How Billions Disappeared From Crypto Markets Through Exit Fraud
In 2021, a blockchain analytics report estimated that rug pulls accounted for $2.8 billion in losses — 37 percent of all cryptocurrency scam revenue that year. By 2023, despite a significantly contracted overall crypto market, rug pulls continued to represent a dominant category of retail crypto losses. In the DeFi space alone, thousands of new tokens launch every week across blockchains including Ethereum, BNB Chain, and Solana. A substantial proportion of these will execute some variant of an exit fraud.
The rug pull has become so prevalent that it functions less like an isolated criminal act and more like a known failure mode of permissionless token creation. Anyone can create a token. Anyone can list it on a decentralised exchange. Anyone can write marketing materials promising utility, innovation, and returns. The absence of gatekeeping is a structural feature of decentralised finance — and it is precisely the structural feature that rug pull operators exploit.
This article explains the mechanics, documents the most instructive cases, identifies the on-chain indicators that predict exit risk, and describes what regulators are doing about a fraud category that by design operates across jurisdictions and often behind pseudonymous identities.
The Three Mechanics of a Rug Pull
Not all rug pulls operate identically. Understanding the variants helps identify which projects are most at risk.
The Hard Exit
The hard exit is the most dramatic and most commonly covered variant. Developers create a token, establish a liquidity pool on a decentralised exchange (DEX) such as Uniswap or PancakeSwap, generate retail investor interest through marketing and social media, and then withdraw all the assets from the liquidity pool in a single transaction. The liquidity withdrawal is typically executed in seconds. The token price collapses to zero immediately because there is nothing left to trade against. Developers then abandon all communications and the project disappears.
The speed of a hard exit is a deliberate feature. Because DEX transactions settle on-chain in seconds and cannot be reversed, by the time any victim realises what has happened, the funds are already moving through the first layer of laundering infrastructure — typically a mixer or a series of intermediate wallets before eventually reaching an exchange where they can be converted to fiat.
The Liquidity Drain
A softer mechanical variant involves projects that do not drain all liquidity in one transaction but instead allow the token price to be manipulated downward while insiders quietly sell. Developer wallets — holding tokens pre-allocated at launch, often at zero cost — gradually sell into market buy pressure generated by marketing activity. Retail buyers continue to purchase based on promotional momentum while insider holders exit progressively. By the time retail holders attempt to sell, the price has declined significantly and the liquidity supporting exits is thin.
This variant is harder to identify in real time than a hard exit but is often visible in on-chain data: a pattern of large wallet movements from wallets with very old token holdings, often just before significant promotional events that temporarily drive price upward.
The Slow Rug
The slow rug is the most insidious variant because it can run for months or even years before completion. A project maintains the appearance of active development — releasing roadmap updates, conducting community calls, listing on additional exchanges — while the team quietly abandons the technical work and gradually sells their token allocation. At some point, development stops being simulated and the team simply ghosts: deleting social accounts, allowing the website to lapse, stopping all communications. Because the project appeared active for an extended period, the slow rug often generates less media attention than a sudden hard exit, but the cumulative losses can be substantial.
Case Study: Mutant Ape Planet — $2.9 Million Through Affiliation Fraud
The Mutant Ape Planet case is significant not only for the $2.9 million loss but for its illustration of how established brand equity in the crypto space can be weaponised.
The Bored Ape Yacht Club was, at the time of Mutant Ape Planet’s 2022 launch, the most culturally prominent NFT collection in existence — associated with high-profile celebrity owners, a genuine community, and a track record of sustained price appreciation. Yuga Labs, the company behind BAYC, had created legitimate derivative collections. The “Mutant Ape” name was itself taken directly from a legitimate Yuga Labs collection called the Mutant Ape Yacht Club.
Mutant Ape Planet launched with branding, aesthetics, and naming conventions that were clearly designed to trade on confusion with these legitimate projects. Buyers attracted by apparent association with the BAYC ecosystem purchased Mutant Ape Planet NFTs at prices that reflected assumed affiliation rather than any independent assessment of the project’s own merit or team credibility.
When the developers disappeared and deleted all accounts after collecting approximately $2.9 million in mint proceeds, buyers discovered several things simultaneously: the team had operated entirely pseudonymously; the project had no verified connection to Yuga Labs; the “utility” promises in the project roadmap were undeliverable because no team remained to deliver them; and the NFTs were essentially worthless absent the community and brand they had been sold as representing.
The case produced a federal indictment in 2023. A defendant associated with the project was charged with wire fraud, with DOJ prosecutors leveraging blockchain analytics to trace the movement of mint proceeds across wallets. The indictment demonstrated that pseudonymity does not guarantee impunity — but it does delay accountability, and delayed accountability does not help the people who lost money.
Case Study: Bored Bunny — Celebrity Endorsements and the Collapse of Social Proof
The Bored Bunny NFT project launched in January 2022 at the height of the NFT market. The collection raised significant funds through mint sales driven primarily by celebrity and influencer promotion. Posts from prominent social media personalities — some with tens of millions of followers — created the impression of mainstream validation and urgency.
What investors received was a collection of NFTs whose value was almost entirely dependent on sustained promotional activity and community development — neither of which the development team delivered. Within weeks of the initial mint, developer communication collapsed, promised utility features failed to materialise, and the secondary market price of Bored Bunny NFTs declined precipitously.
Multiple celebrities who had promoted the project were later found to have received compensation for their posts without disclosing the commercial relationship to their audiences — a practice that is both illegal under FTC advertising disclosure rules and deeply misleading to retail investors making purchase decisions based on apparent organic enthusiasm from public figures they trust.
The SEC took enforcement action against several promoters. The broader lesson the case established is one that remains critically important: celebrity association is a marketing signal, not a due diligence signal. It tells you about the project’s promotion budget, not about its legitimacy, team credibility, or likelihood of delivery.
On-Chain Red Flags Before Launch
The most important protection against rug pulls is pre-investment verification using blockchain data. The following indicators are verifiable before committing any funds.
Liquidity lock status. When a project lists on a DEX, its liquidity pool can be locked — meaning the developer’s ability to withdraw that liquidity is constrained by a time-locked smart contract. Verification of liquidity lock status can be performed on services like Unicrypt or Team.Finance, which maintain public records of locked pools. If liquidity is not locked, a hard rug pull can happen at any time. Legitimate projects with genuine intent to remain operational beyond launch have no reason not to lock liquidity.
Holder concentration. Blockchain explorers allow you to see the distribution of token holdings across wallets. If the top ten wallets control more than 20 to 30 percent of total supply, a coordinated sell by insiders will devastate the price. Projects often mask insider holdings by distributing tokens across many wallets — but very early wallet creation dates and similar transaction patterns can indicate coordinated control.
Smart contract audit. Reputable projects have their smart contracts audited by independent security firms before launch. Audit reports should be publicly available. A smart contract that has not been audited may contain intentional backdoors — functions that allow the developer to mint unlimited tokens, disable the sell function for non-developer wallets, or drain the liquidity pool directly.
Developer wallet history. Blockchain is a permanent record. Wallets associated with project developers can be inspected. A developer whose wallets have been involved in previous rug pulls or are newly created with no transaction history provides useful information about their background.
Anonymous teams with unverifiable claims. Not all pseudonymous crypto projects are fraudulent — but an anonymous team that claims professional credentials (security audit experience, prior successful projects, industry affiliations) that cannot be verified should be treated with heightened scepticism. Legitimate credentials can be verified. Claims that cannot be verified should not be credited.
The Regulatory Response
The Department of Justice has steadily expanded its crypto fraud prosecution capability since 2022. Several high-profile rug pull operators have been indicted, arrested, and in some cases convicted, with sentences ranging from fines to multi-year prison terms. The DOJ’s approach relies heavily on blockchain analytics — the ability to trace the movement of stolen funds from project wallets through mixers and exchanges to points of off-ramp where identities can be tied to transactions.
The SEC has taken action against multiple NFT projects on the theory that they constitute unregistered securities offerings — a legal framework that, if consistently applied, would bring celebrity promoters, project developers, and exchange platforms within its enforcement reach. The CFTC has brought similar actions against crypto derivatives platforms.
International coordination is increasing. Europol and the UK’s National Crime Agency have both designated crypto fraud as priority categories. Several rug pull operators who believed international operations would protect them from US enforcement have been extradited or arrested during travel.
The enforcement trend is meaningful, but it operates on a timeline that does not protect retail investors in real time. Projects launch, collect funds, and exit in hours or days. Investigations and prosecutions take months or years. The practical implication is that retail investors cannot rely on regulatory intervention as a protection at the point of investment. The only effective protection is pre-investment due diligence.
The Contrast With Regulated Financial Markets
Rug pulls exist specifically because the infrastructure that prevents them in regulated markets is absent in permissionless crypto environments. In regulated financial markets, participants are required to be identified; products are required to be registered; operators are required to hold capital; disclosures are required before public sale; and regulators have authority to halt trading and freeze assets.
None of these protections apply by default to permissionless token launches. A token developer can raise funds from thousands of buyers with no disclosure of who they are, no regulatory filing, no capital requirement, and no recourse mechanism for buyers when they disappear.
This structural difference is not an argument against crypto as a technology. It is an accurate description of the consumer protection environment in unregulated crypto markets versus regulated financial markets. Investors who understand this difference are better positioned to make informed decisions about where they participate and with whom.
Regulated brokers — those operating under FCA, CySEC, ASIC, or equivalent authorisation — operate within frameworks designed precisely to prevent the forms of exit fraud that are routine in unregulated crypto token markets. A broker like Fortrade, regulated by the FCA, cannot abruptly disappear with client funds; client money is held in segregated accounts, capital requirements are maintained, and the FCA has authority to intervene. These protections exist because they were built in response to the history of financial fraud. The unregulated token market has not yet built equivalent protections.
What to Do If You Have Been Affected
Preserve every record: transaction hashes, promotional materials you relied on, screenshots of the project’s communications and website, records of any interactions with the team. This documentation is what investigators and prosecutors use to build cases.
Report to the FBI’s IC3 at ic3.gov, to the FTC, and to your national financial regulator. If the project made specific representations that constituted securities fraud, the SEC’s tips portal is relevant.
Consult a solicitor or attorney before taking any further action, particularly before publicly accusing specific individuals of fraud — defamation risk is real in cases where identification is uncertain.
Do not engage with services that contact you proactively offering to recover your funds. The likelihood that such services are second-stage scams targeting already-victimised investors is extremely high.
This article is for educational and informational purposes only and does not constitute financial, legal, or investment advice. If you believe you have been the victim of crypto fraud, contact the FBI’s Internet Crime Complaint Center, your national financial regulator, and local law enforcement.
Frequently Asked Questions
What exactly is a rug pull in crypto?
A rug pull occurs when the developers or insiders behind a cryptocurrency project — whether a token, a DeFi protocol, or an NFT collection — abruptly abandon it after collecting funds from investors. The name refers to the image of pulling the rug out from under someone: investors are standing on the project's apparent value, and when the rug is pulled, they fall. The mechanism varies: in a hard rug pull, developers drain the liquidity pool or take all raised funds directly. In a soft rug pull, they simply stop developing the project, walk away from all communications, and allow the token price to collapse to zero while they move on. In both cases, the outcome for investors is the same — the money is gone.
What happened with Mutant Ape Planet and how much was lost?
Mutant Ape Planet was an NFT collection that launched in early 2022, explicitly presenting itself as related to the legitimate and valuable Bored Ape Yacht Club ecosystem — a deliberate use of brand confusion to attract buyers. The developers raised approximately $2.9 million from NFT sales before disappearing entirely. Social media accounts were deleted, the project website went offline, and all communications from the team ceased. Buyers were left with NFTs worth essentially nothing and no recourse against developers who had operated pseudonymously. The case became one of the most-cited examples of the 'affiliation scam' variant of rug pulls, where fraudsters exploit the credibility of established projects.
What are the most important on-chain signals to check before investing in a new token?
Several blockchain-observable metrics are predictive of rug pull risk. Liquidity lock status is the most important: if the project's liquidity pool tokens are not locked via a verifiable third-party service (commonly Unicrypt or Team.Finance), developers can drain the pool at any time. Holder concentration is the second most important: if the top ten wallets hold 30 percent or more of the token supply, a coordinated dump by insiders can collapse the price. Contract mint authority — whether the contract allows the developer to mint additional tokens without limit — is a critical risk. Sell function restrictions in the smart contract code, which prevent ordinary holders from selling, are a definitive indicator of fraud. These checks can be performed using free blockchain explorer tools; a project that discourages or resists this type of scrutiny is providing useful information about itself.
Can celebrity endorsements be trusted for new crypto projects?
Celebrity endorsements of new crypto projects should be treated as red flags rather than legitimising signals. Several high-profile cases have demonstrated that celebrities endorse crypto projects for undisclosed paid fees, sometimes without conducting any due diligence on the underlying project. The Bored Bunny NFT collection, endorsed by prominent social media influencers and celebrities in early 2022, is a documented case: promotional posts drove significant buyer interest; investors who purchased at launch saw the value of their NFTs collapse dramatically within weeks as promotion ceased and developer activity stopped. The US Securities and Exchange Commission has settled enforcement actions against multiple celebrities for promoting crypto securities without disclosing paid arrangements. A celebrity name attached to a new token launch does not confer legitimacy, verified team identity, working product, or protection from exit fraud.
What recourse do rug pull victims have?
Recourse is limited but not entirely absent. The blockchain record is permanent: every transaction is traceable, and blockchain analytics firms including Chainalysis and Elliptic routinely work with the Department of Justice and international law enforcement to link wallet addresses to identifiable individuals. DOJ prosecutions of crypto fraud have increased substantially since 2023. If you have been a victim of a rug pull, preserve all records — screenshots, transaction hashes, communications, promotional materials — and file a report with the FBI's Internet Crime Complaint Center (IC3.gov), your national financial regulator, and local law enforcement. Some rug pull operators have been identified and charged, particularly where they used centralised payment processors or made mistakes in operational security that exposed their real identities. However, recovery of funds directly is rare, and you should be deeply sceptical of 'recovery services' that contact victims proactively — these are frequently additional scams.
