- Hackers took over Pump.fun’s X account, promoting a fake “official” PUMP token that briefly hit a $5M market cap.
- Co-founder Alon Cohen confirmed the breach, warning users not to interact while the team works to regain access.
- ZachXBT linked the hack to similar attacks on Jupiter DAO and Dogwifhat, suggesting a possible exploit within X.
Pump.fun’s official X (formerly Twitter) account was hijacked early Wednesday, with hackers using it to promote fake tokens—including a fraudulent “official” PUMP governance token.
The post, which included an image from Pump.fun’s recent mobile app launch video, listed a Solana contract address for the scam token. Despite early warnings, the token soared past a $5M market cap before crashing.
Hackers Still in Control—Pump.fun Fighting to Regain Access
Pump.fun’s co-founder Alon Cohen quickly confirmed the hack, warning users:
“Pump.fun account has been compromised, please don’t interact.”
- As of now, the Pump.fun team has NOT regained access to the account.
- Hackers are still using the platform to promote scam tokens.
- Cohen suspects the issue came from “within X,” despite following all security best practices.
Meanwhile, pseudonymous blockchain investigator ZachXBT backed this theory, linking the Pump.fun attack to recent hacks on Jupiter DAO and Dogwifhat (WIF).
Wider Market Impact—Raydium (RAY) Takes a Hit
The hacks come at a turbulent time for the meme coin sector, with trading demand cooling off after the LIBRA scandal.
- Raydium’s RAY token plummeted 22% amid speculation that Pump.fun is launching its own automated market-making system.
- Over 8 million tokens have been launched on Pump.fun since its debut last year, but new meme coin launches have slowed.
- Cohen previously denied rumors of an official Pump.fun token, but speculation continues.
For now, Pump.fun is working to regain control of its account, but this latest breach raises serious concerns about security vulnerabilities on X—especially for major crypto projects.
