Rug pulls continue to cast a dark cloud over the crypto industry, with BabyMuskCoin being the latest example with over $600,000 duped from investors.
CryptoPotato spoke with Ronghui Gu, co-founder of the blockchain security company – CertiK – about how users can defend themselves against such malicious activities.
The BabyMuskCoin Rug Pull
Ever since the popularity explosion of Dogecoin, propelled mainly by one of the most influential individuals – Elon Musk, the cryptocurrency industry has seen a rapidly growing number of memecoins. While a few had some success, with Shiba Inu standing out the most, others turned out to be blatant scams.
The latest example came from another coin embodying the name of Tesla’s CEO – BabyMuskCoin, whose objective was to “catch Elon’s attention such that he will join the project.” The native token’s price dumped by 99% in hours as the anonymous team behind the project moved off 1,571 BNB (worth around $660,000 at the time) to the popular mixer – Tornado Cash.
As CertiK explained, the team initially claimed that they were scammed on Telegram, but the project’s Twitter and website went down and are still inoperational as of writing these lines.
1,571 $BNB (~$66K) was dumped and the funds were moved to Tornado cash.
The project team CLAIMS to have been scammed via Telegram, but the Twitter and website are down
Do not interact! pic.twitter.com/SUeLnrf4Gn
— CertiK Security Leaderboard (@CertiKCommunity) February 9, 2022
In a different statement sent to CryptoPotato, CertiK added that the developers made two transactions for 10 BNB each to Tornado Cash on January 31st. Later, they started swapping BabyMUSK tokens for BNB before driving the former’s price to zero. At that point, all BNB coins were transferred to an external address and later to Tornado Cash.
Rug Pulls and How to Avoid Them
As the name suggests, such malicious activities mean that the founders/developers of a certain project decide to “pull the rug” from under their investors by dumping all coins they control on the open market and abandoning the protocol. The number of such events skyrocketed in the past several months, and yet, investors continue to pour funds into suspicious projects.
As such, CryptoPotato reached out to CertiK’s co-founder – Rongui Gu – who is also an assistant professor at Columbia University, to inquire about the rug pulls in the space and how investors can protect themselves.
“There’s been an explosion of rug pulls over the last year and a half, where the founders completely abandon the project and abscond with as much money as they can extract from investors. In January of this year alone, CertiK found that $16.56 million was lost to nine rug pulls, with an additional seven different rug pulls from IDOs alone.” – he commented.
Gu pointed out several red flags for him when reviewing a project, including “relentless” promotions of their own token and focusing on “price and potential over community growth and fundamentals.” He believes this signals that their main goal is “maybe to track more the value of their holdings.”
“The only way to assess a smart contract or blockchain protocol accurately for security risks is to understand each line of code and how that code should perform in accordance with its design specification. This may seem daunting, and that would be true – that’s why teams of professionals are dedicated to auditing smart contracts.
Dev teams should implement secure coding best practices to avoid vulnerabilities that could be exploited later. If understanding code and the potential of security vulnerabilities are too out of scope, the best piece of advice I can give is to thoroughly read audit reports before you make an initial investment.”