Users said CertiK’s warning was a false alarm — then the project rugged

“Don’t shoot the messenger,” said the messenger before dying in a flurry of bullets fired from the barrels of angry crypto enthusiasts.

A blockchain security firm tried to warn users of an imminent rug pull surrounding a crypto project, but investors became angry and fired back. The firm rescinded the security alert. Then, the project it accused of being a rug pull pulled the plug.

This is the story of CertiK, a blockchain security firm just trying to do its job, the users who tried to stop it from doing so, and the project, Crypto Cars, that (perhaps gleefully) turned its back on its users. 

Back in 2022, CertiK issued a “rug pull” alert for a Vietnamese Web3 gaming project called “Crypto Cars,” which claimed to have over 700,000 users. At the time, the project’s native token was rapidly falling in price, its website was temporarily down, and its developers said that it would no longer respond on its Telegram due to the Lunar New Year holiday celebrated in Vietnam. Considering the situation, the alert made sense — until angry community members pressured CertiK to retract its statement. But when Cointelegraph attempted to follow up with the project on Aug. 1, 2023, it had long ago shut its doors.

Screenshot of CertiK’s rug pull alert on Crypto Cars in 2022. Source: Twitter

CertiK had previously warned investors to avoid interacting with the nonfungible token “racing-based play-to-earn” project. The firm announced on Twitter that it had identified the project as a “rug pull” and highlighted that its website and Telegram channel had been shut down. 

Despite its good intentions, users were quick to go after CertiK and argued that the community alert published by the on-chain security company was “false.” Community members highlighted that the project’s website was still up and its Telegram account was still functional. Yielding to a combination of pressure and seemingly legitimate evidence at the time, the blockchain security firm retracted its rug pull alert and deemed it a “false alarm.”

One of the final statements posted on Crypto Cars’ Telegram before its shutdown. Source: Telegram

After retracting the alert, CertiK pointed out the reasoning behind their alert, citing the Telegram account and website going offline and the funds “dropping to zero.” The security firm also told Cointelegraph back then that incident reporting is done at a very fast pace in order to alert community members and keep them up to date on any suspicious activity, defending itself for the “mistake.”

Related: BALD token developer denies rug pull as price falls 85% post-launch

The retraction also attracted criticism from the community. One person described the alert as “murderous.” The Twitter (now known as X) user also said that they wondered how long CertiK monitored it before making the conclusion, implying that the firm quickly jumped the gun instead of making sure its analysis was correct.

CertiK being criticized for the rug pull alert on Crypto Cars. Source: X

The project now appears to be completely abandoned. While the rug pull alert was retracted by CertiK more than a year ago, the project has recently done what “rug pull” projects typically do — deleted its Telegram account and even changed its Twitter into a totally different project called EtherBank. Moreover, the project also scrubbed the faces of its team members from its barely running website.

According to the information left on CoinMarketCap, which has ceased tracking the project‘s CCAR token, Crypto Cars was created by a team of Vietnamese developers and led by Ly Tran, who claimed to be a full-stack web and mobile app developer. Its chief technology officer, An Nguyen, was also described as a mobile developer focusing on iOS, Android and BlackBerry. However, the developers seem to have erased all traces of them from the internet. 

Crypto Cars team members on the website back in 2021. Source: The Wayback Machine

At the time of writing, the section showing the project’s executives has been deleted from the site. Apart from the website, the team members have also seemingly disappeared from various other places online. Founder and CEO Tran — along with team members Nguyen, Da Mach and Mai Dang — can no longer be found on LinkedIn and other social media outlets. 

Everyone wants to enjoy crypto for what it brings, but sometimes, one must wonder: Are the regulators right that investors need to be protected from their own greed?

Cointelegraph editor Zhiyuan Sun contributed to this story. 

Magazine: Crypto audits and bug bounties are broken: Here’s how to fix them

Leave a Reply

Your email address will not be published. Required fields are marked *