Over the past ten months, scammers created over 1,300 fake tokens on the Ethereum network and fooled more than 42,000 investors using a new hard-to-trace Rug Pull scheme. As a result, attackers gained 14,000 ETH ($32 million) of user funds.
Blockfence, a cybersecurity analytics company, found that scammers began using a new Rug Pull scheme in April 2023. This scheme uses several complex tools, making it difficult to detect and track.
Blockfence’s analysts discovered that scammers manipulate and deceive crypto users with a combination of such methods:
- User balance manipulation. When a victim purchases a scam token, their balance is updated to 1, preventing them from selling it later. The process is achieved through a malicious contract linked to all the fake tokens.
- Unlimited token minting. The same malicious contract allows administrators to create an unlimited number of tokens, making it easier to manipulate the token’s market.
- Use of token names that mimic well-known projects. Scammers create names for fake tokens that impersonate real projects to attract more investors.
- Honeypot scam. All scammers’ operations act as a trap for new investors. So, they can’t withdraw their funds if they invested in the project.
As a result of using such a scheme, scammers created more than 1,300 fake tokens on Ethereum in ten months and deceived over 42,000 investors, who lost 14,000 ETH ($32 million).
The new Rug Pull scheme consists of these basic steps:
- Scammers create the appearance of a profit-making investment opportunity by generating fake liquidity for the project. It provokes FOMO, and investors, afraid of missing out, start buying scam tokens.
- They then manipulate the trading volume to make the project appear popular and profitable.
- Fraudsters integrate the lock() function with services like PinkLock to create a false sense of safety for investors.
- They use the execute() function to exchange large amounts of fake tokens on ETH, profiting from the token exchange.
- To avoid unwanted attention to the project, scammers return 5-20 ETH to users from each big fake token transaction.
- They remove the liquidity and dump tokens’ price to zero, completing the scam and covering up any evidence of fraud.
Analysts revealed that the most active attackers use the growing popularity of meme coins to create scam projects. Tokens such as AIPEPE, Purple Pepe, Pepe Chain, Pepe Race, and Baby Pepe were involved in Rug Pull schemes.
Identifying new fraud schemes is difficult as the combination of several complex tools makes it challenging to detect and track. According to Pablo Sabbatella, Head of Security Research at Blockfence, scammers created a fake token called Blockfence and stole 23.6 ETH ($53,000) before analysts detected the Rug Pull.
Scammers are improving their methods of tricking crypto users by using Google Ads, BSC smart contracts, and WordPress to spread malicious software. In 2023, Rug Pull schemes accounted for more than half of the attacks on crypto users.
