Fraud across the decentralized finance (DeFi) ecosystem is growing, with victims losing billions to DeFi scams every year. However, there is a disconnect between the reported value of these scams and associated legal prosecutions. We use open-source investigative tools to (1) investigate potential frauds involving Ethereum tokens using on-chain data and token smart contract analysis, and (2) investigate the ways proceeds from these scams were subsequently laundered. The analysis enabled us to (1) uncover transaction-based evidence of several rug pull and pump-and-dump schemes, and (2) identify their perpetrators' money laundering tactics and cash-out methods. The rug pulls were less sophisticated than anticipated, money laundering techniques were also rudimentary and many funds ended up at centralized exchanges. This study demonstrates how open-source investigative tools can extract transaction-based evidence that could be used in a court of law to prosecute DeFi frauds. Additionally, we investigate how these funds are subsequently laundered.

翻译：去中心化金融（DeFi）生态系统中的欺诈活动日益猖獗，受害者每年因各类DeFi骗局损失数十亿美元。然而，这些骗局的报告损失金额与相关法律诉讼之间却存在显著脱节。本研究利用开源调查工具：（1）通过链上数据与代币智能合约分析，调查涉及以太坊代币的潜在欺诈行为；（2）追踪这些骗局收益的后续洗钱路径。分析使我们能够：（1）揭示多项Rug Pull（拉地毯骗局）与Pump-and-Dump（拉高出货）计划的交易证据；（2）识别作案者的洗钱策略与变现手段。研究发现，Rug Pull骗局的技术复杂性低于预期，洗钱手法同样原始粗糙，多数资金最终流入中心化交易所。本研究展示了开源调查工具如何提取可在法庭上用于起诉DeFi欺诈行为的交易证据，并进一步追踪这些资金的洗钱流向。