CertiK Freezes $160k Stolen In Merlin DEX Insider Rug Pull

1. WHO was/is affected? Users of Merlin DEX, a decentralized exchange built on zkSync, were directly affected by this incident. The rugpull impacted investors and liquidity providers who had funds in the platform, resulting in collective losses of $1.8 million. 2. WHAT happened? A rogue insider at Merlin DEX conducted a rugpull, essentially stealing user funds from the platform. While the total loss amounted to $1.8 million, blockchain security firm CertiK was able to intercept and freeze approximately $160,000 of the stolen funds, potentially allowing for partial recovery. 3. HOW it happened, and how can the viewer prevent themselves from getting scammed? This incident occurred through malicious action by someone with internal access to the Merlin DEX platform. Unlike external hacks, insider rugpulls involve authorized individuals abusing their privileges. Users can protect themselves by: conducting thorough research on project team members and their backgrounds; diversifying investments across multiple platforms; using hardware wallets for long-term holdings; and watching for warning signs like anonymous teams or unrealistic promises. 4. WHY this happened? Was this common to greed, or what potentially led up to this? Financial greed was likely the primary motivator for this insider rugpull. The perpetrator exploited their position of trust within the Merlin DEX ecosystem to misappropriate user funds. The DeFi space often presents opportunities for substantial financial gain with limited regulatory oversight, creating temptation for bad actors. 5. WHERE are people affected? The impact primarily affected users globally who had deposited funds into Merlin DEX. As a decentralized exchange, Merlin would have had users from various geographical locations who trusted the platform with their digital assets.