Over 98% of tokens launched on Pump.fun fail. Most of them aren't accidents — they're designed to extract money from buyers and disappear. In Q1 2025 alone, crypto rug pulls wiped out nearly $6 billion globally, with Solana accounting for the highest rug pull density of any blockchain.
If you trade memecoins, low-cap tokens, or anything on Solana's launchpads, learning to spot rug pulls isn't optional — it's survival. This guide covers the exact red flags to check, the free tools that do the checking for you, and the common tricks scammers use on Solana specifically.
What Is a Rug Pull?
A rug pull is when a token creator or insider group drains value from a project, leaving everyone else holding worthless tokens. The name comes from the idea of pulling the rug out from under someone — by the time you realize what happened, you're already on the floor.
On Solana, rug pulls happen in minutes, not days. The chain's sub-second transactions and near-zero fees make it cheap to launch thousands of scam tokens. A single developer can create a token on Pump.fun for less than $2 and potentially extract thousands of dollars from buyers within the first hour.
There are two broad types:
Hard rug pulls — The creator uses technical exploits (minting new tokens, draining liquidity, freezing your wallet) to steal funds. These are the most damaging and often use smart contract manipulation.
Soft rug pulls — The creator gradually dumps their holdings on buyers, killing the price over time. Technically legal in many jurisdictions, but the result is the same: you lose money.
The Most Common Rug Pull Techniques on Solana
The classic rug. A developer creates a token, pairs it with SOL in a liquidity pool on Raydium or another DEX, waits for buyers to push the price up, then withdraws all the liquidity. Buyers are left with tokens they can't sell because there's no liquidity left.
On Solana, fraudulent pools often live for less than an hour. Research from Solidus Labs found that 93% of liquidity pools on Raydium showed soft rug pull characteristics, and 71% of fraudulent pools yielded net gains for their creators.
How Pump.fun partially fixes this: Tokens that graduate to PumpSwap have their LP tokens automatically burned, which prevents the creator from pulling liquidity. But this only applies to the ~1% of tokens that actually graduate. The 99% that never leave the bonding curve are fair game for creator dumps.
2. Deployer-Funded Sniping
This is a Solana-specific technique. The token creator transfers SOL to multiple "sniper wallets" before launch, and these wallets buy the token in the same block as deployment. This gives the creator a massive position at the lowest possible price while making the token look like it has organic early demand.
A Pine Analytics report identified over 15,000 SOL in realized profits extracted from 15,000+ token launches using this technique, involving 4,600 sniper wallets with an 87% profitability rate.
What it looks like: Multiple wallets buying in block 1, often with similar SOL amounts and no prior history. If you see 5-10 wallets sniping a token in the same block, be cautious — they may all be controlled by the deployer.
3. Wallet Splitting
Instead of holding 50% of the supply in one wallet (which is an obvious red flag), the creator distributes tokens across dozens or hundreds of wallets they control. Each individual wallet might hold 1-2% of supply, but combined they control a majority stake.
Bubblemaps exposed one case where a token creator distributed SOL to 162 wallets, which then purchased half the total supply at launch. Without tools that can visualize wallet clusters, this is almost impossible to detect manually.
Every SPL token on Solana has a "mint authority" — the address that can create new tokens. If the mint authority isn't revoked after launch, the creator can mint unlimited new tokens at any time and dump them on the market, diluting everyone else's holdings to zero.
Pump.fun sets mint authority to null by default, but tokens launched on other platforms (Raydium directly, or custom launches) may not. Always verify that the mint authority is revoked.
Solana tokens also have a "freeze authority" that can freeze any holder's tokens, preventing them from selling. This creates a classic honeypot: you can buy the token, you can see the price going up, but when you try to sell — nothing happens. Your tokens are frozen.
The trap: The token chart looks perfect. Price keeps climbing. People keep buying. But only the creator and their insiders can actually sell. By the time buyers realize their tokens are frozen, the creator has already dumped.
6. Address Poisoning
Not strictly a rug pull, but a growing threat on Solana. Scammers create wallet addresses that visually resemble legitimate ones (matching the first and last few characters) and send tiny "dust" transactions to your wallet. When you later copy-paste an address from your transaction history, you accidentally send funds to the scammer.
In January 2026 alone, $12.25 million was lost to wallet poisoning and phishing on Solana.
Red Flags: What to Check Before Buying Any Token
Token Authority Checks
| Authority | Safe | Dangerous |
|---|
| Mint authority | Revoked (null) | Active — creator can mint unlimited tokens |
| Freeze authority | Revoked (null) | Active — creator can freeze your tokens |
| Update authority | Revoked (null) | Active — creator can change token metadata |
If any of these authorities are still active, proceed with extreme caution. Legitimate projects revoke mint and freeze authority before or immediately after launch.
- Top 10 wallets holding >30% of supply — Major red flag. Even if it's split across wallets, concentrated ownership means a few wallets can crash the price.
- Many wallets with suspiciously identical holdings — If 20 wallets each hold exactly 1.8%, they're likely controlled by the same person.
- Developer wallet holding >5% — Higher risk of a gradual dump.
Liquidity
- No liquidity lock or LP burn — The developer can pull all liquidity at any time. PumpSwap burns LP tokens automatically for graduated tokens, but other DEXs don't.
- Market cap far exceeding liquidity — A token with $500K market cap but only $5K in liquidity can be drained in a single transaction.
Social Signals
- No Twitter, Telegram, or website — Anonymous tokens with zero social presence are almost always scams.
- Copy-pasted website from another project — Scammers clone successful project sites.
- Brand-new developer wallet — No transaction history means you can't evaluate the creator's track record.
- Extreme hype with no product — If the only thing the project offers is "to the moon" promises, it's likely a pump-and-dump.
On-Chain Behavior
- Multiple buys in block 1 — Likely deployer-funded sniping.
- Large buys immediately followed by the dev selling — The dev is using early buyers as exit liquidity.
- Sudden burst of social media activity — Coordinated shilling campaigns often precede dumps.