Fintech

Anatomy of an NFT art scam: How the Frosties rug pull went down

Crypto plays on values of anonymity and community — and getting rich quick. Those helped the creator of the Frosties digital art project deceive users.

NFT rug pull

Frosties, which had become the latest star of the NFT world as 2022 began, just as quickly became the year’s most notable scam.

Illustration: Christopher T. Fong/Protocol

Joshua Christian had a good feeling about Frosties, a digital collection of colorful ice-cream-scoop characters with quirky outfits and facial expressions. The 20-year-old college student from Huddersfield, England, bought three of them, his first NFT purchases. He was one of millions of new buyers to enter the digital art market, a field that’s exploded in the past year.

But just a few hours after Frosties’ public minting began the evening of Jan. 9, he noticed something odd: The NFT’s Discord server was gone. “That’s not right,” he thought.

In Oklahoma, Melissa Kotter, a Frosties “mod,” or moderator, was also puzzled when the Discord server disappeared. “Everybody was freaking out,” the 26-year-old artist told Protocol.

A few hours later, in Singapore, a sales manager who asked to be identified only as Kerry and who, together with a friend, purchased about 160 Frosties worth about 12 ETH, more than $45,000 at that time, woke up to “many messages telling me a rug was pulled.”

By then, thousands of Frosties realized that they had been scammed, confirmed by a tweet on the Frosties Twitter account before it subsequently disappeared. “I’m sorry,” it read.

Frosties, which had become the latest star of the NFT world as 2022 began, just as quickly became the year’s most notable scam. It was a rug pull, a trick where creators of a cryptocurrency or an NFT artwork or game abruptly shut down the project, make away with the project funds and disappear. Along with the money went the trust and goodwill essential to getting a project merging new forms of art and finance off the ground.

Rug pulls have become a major form of crypto fraud, making up nearly 40% of crypto scams and costing users about $2.8 billion last year, up from just 1% the previous year, according to Chainalysis.

The Frosties scam led to the theft of at least $1.2 million, moved in a series of rapid transfers of funds from Frosties' OpenSea wallet to other accounts, leaving a community, which numbered roughly 40,000 at its peak, stunned.

“My initial thought was like, 'F---, this is awful,'” Christian said. “Honestly, I couldn't believe it at first,” Kotter said. “It was a lot of anxiety — and I can't say I got good sleep.”

Frosties NFTs on OpenSea Frosties NFTs on OpenSea.Screenshot: OpenSea

Kotter’s Frosties journey began on an upbeat note. She started getting into NFTs last year and was drawn to the Frosties project which she said looked “really professionally done.” There were things she found curious about the community, like the fact that, unlike with other NFT projects, the Frosties managers did not disclose their identities to reassure prospective buyers. But, Kotter said, she “went into it anyway.”

So did Christian, who spent about $1,000 on three Frosties which cost about $112 each in ether, including gas fees. “I really like the art style. They looked really cute on the website. Frosties had a feeling that people would buy that, you know.” In the world of NFTs, that means the collection could be worth a lot of money.

Take the Bored Ape Yacht Club, which has attracted celebrity buyers including Justin Bieber, who reportedly bought one for $1.3 million. Corporations are getting in on the action, too. Visa bought a CryptoPunk for $150,000, a bargain considering that an NFT from the same collection sold for nearly $12 million.

NFTs aren’t just about a piece of art for the buyer and others to admire. Christian said he bought Frosties for its staking feature, in which he could earn fees by locking up his NFTs on the Ethereum blockchain, which in turn would help process transactions. Buyers were promised other ways to make money from the investment, too, like “breeding” — essentially creating new Frosties from two existing ones.

Kotter, who was elected as a mod, made it to the whitelist, giving her early access to the first Frosties to be minted, an incentive that helped build interest in the project.

Many members became upset by high gas fees in the early minting. In a surprising move, the anonymous Frosties developer refunded the fees. That should have been an alarm, but unsophisticated buyers took it as a positive sign.

The fee refund “screams out to me like a Ponzi-scheme-type strategizing,”' said Michael Fasanello, an anti-money laundering specialist who has analyzed other scams. Giving early customers their money back for gas fees led to people publicly praising the project, helping recruit more users.

Melissa Kotter and Cruise Ingles Melissa Kotter and Cruise Ingles, Frosties owners.Photos: Melissa Kotter, Cruise Ingles

The Frosties rug pull had the “hallmarks of cyber-enabled financial crime when you get to the use of the mixers, the address hopping, the peel chains and all that stuff,” said Fasanello, director of Training and Regulatory Affairs at the Blockchain Intelligence Group. His firm is conducting an investigation into Frosties, pro bono.

Fasanello used blockchain analytics to track movements from the Frosties page on OpenSea. The funds first moved in “peel chains,” a series of small transfers ranging from $3,500 to $25,000, mostly to un-hosted or stealth wallets. One transfer went to a Coinbase account, though it was quickly moved to another wallet.

Then much bigger transfers followed, including three worth about $300,000 each. This time the scammer used Tornado Cash, an Ethereum-based tool that obfuscates the source of funds by using stealth addresses.

Tracking the funds is challenging, but not impossible, Fasanello said: “At least some of this money, theoretically, could be obtained and returned to the customers, if all of the pieces aligned properly.” Coinbase declined to comment. OpenSea could not immediately be reached for comment.

Some of the victims are taking what happened in stride.

Kerry, the sales manager based in Singapore, said he and his friend “had a good laugh” over what happened, though they now look for “red flags” in considering new crypto projects.

Christian said it was “really annoying” to learn he was involved in a rug pull. He was puzzled by why the developer opted for the quick profit of a scam versus the money they could have made running the project legitimately.

He’s not giving up on NFTs. “I'm 20 and I want to do as much as I can young, so I can live out my 30s and everything stress-free,” he said. The total NFT market is now worth about $16 billion, which is just 1% of the $2 trillion crypto market. But NFTs, Christian predicted, are “going to blow up in the coming years.”

Some of the Frosties victims are trying to rebuild the community through a technical maneuver called wrapping — taking the tokens issued in the scam, which still exist on the blockchain, and placing them under an entirely new smart contract outside the original developer’s control. Christian said he paid $140 to wrap his three Frosties into the new contract.

The “Wrapped Frosties,” as the group is called, set up a new page on OpenSea. The page recently listed a “floor,” or lowest price for the collection, at 0.005 ETH, or about $13.11. Cruise Ingles, a rug pull victim who also decided to join the rebuilding effort, said he would like to see the collection go back to its original .04 ETH, or $116, floor price “to ensure decent royalties” for community members.

Ingles said the group plans to launch a new collection called Cutie Pies to raise funds which they hope to use to sustain and grow the Frosties collection. He said the new Frosties Discord community has about 1,600 members, with 150 active participants.

But rebuilding an NFT community “that lost all of its money” is challenging, Ingles acknowledged. A successful NFT community emerges largely because of FOMO, he said. “The fact that a project has ‘already failed’ makes other buyers want to avoid it, no matter what happens after,” he said.

Joshua Christian Joshua Christian spent about $1,000 on three Frosties which cost about $112 each in ether, including gas fees.Photo: Joshua Christian

Christian also complained about “a lot of clashing” among members, saying: “The whole idea of everyone working together just kind of drifted away.”

Ingles said his experience with Frosties, which was his first experience with a rug pull, has reinforced one of his beliefs: It’s generally not a great idea to jump into a brand-new NFT project — even one with tens of thousands of enthusiastic members.

“Hype is where it gets a lot of people,” he said. “I've seen probably 10 different projects within the past week or so get rugged all because of just the hype. There's a large community rallying about one thing and being super excited. And so they all buy in at once. And that allows the investor to all pull out at once.”

Kotter, who is also part of the rebuilding effort, remains upbeat, calling what happened “eye-opening and, oddly enough, inspiring.”

“I wanted to do something to help,” she said. “There are a lot of scams in the crypto space, and this is something we would like to change. It will not be overnight, but there are big things coming that were born from the chaos of the Frosties rug pull.”

Still, she wondered if the original Frosties developer was “able to sleep at night with all that guilt.”

There was a hint of that guilt in the scammer’s final messages, which sought to clear the name of two other mods, a couple named Andre and Katelyn. “You will likely be getting a lot of heat,” the developer wrote, adding that he was sending them some ether “for your troubles.” Andre and Katelyn have kept a low profile and haven’t been active in the rebuilding effort, according to Kotter.

One legacy of Frosties may be a cultural change around anonymity in crypto. “Doxxing” used to be a dirty word in internet culture, meaning the involuntary unmasking of an anonymous user’s personal information. Reddit explicitly bans doxxing, and a recent article in BuzzFeed News caused an uproar when it revealed the names of two Bored Ape Yacht Club creators who had previously gone by pseudonyms, even as the value of the company behind it, Yuga Labs, soared into the billions.

But doxxing is starting to take on a new meaning: the voluntary self-identification of a project’s developer to engender trust. The Frosties developer wasn’t doxxed, but so-called doxxed projects are on the rise. CryptoDads, for example, advertises itself as “fully doxxed,” and others speak of a “doxxed team.” Magic Eden, an NFT marketplace on the Solana blockchain, relaunched its service this month after some high-profile rug pulls with new identification requirements.

If the industry doesn’t embrace open identities, regulators may force them. NFTs involve financial transactions, sometimes large-scale ones. Increasingly, crypto companies are showing a seriousness about complying with know-your-customer rules that are common in traditional finance. That may mean losing some of the charm of the largely anonymous crypto scene that drew in early NFT buyers. But if it means stopping rug pulls that turn off mainstream customers, it may be a good trade.

Fintech

Judge Zia Faruqui is trying to teach you crypto, one ‘SNL’ reference at a time

His decisions on major cryptocurrency cases have quoted "The Big Lebowski," "SNL," and "Dr. Strangelove." That’s because he wants you — yes, you — to read them.

The ways Zia Faruqui (right) has weighed on cases that have come before him can give lawyers clues as to what legal frameworks will pass muster.

Photo: Carolyn Van Houten/The Washington Post via Getty Images

“Cryptocurrency and related software analytics tools are ‘The wave of the future, Dude. One hundred percent electronic.’”

That’s not a quote from "The Big Lebowski" — at least, not directly. It’s a quote from a Washington, D.C., district court memorandum opinion on the role cryptocurrency analytics tools can play in government investigations. The author is Magistrate Judge Zia Faruqui.

Keep Reading Show less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol covering fintech. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.

The financial technology transformation is driving competition, creating consumer choice, and shaping the future of finance. Hear from seven fintech leaders who are reshaping the future of finance, and join the inaugural Financial Technology Association Fintech Summit to learn more.

Keep Reading Show less
FTA
The Financial Technology Association (FTA) represents industry leaders shaping the future of finance. We champion the power of technology-centered financial services and advocate for the modernization of financial regulation to support inclusion and responsible innovation.
Enterprise

AWS CEO: The cloud isn’t just about technology

As AWS preps for its annual re:Invent conference, Adam Selipsky talks product strategy, support for hybrid environments, and the value of the cloud in uncertain economic times.

Photo: Noah Berger/Getty Images for Amazon Web Services

AWS is gearing up for re:Invent, its annual cloud computing conference where announcements this year are expected to focus on its end-to-end data strategy and delivering new industry-specific services.

It will be the second re:Invent with CEO Adam Selipsky as leader of the industry’s largest cloud provider after his return last year to AWS from data visualization company Tableau Software.

Keep Reading Show less
Donna Goodison

Donna Goodison (@dgoodison) is Protocol's senior reporter focusing on enterprise infrastructure technology, from the 'Big 3' cloud computing providers to data centers. She previously covered the public cloud at CRN after 15 years as a business reporter for the Boston Herald. Based in Massachusetts, she also has worked as a Boston Globe freelancer, business reporter at the Boston Business Journal and real estate reporter at Banker & Tradesman after toiling at weekly newspapers.

Image: Protocol

We launched Protocol in February 2020 to cover the evolving power center of tech. It is with deep sadness that just under three years later, we are winding down the publication.

As of today, we will not publish any more stories. All of our newsletters, apart from our flagship, Source Code, will no longer be sent. Source Code will be published and sent for the next few weeks, but it will also close down in December.

Keep Reading Show less
Bennett Richardson

Bennett Richardson ( @bennettrich) is the president of Protocol. Prior to joining Protocol in 2019, Bennett was executive director of global strategic partnerships at POLITICO, where he led strategic growth efforts including POLITICO's European expansion in Brussels and POLITICO's creative agency POLITICO Focus during his six years with the company. Prior to POLITICO, Bennett was co-founder and CMO of Hinge, the mobile dating company recently acquired by Match Group. Bennett began his career in digital and social brand marketing working with major brands across tech, energy, and health care at leading marketing and communications agencies including Edelman and GMMB. Bennett is originally from Portland, Maine, and received his bachelor's degree from Colgate University.

Enterprise

Why large enterprises struggle to find suitable platforms for MLops

As companies expand their use of AI beyond running just a few machine learning models, and as larger enterprises go from deploying hundreds of models to thousands and even millions of models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

As companies expand their use of AI beyond running just a few machine learning models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

Photo: artpartner-images via Getty Images

On any given day, Lily AI runs hundreds of machine learning models using computer vision and natural language processing that are customized for its retail and ecommerce clients to make website product recommendations, forecast demand, and plan merchandising. But this spring when the company was in the market for a machine learning operations platform to manage its expanding model roster, it wasn’t easy to find a suitable off-the-shelf system that could handle such a large number of models in deployment while also meeting other criteria.

Some MLops platforms are not well-suited for maintaining even more than 10 machine learning models when it comes to keeping track of data, navigating their user interfaces, or reporting capabilities, Matthew Nokleby, machine learning manager for Lily AI’s product intelligence team, told Protocol earlier this year. “The duct tape starts to show,” he said.

Keep Reading Show less
Kate Kaye

Kate Kaye is an award-winning multimedia reporter digging deep and telling print, digital and audio stories. She covers AI and data for Protocol. Her reporting on AI and tech ethics issues has been published in OneZero, Fast Company, MIT Technology Review, CityLab, Ad Age and Digiday and heard on NPR. Kate is the creator of RedTailMedia.org and is the author of "Campaign '08: A Turning Point for Digital Media," a book about how the 2008 presidential campaigns used digital media and data.

Latest Stories
Bulletins