According to CryptoPotato, research by blockchain security firm Hacken revealed that the majority of crypto projects rug-pulled in the third quarter of 2023 did not have audit reports. The Q3 2023 Security Insights report found that only 12 out of 78 examined rug pulls conducted and reported audits. An independent third-party audit provides a comprehensive review of a token, identifies a project's vulnerabilities, and alerts investors. Although such audits may validate a project's authenticity, they do not guarantee protection from a sudden withdrawal of liquidity.

Hacken noted that rug pulls are one of the simplest scams to prevent, as investors can understand their anatomy by taking note of certain patterns, such as the presence or absence of an audit. Some projects rug-pulled last quarter were audited but received poor scores, and users ignored the audit results, believing that the fact that the projects were audited was sufficient. For example, Magnate Finance, a lending protocol based on crypto exchange Coinbase's Base network, had an audit that warned the project's deployer could manipulate the token, but users did not heed the findings. The deployer eventually removed liquidity from LPs in multiple transactions, resulting in the second-largest rug pull of the quarter, with over $5 million stolen.

Users of decentralized crypto staking platform DeFiLabs had a similar experience. Blockchain security firm CertiK revealed in an audit that the project had a centralization risk within its contracts, but users did not raise concerns. The platform ultimately pulled the rug and disappeared with $1.4 million worth of users' assets. Hacken identified a common pattern among rug pulls, with developers of malicious projects typically following the same five steps: creating the tokens, aggressively marketing them, inflating the tokens' supply when liquidity accumulates, vanishing with drained funds, and leaving investors with worthless assets.