The biggest threat to trust in cryptocurrency: Rug Pulls Put 2021 scam revenue close to all-time highs

Rug pulls have emerged as the go-to scam of the DeFi ecosystem, accounting for 37% of all cryptocurrency scam revenue in 2021, versus just 1% in 2020, according to Chainalysis 2022 Crypto crime report. All in all, rug pulls took in more than $2.8 billion worth of cryptocurrency from victims in 2021. 

Scams were once again the largest form of cryptocurrency-based crime by transaction volume, with over $7.7 billion worth of cryptocurrency taken from victims worldwide.

That represents a rise of 81% compared to 2020, a year in which scamming activity dropped significantly compared to 2019, in large part due to the absence of any large-scale Ponzi schemes. That changed in 2021 with Finiko, a Ponzi scheme primarily targeting Russian speakers throughout Eastern Europe, netting more than $1.1 billion from victims. 

Another change that contributed to 2021’s increase in scam revenue: the emergence of rug pulls, a relatively new scam type particularly common in the DeFi ecosystem, in which the developers of a cryptocurrency project — typically a new token — abandon it unexpectedly, taking users’ funds with them. We’ll look at both rug pulls and the Finiko Ponzi scheme in more detail later in the report. 

As the largest form of cryptocurrency-based crime and one uniquely targeted toward new users, scamming poses one of  the biggest threats to cryptocurrency’s continued adoption. But as we’ll explore, some cryptocurrency businesses are taking innovative steps to leverage blockchain data to protect their users and nip scams in the bud before potential victims make deposits.

Investment scams in 2021: More scams, shorter lifespans

While total scam revenue increased significantly in 2021, it stayed flat if we remove rug pulls and limit our analysis to investment scams — even with the emergence of Finiko. At the same time though, the number of deposits to scam addresses fell from just under 10.7 million to 4.1 million, which we can assume means there were fewer individual scam victims.

This also tells us that the average amount taken from each victim increased.

Scammers’ money laundering strategies, however, haven’t changed all that much. As was the case in previous years, most cryptocurrency sent from scam addresses ended up at mainstream exchanges. 

Exchanges using Chainalysis KYT for transaction monitoring can see this activity in real time, and take action to prevent scammers from cashing out. 

The number of financial scams active at any point in the year — active meaning their addresses were receiving funds — also rose significantly in 2021, from 2,052 in 2020 to 3,300.

This goes hand in hand with another trend we’ve observed over the last few years: The average lifespan of a financial scam is getting shorter and shorter.

The average financial scam was active for just 70 days in 2021, down from 192 in 2020. Looking back further, the average cryptocurrency scam was active for 2,369 days, and the figure has trended steadily downwards since then. One reason for this could be that investigators are getting better at investigating and prosecuting scams. For instance, in September 2021, the CFTC filed charges against 14 investment scams touting themselves as providing compliant cryptocurrency derivative trading services — a common scam typology in the space — whereas in reality they had failed to register with the CFTC as futures commission merchants. Previously, these scams may have been able to continue operating for longer. As scammers become aware of these actions, they may feel more pressure to close up shop before drawing the attention of regulators and law enforcement. 

At the same time, we’re seeing the end of a long-standing statistical relationship between cryptocurrency asset prices and scamming activity. Scams typically come in waves corresponding with sustained price growth in popular cryptocurrencies like Bitcoin and Ethereum, which typically also lead to influxes of new users. We see this reflected in the chart below — scamming activity spiked following bull runs in 2017 and 2020.

This isn’t all that surprising. New, less savvy users attracted by cryptocurrency’s growth are more likely to fall for scams than more seasoned users. However, the relationship between asset prices and scamming activity now appears to be disappearing.

Above, we see scam activity rise in concert with Bitcoin and Ethereum prices until 2021, when scamming activity stays flat and even begins to drop regardless of whether prices rise or fall.

Rug pulls are the latest innovation in scamming

Rug pulls have emerged as the go-to scam of the DeFi ecosystem, accounting for 37% of all cryptocurrency scam revenue in 2021, versus just 1% in 2020.

All in all, rug pulls took in more than $2.8 billion worth of cryptocurrency from victims in 2021. 

As is the case with much of the emerging terminology in cryptocurrency, the definition of “rug pull” isn’t set in stone, but we generally use it to refer to cases in which developers build out what appear to be legitimate cryptocurrency projects — meaning they do more than simply set up wallets to receive cryptocurrency for, say, fraudulent investing opportunities — before taking investors’ money and disappearing. 

Rug pulls are most commonly seen in DeFi. More specifically, most rug pulls entail developers creating new tokens and promoting them to investors, who trade for the new token in the hopes the token will rise in value, which also provides liquidity to the project — that’s how most DeFi projects start. In rug pulls, however, the developers eventually drain the funds from the liquidity pool, sending the token’s value to zero, and disappear. Rug pulls are prevalent in DeFi because with the right technical know-how, it’s cheap and easy to create new tokens on the Ethereum blockchain or others and get them listed on decentralized exchanges (DEXes) without a code audit. That last point is crucial — decentralized tokens are meant to be designed in such a way that investors holding governance tokens can vote on things like how assets in the liquidity pool are used, which would make it impossible for the developers to drain the pool’s funds. While code audits that would catch these vulnerabilities are common in the space, they’re not required in order to list on most DEXes, hence why we see so many rug pulls.

The chart below shows 2021’s top 15 rug pulls in order of value stolen.

It’s important to remember that not all rug pulls start as DeFi projects. In fact, the biggest rug pull of the year centered on Thodex, a large Turkish centralized exchange whose CEO disappeared soon after the exchange halted users’ ability to withdraw funds. In all, users lost over $2 billion worth of cryptocurrency, which represents nearly 90% of all value stolen in rug pulls. However, all the other rug pulls in 2021 began as DeFi projects.  

AnubisDAO, the second-biggest rug pull of 2021 at over $58 million worth of cryptocurrency stolen, provides an excellent example of how rug pulls in DeFi work.

AnubisDAO launched on Thursday, October 28, 2021, claiming it planned to provide a decentralized, free-floating currency backed by a basket of assets. With little more than a DOGE-inspired logo — the project had no website or white paper, and all of its developers went by pseudonyms — AnubisDAO raised nearly $60 million from investors practically overnight, all of whom received the project’s ANKH token in exchange for funding the project’s liquidity pool. But a mere 20 hours later, all the funds raised, primarily held in wrapped Ethereum (wETH), disappeared from AnubisDAO’s liquidity pool, moving to a series of new addresses. 

The full article in here

This blog is a preview of Chainalysis 2022 Crypto Crime Report. Sign up here to reserve your copy and we’ll email you the full report when it comes out in February!