An audited and reputedly reliable performance farming platform named Arbix Finance has been flagged as “rugpull”, eliminating its sites, Telegram channel and Twitter and transferring $10 million in deposited cryptocurrency.
Rugpull is a malicious maneuver in the cryptocurrency industry where crypto developers abandon a project and run away with investor’s funds. Rugpull also known as “exist scams” are when pseudo-anonymous cryptocurrencies or platforms are created only for the motive to collect funds for legitimate service and then disappear with deposited funds.
This happen because decentralized networks are essentially unreliable, entities like CertiK try to evaluate them through audits that scan a token’s smart contracts for signs of privacy problems, fraud, vulnerabilities etc.
In Arbix’s case, CertiK’s conducted an audit on 19th November 2021, the findings of which had initially been reasons for users to trust on Arbix Finance.
However, CertiK tweeted that Arbix is now classified as rugpull only after the token’s smart contract was detected minting 10 million ARBIX to addresses under the owner’s control and then dumping them for Ethereum.
Arbix operator also transferred $10 million in funds deposited by users to “unverified pools” where such funds converted to Ethereum. The attackers then transferred Ethereum to Tornado.cash which performs as a mixer and make it difficult to trace the funds.
Tornado.cash’s FAQ page states that “Tornado Cash improves transaction privacy by breaking the on-chain link between source and destination addresses. It uses a smart contract that accepts ETH deposits that can be withdrawn by a different address”.
“To preserve privacy, a relay can be used to withdraw money to an address with no ETH balance. As long as new address withdraws ETH, there is no any way to link to the withdrawl to the deposit, to make sure about complete privacy”.
Thus, the funds and their movements are being tracked but the chances of a recovery are slim.
Yield farming is dangerous
The concept of yield farming is attractive because it promises payments to cryptocurrency investors without doing anything.
Users deposit cryptocurrencies into yield farming platform and then allow automated algorithms to monitor the fluctuations in the values of various tokens and send yield returns to investors according to their trading threshold settings.
The main problems with the entire idea are cyber theft and fraud as many of these platforms are either anxious or questionable.
In October 2020, a similar platform named Harvest Finance was hacked resulting in the theft of $24 million from users.