Pump.fun’s X account hacked to promote fake governance token $PUMP

0 1,977 1 minute read

Key Takeaways

Pump.fun’s X account was hacked to promote a fake governance token named ‘$PUMP.’
The crypto community quickly identified the fraudulent activity.

The official X (formerly Twitter) account of Pump.fun was compromised today, with hackers using the platform to promote a fraudulent governance token called “$PUMP.”

Blockchain investigator ZachXBT has uncovered on-chain evidence suggesting a potential link between the compromise of Pump.fund‘s X account and prior security breaches targeting Jupiter DAO and DogWifCoin’s account.

“Notably for these attacks it is likely not the fault of either the Pump Fun or Jupiter DAO teams. I suspect a threat actor is social engineering employees at X with fraudulent documents / emails or a panel is being exploited,” ZachXBT said.

On Wednesday, the hackers posted a pinned tweet claiming “$PUMP” was the “OFFICIAL pump.fun GOVERNANCE token” and promised rewards for “OG DEGENS.” The post also included a contract address.

Pump.fun's X account hacked to promote fake governance token $PUMP — Photo: @tradeducky

Members of the crypto community quickly flagged the announcement as suspicious. The fake token announcement and associated contract address were subsequently removed from the platform.

Pump.fun has confirmed the security breach and warned users to disregard the fraudulent token announcement. The platform advised users against interacting with the provided contract address while working to restore control of its X account and investigate the incident.