Pump.fun X account hacked to promote cryptocurrency scam

The X account of Pump.fun, a Solana-based memecoin generator, was compromised today, leading to the promotion of a fraudulent cryptocurrency scheme. The breach was used to falsely announce the launch of a supposed governance token named "PUMP," misleading users into believing it was an official asset tied to the platform.

Pump.fun, which debuted in January 2024, provides an accessible way for users to create and trade memecoins on the Solana blockchain. While its ease of use has contributed to its popularity, the platform has also attracted criticism for facilitating pump-and-dump schemes. The recent security breach adds to ongoing concerns about the risks associated with memecoin trading.

Following the account takeover, the attackers posted a deceptive message claiming that the "PUMP" token was the official governance token of Pump.fun, enticing users by promising rewards for early adopters.

"Introducing $PUMP the OFFICIAL pump.fun GOVERNANCE token, where Democracy has never been this degen. We will also be REWARDING our OG DEGENS," read the fraudulent post.

Shortly after promoting "PUMP," the hackers pivoted to another token labeled "GPT-4.5," making an unusual threat to delete the Pump.fun X account if the token’s market cap reached $100 million.

Pump.fun quickly addressed the incident through its Telegram channel, urging users to avoid engaging with the compromised account. "Our X account is compromised. Do not interact with it. We are investigating," a Pump.fun staff member posted.

The extent of the breach and the methods used by the attackers remain unclear. BleepingComputer has reached out to Pump.fun for further details regarding the security incident and will provide updates as more information becomes available.