Developers behind Arbitrum-based Chibi Finance appeared to have stolen over $1 million worth of various tokens shortly after the protocol went live earlier on Tuesday, with funds swiftly laundered to other networks.

This was possible as Chibi developers deployed a malicious contract that allowed them to steal user funds from Chibi’s smart contracts, security firm CertiK said.

CHIBI tokens fell 98% in the hours following the rug pull, data shows. Chibi Finance called itself a yield-optimizing service, which let users deposit tokens and automatically earn rewards.

A “rug pull” is a colloquial term for a type of crypto scam that typically see the developer, or developers, gain legitimacy on social media, hype up a project and raise a significant sum of money only to drain liquidity after that project’s tokens are first offered to the public.

The stolen tokens were sold for 555 ether (ETH) and transferred from Arbitrum to Ethereum in the Asian afternoon hours on Tuesday, security firm PeckShield tweeted. These funds were then transferred to the mixing service Tornado Cash, which is used by crypto criminals to mask their transactional activity.

Chibi Finance’s Twitter profile and website were disabled and deleted after the rugpull. Elsewhere, some Crypto Twitter influencers who promoted the project to their followers deleted their posts about Chibi Finance – to community criticism.