Welcome to DeFi Due Diligence

97.3% of tokens launched on pump.fun last week rugged within an hour.

The fastest one took 19 minutes.

This newsletter exists because checking takes 5 seconds. Getting rugged takes everything.

Every week we break down: • What rugged (and the red flags you missed) • What's still standing (and why) • One term you should know • One stat that'll make you think twice

No shilling. No hype. Just the receipts.

🚨🚨 Breaking: $50M Lost to Address Poisoning

$50 million. Gone. Not a hack. Not a rug. A copy-paste error.

Here's what happened on December 21:

  1. User sent a test transaction to the correct address

  2. Attacker saw the transaction on-chain

  3. Attacker created a look-alike address (same first and last characters)

  4. Attacker sent dust (tiny amount) FROM that fake address TO the user

  5. User went to send $50M USDT

  6. User copied the address from transaction history — grabbed the wrong one

  7. $50M sent to attacker's wallet

Within 30 minutes, the attacker swapped USDT → DAI → ETH, split across multiple wallets, and sent ~16,690 ETH through Tornado Cash. Gone. Untraceable.

This is called "address poisoning." The attacker poisons your transaction history with addresses that look identical at first glance.

How to protect yourself: • NEVER copy addresses from transaction history • Use saved contacts / address book • Check the ENTIRE address, not just first and last characters • For large transfers: send a test amount, verify receipt, THEN send the rest

Check every character. Every time.

🥷 This Week’s Rugs

Pump.fun Massacre (Dec 20)

According to @PumpFun_Watcher's analysis, pump.fun saw 17,543 tokens launch on December 20.

17,073 of them rugged within an hour. That's 97.3%.

The fastest rug took 19 minutes. Someone made a token, got buyers, drained liquidity, and vanished — all before you'd finish a coffee.

Only 0.1% of tokens hit 10X. You have better odds at a casino.

Red flags to check: • Fresh wallets buying at launch (bundled = rigged) • Liquidity unlocked (devs can pull anytime) • No socials, no history, no accountability

If you're playing pump.fun without checking, you're not trading — you're donating.

Yearn Finance Exploits

Yearn got hit twice recently. Again.

• Nov 30: yETH exploit — $9M drained • Dec 16: Legacy iearn TUSD vault — $300K drained

The yETH attack? Someone minted 235 septillion tokens from 16 wei ($0.00000000004). The TUSD vault? A donation attack on code from 2020.

Both exploits hit old code. Audited years ago. Still holding funds.

"Audited" doesn't mean "safe forever." It means "safe when we checked."

Red flags: • Last audit was years ago • Legacy vaults still holding funds • No active security updates

Even blue chips get hit. Check when the audit was done.

Stat of the Week

2.9%

That's the percentage of pump.fun tokens that even hit 2X on Dec 20.

Roulette gives you 47.4% odds on red or black.

Pump.fun isn't a casino. It's worse.

Token Spotlight: Legit vs. Rug

Side by side. Same checklist. Different outcomes.

BONK (Legit)

  • 3 years old

  • Liquidity locked

  • Listed on major exchanges

  • Organic community

  • Transparent dev wallets

AVA AI (Rug)

  • Launched on Pump.fun

  • 23 insider wallets sniped 40% at launch

  • All funded through same exchanges, same time window

  • Crashed 96% from all-time high

  • "VC-backed" didn't mean safe

The checklist doesn't lie. Use it before you ape.

What we check:

  1. Age (hours = danger)

  2. Liquidity (locked or not?)

  3. Exchange listings (CEX = more vetted)

  4. Community (bots or real?)

  5. Dev wallet activity (concentrated holdings = dump risk)

  6. Launch pattern (bundled = rigged)

Takes 30 seconds. Saves everything.

Learn the Lingo: Bundled Scam

You see a new token. Chart looks clean. You ape.

Then it dumps. Hard.

What happened? You got bundled.

A bundled scam is when devs pre-buy tokens using multiple wallets BEFORE the public launch. By the time you buy, they already own most of the supply. They're not buying with you — they're selling TO you.

How to spot it: • Fresh wallets (created hours before launch) • Coordinated buys in the first seconds • Multiple wallets buying exact same amounts • Wallet clusters that all sell at the same time

Tools like Bubblemaps can show you wallet connections. If it looks like a spider web, run

Before you ape, check.

Ser is it safe? gives you a 0-100 safety score in seconds.

Paste the contract. Get the score. Make the call.

Now with Solana memecoin support.

Try it: t.me/SerIsItSafebot

That's it for this week. Stay skeptical.

Don't get got.

— Ser is it safe?

Keep reading

© 2026 Ser is it Safe? | Azentiq Nexus Pte Ltd.
Report abusePrivacy policyTerms of use
beehiivPowered by beehiiv