The rug pull worth $600,000 from Blur Finance

Alex Horlan
Head of Triage, HackenProof
3 Minutes Read

Blur Finance was a scam. Developers escape with $600k in investors’ funds. The yield aggregator Blur Finance made a rug pull. Developers deleted their social media channels and site and disappeared with $600k. The funds were taken on Polygon and BNBChain. BLR token has dropped by 99%. The project had 750 active users and lasted about a month.

Rug pull: What type of scam is it?

Pulling the rug out of someone means a sudden withdrawal of crucial support. In crypto, a rug pull refers to a scam where the team abandons their new crypto project. In particular, the team first attracts funding from investors for their new cryptocurrency and then sells their stock while the coin is worth something. Investors are left with nothing.

Rug pulls are relatively rare compared to other types of hacks and exploits. According to the Defiyiled Rekt database, 7 rug scams have been detected in 22, but scammers steal more and more money through rug pulls.

Preventing Rug Pulls

The decentralized finance ecosystem creates breeding conditions for rug pulls. The problem with DEXs is the lack of control. Unlike centralized exchanges, almost anyone can list a coin on DEX for free without any audit. Scammers also rely on open source, accessible, and simple blockchain protocols, such as Ethereum. However, it is possible to recognize and prevent rug pulls.

  1. Check liquidity. The first step is to check the liquidity in a pool of the available balances in the token. Uniswap and other DEXs provide this information automatically.
  2. The pool must be locked. Most credible projects have locked pools. The funds have to stay there for a specified period. Developers will not run with investors’ funds.
  3. Be aware of enormous price increases. A coin heading for a rug pull may skyrocket in price hours before the abandonment. The price increase is meant to push investors into the FOMO state.
  4. Consider token ownership structure. The risk of a rug pull is lower when the development team does not own any significant amount of coins.
  5. Rely on external experts. Don’t forget to check the external security rankings of a project and see if the smart contracts have been audited.

Cybersecurity Resources

Read more on HackenProof Blog