$10m of funds goes missing in what appears to be a cryptocurrency rug-pull

$10m of funds goes missing in what appears to be a cryptocurrency rug-pull

There’s a lot of concern in the cryptocurrency realm at the moment. A yield farming platform “utilizing arbitrage to gain optimal yield with low risk” has gone AWOL. Site down, Twitter account deleted, no word from the team behind it explaining what happened. Worst of all, some $10 million worth of funds have been drained leading to accusations of rug-pulling.

So what’s gone wrong with rugs in the land of yield farming?

Yield farming in DeFi (Decentralised Finance)

Yield farming is a popular target for scams, as lots of money is dropped into new services with the hope of big payouts via passive income earnings further down the line. People do receive payouts, by the way. Here’s someone who picked up $1,700 because he used one particular service prior to a specific date. However, as the article notes, many projects are open source. This makes it easy for people with bad intentions to fire up a bogus service of their own, wait for funds to be pumped into it, and then vanish.

This is, of course, not very good when it happens. Sadly, this is what may have happened in this case.

What is a rug pull in cryptocurrency?

A rug pull (or “being rugged”, as they call it in cryptocurrency circles) is not a fun experience. Someone creates an altcoin (any coin other than Bitcoin) on a DEX (decentralised exchange). They then spend some time hyping that token on as many platforms as possible. The more noise, the better: anything to attract potential users. As more people invest, the idea is that the token increases in value. The liquidity of the project goes up as a result.

When hype is at its maximum and investors are running wild, the creators suddenly drain the pool of its funds and fade from existence. Anyone who bought into the project is left with worthless tokens. At this point, sites and services related to the scam token are scrubbed, and a lot of people are out of pocket. The rug is well and truly pulled.

What’s happened to Arbix?

A project called Arbix Finance has indeed pulled its site and deleted its Twitter. Arbix was audited and approved by Certik in November, adding legitimacy to itself and a way to reassure users it is on the level. Here’s an example press release in relation to certification of another cryptocurrency platform. Audits and certifications such as these are common in the DeFi space, so it’s probably a bit disconcerting for users to see the rug pull happen despite such forms of approval.

The audit history page for Arbix Finance currently reads as follows:

“Warning: This project has been confirmed to be a rugpull and is deemed high risk. Do not engage, or interact, with this project.”

Where did the money go?

The Certik Twitter feed is currently revealing pieces of its investigation into what’s happened. It’s quite likely there’s more to come, so this isn’t the full story at present, but here’s the current timeline of events:

Word of the rugpull first breaks. People are told to steer clear of interacting, because it’s still possible to get tangled up in losing some more money:

Money invested by users (the missing $10m) is sent to a variety of addresses, with a big chunk of the missing funds dumped.

That thread and offshoots of it are still being updated, so if you’re impacted you’ll want to bookmark for future reference.

If you want to see more information about the wallets used to hold the funds and where they were sent afterwards, see this tweet.

Next steps

There isn’t much advice that can be given to potential victims in this specific case. More digging is required, and it’s possible one benefit of this service having been audited is it may help with finding out who’s behind this. It’s also possible the project owners may appear at the eleventh hour with an explanation. For now, we have to just wait and see.

There’s a lot of angry people on social media in relation to this one. We’ve seen a few links being sent claiming to be forms of “help” or support from Arbix which resolve to things like Telegram links. With no way to verify, we’d suggest being very cautious around any links sent to offer assistance.

You definitely don’t want to lose out twice over

People are making money in cryptocurrency, but rug pulls remain a huge loss for all concerned. If you haven’t run into one of these scams yet, read up on ways to minimise the threat. It’s a Wild West out there.

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.