Forensic Standards: Chain-of-custody · Verifiable on-chain trail · Regulator-ready packets
12 cases under review
1322 wallets traced this month
Free Case Evaluation →
Forensic Standards: chain-of-custody · verifiable on-chain trail · regulator-ready packets data sources: Etherscan · SlowMist · CertiK
12cases under forensic review 1322wallets traced this month Submit Wallet for Trace →

Written by

cryptoandcode

in

cac-forensics ~ trace –case CAC-2026-044 –chain bnb

Case File // CAC-2026-044 // Operator: Any Coin Capital

Liquidity Locked — For Seven Days: Anatomy of a $41,500 Any Coin Capital Presale

An engineering student in Bangalore pooled money with four friends into a token presale run by Any Coin Capital. It advertised “locked liquidity” and an “audited” contract. Both claims were technically true and practically worthless. The lock was seven days. The audit was a logo.

OperatorAny Coin Capital →
VectorICO / presale rug-pull
InstrumentPresale token + 7-day liquidity timelock
ChainBNB Chain
Reported loss$41,500 (pooled share)
Exposure window4 months
Recovered36% ($14,940)

The Entry Point

The token was hyped in a trading Telegram tied to Any Coin Capital, with allocation tiers, a countdown, and screenshots of “locked liquidity.” The group paid their tier in BNB and USDT to secure an early allocation.

Because one of them could read Solidity, they felt safe — they checked that a liquidity lock existed and that an audit badge was displayed. They did not check the parameters behind either claim.

Where It Broke

The liquidity lock was real but set to a seven-day timelock, not the twelve months implied. The Any Coin Capital team wallet held roughly 40% of supply with no vesting, and the contract owner retained mint privileges.

Two days after launch, the operators removed the liquidity pool and sold their allocation into the remaining buyers. The token went to zero in a single block of activity.

The contract said the liquidity was locked. It was — for a week. Nobody read the unlock timestamp.

The Trace

  1. Read the token contract

    We documented the owner mint function, the unvested team allocation, and the true lock-expiry timestamp — the evidence the audit badge never covered.

  2. Pinpointed the rug transaction

    We isolated the LP-removal call and the subsequent dump, establishing the exact block and the proceeds wallet.

  3. Traced the proceeds

    BNB and USDT proceeds split three ways: a self-custody hoard, an OTC desk, and a deposit to a centralized exchange.

  4. Froze the exchange leg

    The CEX deposit was actionable. We filed a trace package and the exchange restrained the balance.

  5. Negotiated the OTC portion

    Working with counsel, the desk that had unknowingly handled part of the proceeds returned a portion against documented evidence.

Outcome

36% recovered

$14,940-equivalent was recovered for the pool and distributed pro-rata among the five. The self-custodied hoard stayed out of reach and the token itself is worthless. The lesson the group asked us to publish: read the unlock timestamp, not the word “locked.”

Red Flags in the Code

  • An anonymous team holding a large, unvested supply.
  • “Audited” shown as a badge with no linked, named report.
  • A liquidity-lock claim with an unverified expiry timestamp.
  • The contract owner could mint additional tokens.
  • Presale funds sent to a personal wallet (EOA), not an escrow contract.

Recognise this pattern?

If your loss looks like this one, send us the transactions and the platform. We’ll tell you honestly whether the chain still holds a trail worth following.

Request a Forensic Review

More posts