One Project to Rug Them All: How Lord of the Rings Stole $185k

In a nasty hard rug, LOR Finance stole a large sum of money by luring in players with its colorful graphics and game features. Find out how in this article.

A new project called Lords of the Ring Finance ( recently hard rugged most of its users, where they not only stole tokens staked in the platform, they pulled tokens directly from user wallets if a user approved their contract. 

How did they do it and how can we avoid situations like this in the future?

In this article, I will share what I found by digging into this rug, and give some recommendations on how we can be more prepared against similar scams in the future.

LOR’s Strategy

It is easy to understand why LOR Finance became so successful and quickly, ultimately allowing them to steal over $185,000 in BUSD in a matter of hours at the time of this writing:

1. They entered the market July 19, 2021, when Gaming NFTs on DeFI were at an all-time high, offering a Play to Earn (P2E) project with fun NFTs, interesting game play, and nice graphics. Altogether, they hit every trendy hype button people were looking for.

2. Their website design was excellent and they created several quality NFT graphics for their Marketplace. Hopefully the website ( is still up by the time you read this article, so you can see that design and a quality UI does not have any correlation to the design or quality of the underlying project. This team either hired an excellent web developer or was skilled in graphics and web design themselves and were able to create a pleasant looking and functioning UI with multiple unique NFTs in their Marketplace.

3. They listed doxxed team members which were later discovered to be fake as all the “released” LinkedIn bios were created around the same dates in June 2021. It is critical to understand how easy it is to create “doxxed” documents and that a “doxxed” dev does not mean a safe dev. A “dox” may not be a real dox at all. It takes no more than a few minutes to create a fake LinkedIn page. Always ask for actual proof of identity documents such as through KYC with a reliable provider. 

4. They listed many fake partners

Fake partners listed on the LOR website

The team at RugDoc tried to Google some of these lesser known partners, but we were unable to even find proof they existed at all. It seems that some of these logos were created with a basic design program and did not actually exist.

Again, don’t be fooled by a good looking website and graphics as people can write or design anything they want online. It’s up to you the user to figure out the truth by investigating it yourself even if these companies are real, as it is so easy to fake a logo or just claim a partnership that does not exist. Always ask for official announcements or statements regarding claimed partnerships!

5. Their Telegram Group ( was created on July 19 2021, and boasted around 13K-ish members at the time of this writing. The groups have since been muted once people suspected something was wrong. A large group does not mean a project is secure. A good rug will employ charismatic leadership to draw people in or even throw money into promoting their project through influencers and upvotes on Reddit. A team can also always just buy bots to make a group appear popular. 

6. LOR lured in users with NFTs, nice graphics, and a free loot box. LOR advertised a free loot box with NFTs inside for new users, which encouraged a contract interaction which did not ask approval to spend tokens. By creating a first “safe” contract interaction from a free giveaway, they boosted user confidence and trust in their project. It was also just great advertising! By offering new users free items and NFTs, they were encouraging people to go deeper into their game, spend more money, and sign more contracts. 

LOR free chest items and NFTs

How Did LOR Finance Rug?

LOR was able to rug via 2 contracts (both contracts are unverified, which means you can’t determine what is written inside):


LOR token transaction screen

When interacting with the LOR IDO contract, users encountered an approval similar to the screenshot above. The contract users interacted with, asked approval to spend an almost unlimited amount of BUSD from their address. This approval is similar to that encountered on most Yield Farms (which is important to keep in mind when granting approvals to ANY new contract), however, trustworthy projects generally come with the backing of solid audit results from reputable companies and all contracts are verified for the public to see.

NEVER INTERACT WITH UNVERIFIED CONTRACTS! It is a VERY easy process to verify contracts on the Explorer and when the public is unable to read the code of a smart contract, it is generally from the project trying to hide something from the public. 

Here in the IDO contract, you can see a wallet sent 50,000 BUSD to get 500,000 LOR:

Then 3 minutes later, a new wallet called the LOR IDO contract to drain the entirety of BUSD from the wallet which approved the LOR IDO contract

This caller already had 100,000-ish BUSD by the time of this writing and is poised to steal more from wallets that granted approval to this unverified rug contract.

This caller address is the address which initially stole BUSD from user wallets, with the stolen BUSD subsequently being transferred out to multiple wallets. These wallets passed the stolen funds through them and off chain.


LOR premium chest lootbox

As can be seen above, once a user interacts with the free Lootbox contract, they are shown a screen which offers them a Premium Chest for 10 BUSD which tempts the user with the chance to get randomized higher tier rewards. In purchasing one of these Premium Chests, the user is asked to give approval to the contract to spend an almost unlimited amount of BUSD again. Like the IDO contract, the LootBox contract is also unverified so we don’t know which specific function they called in the contract to drain BUSD from user wallets. It could be something as basic as a transfer or migrator function.

Example of the team calling the LootBox contract to drain a wallet:

The wallet where this contract drained funds into:

By the time of writing, this contract has successfully drained around 185K-ish USD

How Can We Avoid Scams Like This?

I’m just another anon degen out in the Wild West of DeFi, but here are some general guidelines I follow to avoid scams:


Anyone can hire a good graphics team to create a nice looking trap, and more professional, organized scam teams employ talented web developers who are able to create a pleasant interface to lure victims in. Just because a project looks like it took some effort and skill to create does NOT mean it is trustworthy!


I always stake a small amount of LP to make sure deposits are good and to verify the contract I am interacting with. You can check out this article on how to check your contract interactions ( and I recommend always double checking to make sure you are interacting with the contract you want to interact with and the contract is verified.

An unverified contract on Binance Smart Chain

If you see something like the above image when you search on the contract, GTFO. An unverified contract means ANYTHING can be inside and NO ONE knows exactly what is inside! Since it is so easy to verify contracts on most Explorers, the only reason a project will keep their contracts unverified is to prevent the public from knowing what their contract encodes…which is usually the sign of a scam waiting to happen. 


Audits are just reports of findings within the code and most audits only check for code functionality- they are not an assurance of user security. However, most audits will point out, even if the language is vague, what functions a contract contains and what permissions the team may have. Read the report thoroughly and understand the risks you’re taking.


Not everything is as bleak as it looks like, and these contracts, no matter how malicious they are, can only drain tokens a user has approved. This is why it is SO important to always check what approvals you are agreeing to when you sign a contract. 


Revoke approvals often and regularly! A rug contract can drain tokens directly from your wallet weeks or months after a rug has happened and you have long forgotten about them! Of course revoking may not be necessary if your contract approvals are only for large, established projects like PancakeSwap or SushiSwap, but I always revoke approvals when I leave newer projects, just as an added extra layer of security. Check out this article on how to revoke approvals:

Okay, that’s it from me! I hope this article helped you understand how LOR rugged and what lessons we can all learn from it to stay safer in these crazy degen farms! Make sure to stay connected with our Telegram group to stay on top of the latest DeFi news.


🟢 For owners who have made impactful changes and would like an update to their farm review:

1️⃣ Use #update at @RugDocChat with your description and proof of changes and it will be forwarded to our scanners.

2️⃣ This does not guarantee a change in your review.

3️⃣ Owners who have difficulty solving the issues can consider our Consultation Package – please contact @BaymaxCrypto on Telegram to discuss.

Our mission here at RugDoc is to screen for hard rug code that results in 100% theft of ALL underlying funds for ALL participants.

This is the ONE part of the due diligence process that most people cannot simply do on their own as it costs thousands of dollars to hire a senior solidity developer to look over a farm for safety.

A project coin with terrible code can go up in price, and a project with good code and a good team can also go down in price.

Do NOT use our ratings to refer to your likelihood in making money if you invest in the project. They are ONLY in reference to code safety.

Everything else beyond code safety is YOUR responsibility to go do research on. We just make sure the casino you’re betting in won’t rob you before you even get to place a bet.

Our reviews for projects are organized into a few colors.

🟢 Least Risk
These projects are the least likely to hard or soft rug. Usually reserved for cornerstone projects of an ecosystem where it makes no financial sense for them to rug in any manner as they make more money just being legit.

🔵 Low Risk
These projects are usually established projects in an ecosystem that have a track record of success or have KYC’d to us or other authoritative sources in the real world. As a result, it is extremely unlikely for them to soft rug or hard rug their projects. The projects can still fail and the token price can go down, but usually more as a result of natural market forces.

⚪️ Some Risk
This is the default rating for projects with unknown teams but have code that is unlikely to have hard rug risk. Since the team is unknown and doesn’t have a track record of success, it’s entirely possible that they may try to soft rug by dumping tokens, abandoning the project, etc. Even a last minute contract swap to a malicious contract is possible. The only thing that is unlikely is a complete hard rug as long as you are 100% sure you deposit into the contract we review.

🟠 Medium Risk
Similar to Some Risk, but the underlying code itself is custom enough or complex enough that it warrants an elevated risk rating that needs deeper research. Make sure you read every point presented to make sure you’re comfortable with that before entering. Still unlikely to hard rug, but more chances of custom code behaving incorrectly and causing other issues.

🔴 High Risk
Project contains code or practices that are HIGHLY LIKELY to lead to catastrophic losses as they are right now. Make sure you read the description carefully as we will always warn what these issues are. If you see the words Hard Rug anywhere in the review, STAY FAR AWAY!

⚫️ Not Eligible
We reserve the right to not review exceedingly complex projects that would require tens of thousands of dollars of senior security analyst man hours. Typically these are projects that deal with leverage, lending, options, derivatives, and anything that is overly complex and which requires tons of peer reviews and audits from top audit companies.