- Hackers took over Pump.fun’s X account, promoting a fake governance token called “$PUMP.”
- The team confirmed the breach, warning users not to interact with the fraudulent contract address.
- ZachXBT linked the hack to prior attacks on Jupiter DAO and DogWifCoin, suggesting possible social engineering at X.
Pump.fun’s official X (formerly Twitter) account was hijacked today, with hackers using it to promote a fraudulent governance token called “$PUMP.”
The attackers pinned a tweet, claiming $PUMP was the “OFFICIAL” governance token and promising rewards for “OG DEGENS.” They even shared a contract address, attempting to lure in unsuspecting traders.
Crypto Community Calls Out the Scam—Tweet Gets Deleted
It didn’t take long for crypto users to flag the post as suspicious. The fake token announcement, along with its contract address, was quickly removed from the platform.
- Pump.fun confirmed the breach, warning users not to engage with the fraudulent token.
- The team is working to regain control of their X account and investigate the incident.
- Users were urged to avoid interacting with the contract address while security measures are being reinforced.
ZachXBT Traces Hack to Prior Attacks on Jupiter DAO & DogWifCoin
Blockchain sleuth ZachXBT uncovered on-chain evidence linking this hack to previous attacks on Jupiter DAO and DogWifCoin’s accounts.
- He suspects the attackers are using social engineering, possibly tricking X employees with fake documents or exploiting internal admin panels.
- This may not be the fault of Pump.fun or Jupiter DAO teams, but rather a broader security vulnerability at X itself.
- The pattern suggests a coordinated effort, targeting crypto-related accounts with growing influence.
For now, Pump.fun is scrambling to lock things down, but this latest breach raises serious concerns about security on X—especially for crypto projects.
