Rug Pull

~$2M rug-pulled from New Gold Protocol, a 'gold-backed' BNB Chain yield project whose privileged contract authority drained deposits before the team vanished.

ZKasino took 10,515 ETH ($33M) from 8,000+ users on a 1:1 ETH return promise, then converted it to ZKAS and staked on Lido for 15 months. Founder arrested.

Blast NFT game Munchables lost 17,413 ETH ($62.8M) to one of its developers, a likely North Korean operative hired to write the contract. All funds returned.

The BALD memecoin developer pulled liquidity from Coinbase's Base testnet, netting $5.9M in dev profit and $23M in investor losses while denying any rug pull.

A hidden deployer-only withdrawFunds function in DeFiLabs' BNB Chain staking contract drained $1.6M in user deposits before the project vanished completely.

Kannagi Finance, a zkSync Era yield farm, rug-pulled $2.1M after its closed-source upgradeable staking contract was swapped to a malicious implementation.

$3M rug-pulled from Swaprum on Arbitrum, an Arbiswap fork whose audited contracts hid an upgradeable proxy with a backdoor add() function.

Merlin DEX on zkSync lost $1.82M hours after launch when a back-doored owner role let insiders pull liquidity. CertiK's audit flagged the centralization risk.

Kokomo Finance, an Optimism Compound fork, rug-pulled $4M by pausing cBTC, pointing rewards at a malicious implementation, draining WBTC and deleting socials.

Hope Finance lost $1.86M at its Arbitrum launch after the deployed contract differed from the audited one; funds went straight to Tornado Cash.

Certik-audited Arbix Finance on Arbitrum minted 10M ARBX to attacker addresses, drained $10M in user deposits, and erased its entire web and social presence.

Rug pull drained ~$1.75M from 8ight Finance after operators used privileged contract authority to empty pooled deposits, then deleted all presence.

Avalanche memecoin SDOG lost $18M to insiders who knew the 'challengeKey' needed to trade on its DEX during the buyback, draining it before retail could react.

JayPegs Automart, an Ethereum NFT 'automated trading' scheme, exit-scammed users for ~$3.1M when operators drained deposits and vanished during the NFT mania.

Compounder Finance team pushed a malicious strategy-contract upgrade that swapped pool logic for a drain function, rug-pulling $12M of user deposits.