Home
Crypto News
What Is a Rug Pull in Crypto? Types, Examples, and How to Avoid Them

What Is a Rug Pull in Crypto? Types, Examples, and How to Avoid Them

Crypto Regulation & Policy Press Release Expert

Published 2026-05-13

Updated 2026-05-13

What Is a Rug Pull in Crypto? Types, Examples, and How to Avoid Them

The phrase comes from an old expression: pulling the rug out from under someone. One moment you're standing on solid ground. The next, the floor is gone. In crypto, the floor is liquidity — and when a team pulls it, your investment doesn't fall slowly. It crashes to near zero in seconds, often before you can see what's happening.

In 2025, approximately 37% of all new token launches were rug pulls. Understanding exactly how they work — and how to detect them before they happen — is the most important defensive skill for any crypto presale investor.

What Is a Rug Pull?

A rug pull is a deliberate exit fraud where a crypto project's own team drains investor funds — typically by removing DEX liquidity, triggering a malicious smart contract function, or systematically dumping their token allocation — then abandons the project. Unlike a random hack, a rug pull is an inside job.

Rug pulls can happen at multiple stages: during the presale (team takes raised funds before the token even launches), at listing (team removes DEX liquidity on day one), or gradually post-launch (team sells their allocation while maintaining the illusion of an active project).

The 3 Types of Rug Pulls

Type 1: Liquidity Rug Pull (Hard Rug)

The most dramatic form. After token launch, the team creates a DEX liquidity pool by depositing equal values of their token and ETH/BNB/USDC. This makes the token tradeable. The team holds LP tokens representing ownership of the pool. If these LP tokens are not locked in a time-lock contract, one transaction removes all liquidity instantly.

What investors see: the token price drops from $1.00 to $0.000001 in the same block. There is nothing left in the pool to trade against. It is instantaneous, irreversible, and total. No warning before it happens.

Prevention: Before buying any new DEX-listed token, verify that LP tokens are locked on Team.Finance (team.finance) or UNCX (uncx.network). Check the lock duration — a 3-month lock provides minimal protection; 1–2 years is meaningful. Check the lock percentage — 50% locked still means 50% can be removed.

Type 2: Malicious Smart Contract (Code Rug)

The contract contains hidden functions enabling the team to steal funds without removing liquidity. Common variants:

Unlimited mint function: Team creates billions of new tokens at any time, floods supply, sells into the market, crashes price to zero.
Honeypot function: Contract allows buying but blocks all selling for regular wallets. Only the deployer address can sell. Investors can buy endlessly but can never exit.
Blacklist/whitelist restriction: Contract can freeze specific wallets from transacting. Team blacklists all investor wallets while selling their own holdings unimpeded.
Hidden admin upgrade: Contract has an undisclosed upgradeability feature allowing the team to swap the contract logic to a malicious version after attracting investment.

Prevention: Scan every new token contract on Token Sniffer (tokensniffer.com) and test on Honeypot.is before buying any amount. Verify the contract was audited by a reputable firm — check that the audit was done on the exact contract address being used for the presale. See our complete smart contract audit verification guide.

Type 3: Soft Rug Pull (Slow Drain)

The most insidious form. The team builds something real-looking, launches the token, attracts a genuine community, and then systematically sells their own allocation over weeks or months. They maintain an active Discord and Twitter, continue making roadmap announcements, and keep the project appearing alive — while consistently moving large quantities of tokens from team wallets to CEX deposit addresses.

Eventually activity quietly stops. The Discord goes inactive. The roadmap updates become sparse. Token price has bled from $1.00 to $0.04 over six months. The team is long gone with their profits. No single event to point to, no obvious crime — just a slow-motion exit.

Prevention: Monitor known team wallet addresses on Etherscan/BSCScan. Set price alerts. Check GitHub commit frequency as a development activity proxy. Scrutinise vesting schedules — if team tokens unlock monthly with no lock-up at all, soft rug is trivially easy from day one.

Two Famous Rug Pull Examples

Squid Game Token — October 2021 ($3.4M in Minutes)

SQUID launched capitalising on the Netflix series' viral cultural moment. Price rose from $0.01 to $2,856 in five days — a 28,600,000% increase fuelled entirely by FOMO and narrative momentum, not any fundamental value. Then on November 1, 2021, the team removed DEX liquidity. SQUID fell to $0.0007 within minutes. The critical warning sign that was universally ignored: buyers could purchase SQUID but could not sell it. The token was a honeypot from the beginning. Anyone who had scanned the contract on any basic tool would have seen this immediately.

AnubisDAO — October 2021 ($60M in 20 Hours)

AnubisDAO presented as a "community-owned reserve currency" riding the OlympusDAO (OHM) fork wave. In a single day it raised $60 million in ETH from thousands of DeFi investors. Less than 20 hours after the raise, all $60 million was transferred to a single unknown wallet and every social media account went dark simultaneously. No refund. No explanation. The team was never identified. The speed — 20 hours from raise to exit — makes AnubisDAO one of the most brazen rug pulls in crypto history.

Complete Rug Pull Prevention Checklist

LP tokens locked for 12+ months on Team.Finance or UNCX — verified independently
Contract scanned clean on Token Sniffer — no mint, blacklist, or honeypot functions
Honeypot.is confirms the token can actually be sold
Smart contract audit from a named reputable firm — verified on auditor's official website
Team members are named and have verifiable prior work history (doxxed)
Team token vesting schedule locks at least 12 months post-listing
Bought a tiny test amount and successfully sold before committing significant capital

For how to identify phishing sites impersonating legitimate presales (fake Telegram links, cloned websites), see our presale phishing and scam guide. If you have been victimised, our crypto presale legal guide covers reporting options and recovery steps by country.

Glossary

Rug Pull: A deliberate inside exit fraud where crypto project founders drain investor funds via LP removal, malicious contract functions, or systematic token dumping, then abandon the project.
LP Token: A token received by liquidity providers representing their share of a DEX liquidity pool. Locking LP tokens in a time-lock contract prevents the team from removing pool liquidity.
Honeypot Token: A scam token contract allowing everyone to buy but blocking regular investors from selling. Only the deployer or whitelisted addresses can exit.
Mint Function: A smart contract function that creates new tokens. An unlimited or unguarded mint function allows the team to infinitely dilute supply, crashing the price.
Token Sniffer: A free tool at tokensniffer.com that automatically scans smart contract code for common malicious patterns including honeypots, unlimited minting functions, and blacklist mechanisms.

Disclaimer

Important: If you believe you are a victim of a rug pull, report immediately to FBI IC3 (US), Action Fraud (UK), or your national cybercrime authority. Document all transaction hashes. Never pay a recovery service — they are virtually always secondary scams. This article is educational only. CryptoPresaleNews.com is not a licensed financial advisor.

Previous Next

Yara Fernandez Crypto Regulation & Policy Press Release Expert

521+ articles

1 Year experience

Regulation specialty

Yara Fernandez dives into NFT drops, Latin American crypto art, and GameFi projects that bridge culture and blockchain. As a respected name in crypto journalism, she delivers valuable insights on NFT and Web3 topics from around the world. Her work blends deep research with simplicity, making it easy for readers to understand the fast-moving world of crypto. She focuses on topics related to NFT and Web3 reporting and regularly covers emerging trends, technology updates, and community stories.

Read All Articles By Yara Fernandez

✍️ WHAT'S YOUR OPINION?

Your Name

Your Opinion

Frequently Asked Questions

Have questions? We have answers!

What is a rug pull in crypto?

A rug pull is a deliberate exit fraud where a crypto project's own team steals investor funds — typically by removing all DEX liquidity, triggering malicious smart contract functions, or systematically dumping their token allocation — then disappearing and abandoning the project. In 2025, approximately 37% of all new token launches were rug pulls.

What are the 3 types of rug pulls?

Type 1 (Liquidity/Hard Rug): Team removes all DEX liquidity instantly, crashing price to near zero in seconds. Type 2 (Contract Rug): Hidden malicious functions like honeypots (can buy but not sell), unlimited minting, or blacklisting investor wallets. Type 3 (Soft Rug): Team gradually sells their token allocation over weeks while maintaining the appearance of an active project.

How do I check if a token is a rug pull risk before buying?

Run the contract through Token Sniffer (tokensniffer.com) for automated malicious function detection. Test on Honeypot.is to confirm the token can actually be sold. Verify LP token lock status on Team.Finance or UNCX. Confirm the smart contract audit on the auditor's official website. Check if team wallet addresses show large transfers to exchanges.

What is a honeypot token?

A honeypot is a scam token contract that allows anyone to buy but blocks regular investor wallets from selling. Only specific addresses (the team's) can execute sells. Investors can buy at any price but cannot exit — they can only watch their investment increase in apparent value while the team sells freely. Test any new token on Honeypot.is before buying.

What is an LP token lock?

When a team creates a DEX liquidity pool, they receive LP tokens representing ownership of that pool. Locking these LP tokens in a time-lock contract (on Team.Finance or UNCX) prevents the team from removing the liquidity for the lock duration. Without a lock, the team can drain the entire pool in one transaction at any time.

What was the Squid Game token rug pull?

SQUID launched in October 2021 capitalising on the Netflix series. The price rose from $0.01 to $2,856 in 5 days as FOMO drove buying. On November 1, the team removed all DEX liquidity. SQUID fell to $0.0007 in minutes. Investors lost approximately $3.4 million. The critical warning sign ignored by all buyers: you could buy SQUID but could not sell it — a textbook honeypot that any basic scan would have caught.

What was the AnubisDAO rug pull?

AnubisDAO raised $60 million in ETH in a single day in October 2021 as a community-owned OlympusDAO fork. Less than 20 hours after the raise closed, all $60 million was transferred to an unknown wallet and all social media accounts went dark simultaneously. No refund, no communication, no identifiable founders. It remains one of the largest single rug pulls in crypto history.

What is a soft rug pull?

A soft rug pull is when the team gradually and systematically sells their token allocation over weeks or months after launch while maintaining an active community presence. There is no single dramatic event — just a slow bleed as the team quietly exits. Signs include: large transfers from team wallets to exchange deposit addresses, declining GitHub activity, and gradual reduction in communication quality.

How do I verify LP tokens are locked?

Visit Team.Finance (team.finance) or UNCX (uncx.network) and search for the token contract address. If LP tokens are locked, you will see: the amount locked, the lock duration end date, and the contract that holds the lock. Cross-reference this with the actual LP token address visible on the DEX for the token pair to ensure the lock covers the correct pool.

Can I recover money from a rug pull?

Recovery is very difficult and usually impossible. Anonymous teams typically move funds through mixers (Tornado Cash) or cross-chain bridges immediately, making tracing hard. Your best steps: document all transaction hashes and wallet addresses, report to FBI IC3 (US), Action Fraud (UK), or your national cybercrime authority. Never pay a 'crypto recovery service' — they are almost always secondary scams.

What is a blacklist function in a token contract?

A blacklist function allows the contract owner to prevent specific wallet addresses from transacting (buying, selling, or transferring tokens). In a rug pull scenario, the team blacklists all investor wallets while selling their own holdings freely, then removes liquidity. Token Sniffer automatically detects blacklist functions as part of its security scan.

What is an unlimited mint function risk?

An unlimited mint function allows the contract owner to create new tokens at any time without restriction. After attracting investment, the team mints billions of new tokens, floods the market with supply, and sells into whatever demand exists — crashing the price to near zero through dilution. This is a pure on-chain theft mechanism disguised as legitimate tokenomics.

How do I set up alerts for team wallet activity?

On Etherscan (for Ethereum tokens), enter the team wallet address and use the 'Watch Address' feature to email you on any activity. Third-party tools like Nansen, Arkham Intelligence, and Bubblemaps provide more sophisticated wallet monitoring and can alert you when marked wallets transfer tokens to exchange deposit addresses (a sell signal).

What makes a soft rug pull hard to prosecute?

Soft rug pulls are legally ambiguous because teams can argue they are legitimately selling their own vested tokens without making false representations. Without explicit fraudulent statements in writing that can be proven, it may not constitute fraud in most jurisdictions — just poor project execution. This is why vesting schedules and transparency about team selling plans matter for investor protection.

What percentage of 2025 token launches were rug pulls?

Approximately 37% of new token launches in 2025 were classified as rug pulls by blockchain security firms. This means more than one in three new tokens was designed from inception to steal investor funds. This statistic underscores why manual verification — LP lock, contract scan, audit check, team doxx — is not optional but survival-level essential for presale investing.

Have Questions?

Our team will answer all your questions. We ensure a quick response.