- Cybersecurity experts expose phishing schemes tied to CAR’s viral memecoin project.
- Major crypto aggregators found linking users to fraudulent sites and malicious bots.
- Community-controlled data updates on crypto platforms raise significant security risks.
What started as a viral announcement from Central African Republic President Faustin-Archange Touadéra has quickly unraveled into a potential nightmare for crypto investors. The so-called CAR memecoin aimed to “unite people” and “support national development,” but within days, it became clear that something was off.
The project’s official X account was suspended, and its website went offline, leaving behind a trail of suspicious Telegram links and phishing scams. Scam Sniffer, a well-known cybersecurity firm, discovered malicious links embedded in the Telegram group promoted by major data aggregators like CoinGecko. The group featured a fake “Safeguard” bot—designed to phish unsuspecting users.
While CoinGecko removed the malicious link after being alerted, the Telegram group remains active. It has around 2,000 members and posts sporadic, cryptic messages like “ca soon,” adding to the growing sense of suspicion.
From Fake Captchas to Malware
The scams tied to this memecoin go far beyond Telegram. Another blockchain security expert, “Cos” from SlowMist, exposed a fraudulent link listed on GMGNAI, a trading platform. Instead of leading users to the official website, the link redirected them to a fake Linktree page, complete with a bogus livestream hosted on Kick.
But the real trap? A fake CAPTCHA page that executed malicious code as soon as someone interacted with it. According to Cos, interacting with the CAPTCHA could lead to malware downloads, putting users’ funds and personal information at serious risk.
This isn’t an isolated case either. The ability for community members to update information on token aggregator sites, while useful, opens the door to manipulation. Scam Sniffer founder “Fun” warns that many platforms allow these “community takeovers,” which can quickly be weaponized if not properly monitored.
Community Takeovers and Deepfakes: Where Reality Blurs
Adding to the chaos, another twist emerged when cybersecurity experts questioned the authenticity of the CAR President’s announcement. A Cointelegraph investigation suggested that the viral promotion of the memecoin could have been an AI-generated deepfake.
The situation escalated when a verified X account, claiming to belong to Félix Tshisekedi, President of the Democratic Republic of Congo, chimed in with support for crypto. It even teased a new memecoin of its own. However, further digging revealed that this account was likely unrelated to Tshisekedi, as it had only been created in February 2025.
While some accounts appear verified, skepticism remains high. The promotion of memecoins by seemingly legitimate figures raises questions about how far these scams can go. This incident follows closely on the heels of the controversial Trump memecoin launch, which onchain investigator ZachXBT flagged as a potential breeding ground for opportunistic scams.
The CAR memecoin story serves as a stark reminder: not everything that glitters in the crypto world is gold. For investors, staying vigilant and questioning too-good-to-be-true announcements is more crucial than ever.
