Arbitrum-based Swaprum Makes Away With $3M After Rug Pull

Swaprum, a decentralized exchange based on Ethereum Layer 2 blockchain Arbitrum, disappeared with user deposits worth $3 million after executing a rug pull, The Block reported. PeckShield, the blockchain security company, carried out an on-chain analysis, which found that around 1,628 ETH had been embezzled from the DEX’s liquidity pools. The ether was equivalent to around $3 million.

Swaprum tokens are now worthless

The team behind Swaprum withdrew the liquidity in the pool, which accumulated against the platform's native token SARP. Then, they exchanged the SARP for ether, leading to a dramatic decline in SAPR’s price. Currently, these tokens are virtually worthless, to the collective disappointment and frustration of investors in the project.

Funds were laundered through Tornado

The scammers transferred the funds from the Arbitrum network to the Ethereum Mainnet. The ether they received in exchange for SARP was laundered through the Ethereum-compatible privacy mixer Tornado Cash. This was done to hide the series of transactions and make the funds harder to trace.

Swaprum’s social networks disappeared overnight

Swaprum deleted its Twitter, GitHub, and Telegram accounts at the speed of light. What’s more, it seems like they never had any digital footprint. No trace of one is left except for their official website which, ironically, published a guide titled “What is a rug pull.” The site served as the project’s front-end.

Swaprum deployer added hidden function

Beosin, a platform providing blockchain projects with intelligence and risk alerts for security incidents, found that Swaprum’s smart contract had a concealed backdoor function.

According to the security team, Swaprum’s deployer stole liquidity tokens users had staked by means of an “add()” backdoor function. It enabled him to take all of the liquidity out of the pool. This hidden function made it possible for the cybercriminals to take over any assets they wished.