Even with products, partnerships, and code audits, scams are still possible. The market is gradually recovering, and the dawn of the "altcoin season" seems to be looming, but the issue of asset security cannot be ignored. Especially when we have become accustomed to Solana without worrying about "pixiu trading" and even become accustomed to "dev sells" and "pre-sale deposits," "rug pulls" continue to appear, and in more deceptive forms, threatening our hard-earned money.

On September 9th, ZachXBT posted on his personal channel, "The Solana project Aqua is suspected of a runaway operation involving 21,770 SOL (approximately $4.65 million). The project was previously promoted by Meteora, Quill Audits, Helius, SYMMIO, Dialect, and several KOLs. The funds were split into four parts, first transferred to an intermediate address, and then flowed into multiple trading platforms."

Currently, the team has turned off commenting on all posts on X (Twitter).

Compared to the previous "Rug Pull," Aqua appears much more legitimate. It has a real product, and relevant data can even be found on Defillama. Defillama data shows that Aqua, a Telegram trading bot, has generated approximately $137 million in trading volume over the past 30 days, generating approximately $2.83 million in product revenue.

Aqua also hired QuillAudits to perform a code security audit.

Meteora's official Twitter account quoted and retweeted Aqua's tweet to promote the project.

Helius also responded to Aqua's tweet about the collaboration.

The official announcements of cooperation with various project parties, coupled with the recommendations of many Chinese and English KOLs, allowed Aqua to raise 21,700 SOL (about 4.65 million US dollars) through token pre-sales. However, all of these funds have been transferred, and the initial liquidity of Aqua's tokens is only 860 SOL (about 184,000 US dollars).

@ReaperOfChains, after analyzing on-chain data, revealed that funds stolen from last year's massive $artic presale scam involving over $20 million at IBXTrade were funneled into the Aqua project. He believes the mastermind behind IBXTrade must have been involved in the Aqua scam in some way, either deeply or superficially.

Of the projects that had previously interacted with Aqua on Twitter, only Dialect founder @aliquotchris has come forward to explain the situation. He stated that he simply wanted to support a new team using their developer tools, regretted the decision, and was reviewing internal processes for future collaborations to minimize the likelihood of such incidents recurring. Although Dialect's original tweet has been deleted to prevent further links to Aqua, he attached the original promotional tweet to the tweet to publicly and transparently acknowledge Dialect's past actions.

This is commendable among the project parties who have remained silent.

On April 18, Cointelegraph reported that according to a recent report from blockchain analytics platform DappRadar, there had been 21 "rug pull" incidents in early 2024, compared to only 7 so far in 2025, indicating a year-on-year decrease in frequency. However, since the beginning of 2025, the Web 3 ecosystem has lost nearly $6 billion due to these incidents, 92% of which was attributed to the collapse of Mantra's OM token (which its founder denies was a "rug pull"). By comparison, total losses from "rug pull" incidents during the same period in 2024 were $90 million.

DappRadar analyst Sara Gherghelas noted that while such incidents are becoming less frequent, they are more destructive, with scams becoming more sophisticated and often orchestrated by professional teams. Their nature is also evolving: in the first quarter of 2024, they were primarily linked to DeFi protocols, NFT projects, and meme coins, while in the same period of 2025, they were primarily linked to meme coins. Gherghelas also warned that unexplained surges in unique active wallets, high transaction volume but low user activity, unverified smart contracts, limited GitHub activity, anonymous developer teams, or a sudden surge in DApp activity could all be warning signs of a "rug pull."

The Aqua scam serves as a stark reminder that even with the collaboration and promotion of a reliable project, even with a code audit and widespread KOL outreach, "rug pull" can still happen. There's no way to prevent a project from maliciously engaging in malicious activity, and when a project engages in malicious activity, there's no way to expect any relevant parties to take responsibility.

I hope that "Rug Pull" can stay away from every cryptocurrency player.