.

As the DeFi sector expands and crypto coverage options take the scene, we’re quickly understanding that it seems the most effective way forward to minimize the risks and avoid negative repercussions. At Bright Union, we strive to make sense of the risks disrupting DeFi’s smooth autonomous operation and how to avoid them.

The first order of business is clarifying crypto frauds and hacks happening throughout the sector, how and why they occur. But what are the most prevalent crypto frauds taking place right now? By and large, rug pulls are the most frequent type of crypto fraud. Although often occurring among small cap projects, it is not the type with the most incurred losses.

Let’s take a look at what defines a rug pull exit scam…

What’s a Rug Pull?

Remember the infamous pump and dump schemes that frequented the market during the ICO boom of 2017? If you do, let’s hope you weren’t one of the victims who fell for these malicious agendas.

The scheme is as old as time, and we’ve seen the simple string of operations play out in multiple industries before DeFi, including on Wall Street. Through smooth-talking and manipulative marketing strategies, the Jordan Belfort’s of crypto entice buyers into an attractive high potential project, pushing the token price up, hence the ‘pump’. Only to then dump the token price by withdrawing liquidity at peak prices, leaving many investors dumbstruck with empty pockets.

Similar to pump and dumps, one of the most occurring exit scams since 2020 is the more advanced rug pull scheme. So how does a rug pull compare to a pump and dump?

A rug pull happens when founders start a crypto project with the sole intent being to cash out and disappear with investor funds.

These project developers suddenly remove liquidity from the market in cohesion, leaving investors with worthless tokens. These types of exit scams most commonly occur on DEX. Developers tie their tokens to other cryptocurrencies allowing them to drain liquidity and leave with the valuable counter token. Alternatively, project owners might discretely create backdoors in their smart contract codes to siphon out investors’ capital.

Examples of Rug Pulls

  • While we can only hope the number of rug pulls peaked in 2020, with the most famous one being the $1.1 billion fraud scheme surrounding Wotoken, these exit scams have continued to occur throughout 2021.
  • Earlier this year, the CEO of a Turkish crypto exchange, Thodex, disappeared with an initial report of $2 billion in investor funds. Although he denies allegations of a rug pull, investors’ funds are yet to be returned, and the sheer size of the fraud is yet to be determined.
  • In the compounder finance rug pull, the developer team drained $10.8 million in funds by replacing audited contracts with malicious replicas/reproductions. The WhaleFarm project promised investors substantial percentage returns, and the native token did see value growth. However, at its peak, the developer team stole $2 million in funds in a matter of minutes.
  • Another interesting rug pull was done by Stable Magnet. Back in June, the Automatic Market Maker was able to swap the library source code in order to drain the liquidity pairs.
  • The immensely popular NFT space is also showing to attract fraudsters. Recently, Evolved Ape NFT’s creator, named evil ape, seemingly stole $2.7 million that investors paid for minted apes.

These are only a few scenarios of the titanic number of exit scams that frequent the market of DeFi. This leads many to ask, how can one avoid getting involved in a shady project vulnerable to a rug pull event?

How to Avoid an Exit Scam

There are a few ways that crypto veterans and beginners alike can evaluate different projects/protocols/platforms and identify those that might lead to malicious exploits, like rug pulls.

5 Rug Pull Red Flags

Fraudsters are becoming increasingly meticulous at hiding their ulterior motives. Let’s discuss identifying and avoiding some of the red flags you should be looking out for when investing in DeFi projects. It is important to note that if the project you’re scrutinizing raises one or several red flags, it does not necessarily mean the project is destined for an exit scam. The appearance of red flags merely indicates to be on guard and further investigate the project. The abundance of red flags is a whole different story though.

1. Disengaged Developers
One potential warning sign of a project that you don’t want to get involved in is one with distant developers. Be aware when the teams’ focus is purely on flashy marketing strategies and mass promotion rather than dealing with the nitty-gritty protocol concerns and security assurance for users. Do the developers engage in user discussions and questions of legitimacy, like AMA’s and audits? Or is the team worried the community will discover unlocked backdoors?

2. Coins Exclusively Listed on DEX (Decentralized Exchange) Platforms
Although new projects promoting sizable gains may seem an attractive investment option, new projects are likely to be more susceptible to smart contract failures, code grievances, and malware. Check the liquidity pool attached to a project to gauge users’ trust in the project. Favoring investment in established coins and protocols is one way to reduce the risk of falling victim to a rug pull. Not to mention before developers list on DEX platforms, there’s no verification or audit conducted of legitimacy. Coinfirm’s analysis of Uniswap V2 found that a large number of liquidity pools are created by developers with the express intention to rug pull. Mere listing on DEX platforms does not imply the immediate danger of a rug pull, but audited and CEX listed projects will be safer to invest in overall.

3. Largely Centralized Token Distribution / Few Wallets
Stay clear of largely centralized projects, where project developers hold more than 45% of tokens in circulation. This can be a red flag for investors considering buying the token. It is always advisable to check token distribution and the anonymity of token holders before investing. After all, the appeal of digital currencies stems from the characterization of decentralization.

4. The Promise of High APY
As mentioned, new projects are usually more susceptible to hacks or protocol integration failures. Some projects promise/guarantee high initial gains for token holders, for example, a 500% APY. Occasionally this is the case for new projects wanting to boost liquidity. However, it is highly unlikely for an established project. Take caution to FOMO (fear of missing out) strategies enticing buyers by promising high initial returns.

5. Lack of Investment in Bug Bounty Programs
Many protocols invest in bug bounty programs. To reduce the threat of black hat exploits, they pay knowledgeable individuals to search and identify smart contract or code bugs. Thus allowing them the opportunity to remove protocol pitfalls and improve security. The size of investment in bug bounty programs represents a project’s commitment to the safety of their platform.

Although taking the red flags of the crypto ecosystem into consideration can reduce the risk of most amateuristic rug pulls, it’s not foolproof. Compounder Finance was rug-pulled of $10.8 million of investor funds, despite prior auditing operations.

Falling victim to the unfortunate event of a rug pull always remains a possibility. But there is a way to really avoid financial losses due to a rug pull.

How to really avoid a rug pull

Did you do your own research on a project and you want to take a moonshot? Covering your crypto is the answer to accessing significant upside potential without the extreme downsides like falling victim to a scam.

No more need to worry about rug pulls. Bright Union aggregates crypto coverage solutions to avoid the risks effectively. With the right crypto coverage, you can safely invest in any DeFi project without the threat of incurring huge, unprecedented rug pull losses. Why wouldn’t you want to pay small fees to protect yourself against the massive financial losses you could incur if the rug is pulled?

When in doubt, take a crypto cover out.

How can you insure yourself against a rug pull event?

At this moment, there are covers from two protocols via Bright Union that will cover you in case of a rug pull; Bridge Mutual and Nexus Mutual.

Bridge Mutuals smart contract coverage protects users against permanent loss of funds due to a rug pull, hack or exploit. For example, if one or more controlling members of a protocol maliciously and purposefully drain liquidity, leaving users with worthless tokens, the insured user will be covered for their loss.

Some Nexus Mutual yield token covers also indirectly protect users against a rug pull in case it led to a token depeg event. The minimized governance surrounding claiming after the event of a hack is simplified. If a protocol rug pull results in token depegging, you will be covered for your loss.

Invest fearlessly in the DeFi. Navigate to app.brightunion.io to cover yourself against exist scams.


As decentralization continues to revolutionize the world of finance, the avenues to which hackers or developers can exploit protocols and smart contracts is ever increasing. The black hats pulling the rugs from under investors feet are not going anywhere, and neither are we. We are excited about how DeFi coverage gives users the ability to increase control over their finances in an uncontrolled paradigm.

As decentralized coverage further expands, crypto coverage options are increasingly tailored to everyone’s needs. At Bright Union, it is our mission to make sense of the abundance of available options.

About Bright Union

Bright Union is the world-leading multi-chain decentralized finance cover marketplace. Our mission is to safeguard your digital assets from the dark forces in crypto (hacks, smart contract failures, and rug pulls) by empowering the crypto community to cover one another in a decentralized and permissionless manner.

Buying DeFi covers has never been this straightforward. Bright Union provides the most comprehensive range of crypto insurance on the market at competitive prices. Furthermore, Bright Union will soon release its unique suite of cutting-edge risk solutions, providing investors with outstanding investment and coverage opportunities. Be bright and take advantage of DeFi’s exponential growth.

Join the Union

Receive announcements by joining the community.

🌍 Check out the website.

🤝 Discuss Bright by joining Telegram.

🗞️ Get the latest news on Twitter @BrightUnion.

📺 Watch tutorials on Youtube

📸 Follow us on Instagram



Bright Union

DeFi Insurance marketplace that allows DeFi users to to buy and provide coverage against hacks and protocol failures.