Aqua Scam Warning: "Rug Pulls" Are Becoming Increasingly Sophisticated

The market is gradually warming up, and the dawn of an "altcoin season" seems to be looming on the horizon, but asset security issues still cannot be ignored. Especially as we have become accustomed to not worrying about "Pikachu scams" on Solana, and even take "dev sell" and "money-raising presale projects" for granted, "Rug Pulls" continue to occur, appearing in even more deceptive forms and threatening our hard-earned money.

On September 9, ZachXBT posted on his personal channel that "the Solana project Aqua is suspected of a Rug Pull (absconding with funds), involving 21,770 SOL (about $4.65 million). Previously, the project had been promoted by Meteora, Quill Audits, Helius, SYMMIO, Dialect, and several KOLs. The related funds were split into four parts, first transferred to intermediary addresses, and then flowed into multiple exchanges."

Currently, the team has disabled comments on all posts on X (Twitter).

Compared to past "Rug Pulls," Aqua appeared much more "legitimate." It had a real product, and you could even check the product's data on defillama. According to defillama data, Aqua's Telegram trading bot had a trading volume of about $137 million in the past 30 days, with product revenue of about $2.83 million.

Aqua also engaged QuillAudits to conduct a code security audit.

Meteora's official Twitter quoted and retweeted Aqua's tweet to promote the project.

Helius also replied under Aqua's collaboration tweet.

With various project parties' official collaboration announcements, plus recommendations from many Chinese and English KOLs, Aqua managed to raise 21,700 SOL (about $4.65 million), all of which has now been transferred, while the initial liquidity of Aqua's token was only 860 SOL (about $184,000).

After analyzing on-chain data, @ReaperOfChains stated that the stolen funds from last year's $20 million IBXTrade $artic fraud incident flowed into the Aqua project. He believes that the mastermind behind IBXTrade must have participated in the Aqua scam in some way, whether deeply or superficially.

So far, among the project parties that previously interacted with Aqua on Twitter, only Dialect's founder @aliquotchris has come forward to explain the situation. He stated that he just wanted to support a new team using their developer tools, regrets this past decision, and is reviewing internal processes for future collaborations to minimize the likelihood of such incidents happening again. Although Dialect's original tweet has been deleted to prevent more people from being directed to Aqua's related links, for the sake of transparency and to acknowledge what Dialect had done, he attached the initial promotional tweet to his explanatory post.

This is particularly commendable amid the silence of other project parties.

On April 18, according to Cointelegraph, based on the latest report from blockchain analytics platform DappRadar, there were 21 "Rug Pull" incidents in early 2024, while only 7 have occurred so far in 2025, indicating a year-on-year decline in frequency. However, since the beginning of 2025, the Web3 ecosystem has lost nearly $6 billion due to such incidents, with 92% attributed to the collapse of Mantra's OM token (the token's founder denies this was a "Rug Pull"). In contrast, the total loss from "Rug Pull" incidents in the same period in 2024 was $90 million.

DappRadar analyst Sara Gherghelas pointed out that although such incidents are less frequent, they are more destructive and increasingly complex, often orchestrated by professional teams. Their nature is also evolving: in the first quarter of 2024, most originated from DeFi protocols, NFT projects, and meme coins, while in the same period of 2025, they mostly occurred in the meme coin sector. Gherghelas also reminded that a sudden surge in the number of active wallets, high trading volume but low user activity, unverified smart contracts, limited GitHub activity, anonymous developer teams, or projects with a sudden spike in DApp activity could all be warning signs of a "Rug Pull."

The Aqua scam once again warns us that even with collaboration and promotion from reputable project parties, even if the product has undergone code audits, and even with extensive KOL promotion, "Rug Pulls" can still happen. Nothing can prevent project parties from acting maliciously, and when they do, there is no way to expect any related party to step up and take responsibility.

We hope that "Rug Pulls" stay far away from every crypto player.