ZachXBT uncovered a hacking spree targeting celebrities and brands, leading to a $3.5M meme coin scam. The hackers used compromised social media accounts to promote fraudulent tokens and siphon funds into anonymous wallets.
ZachXBT, a renowned blockchain detective, has discovered a hacking spree that targeted prominent accounts on Instagram and X. This incident has fueled a wave of pump-and-dump schemes that are associated with meme coins that were launched on Pump.fun.
Celebrities including musicians Usher and Wiz Khalifa, actor Dean Norris, and a Japanese public aquarium were all victimized by these assaults.
Celebrity Meme Coin Scam
ZachXBT disclosed in a comprehensive thread on X that social media account takeovers (ATOs) commenced in August 2024. The pattern of each incident was consistent: initially, accounts were compromised; subsequently, fraudulent tokens were advertised; and lastly, the proceeds from the token sales were transferred to anonymous wallets.
ZachXBT documented that the majority of the attacks were interconnected, with funds generated from one operation being used to deploy and snipe another false meme coin that was shilled on a compromised social account.
McDonald’s, a multinational fast food corporation, was one of the initial victims, as its Instagram account was compromised and exploited to advertise the GRIMACE token. The evil actors were able to accumulate approximately $690,000 from that operation, which was promptly divided between two wallets.
Dean Norris’s X account was compromised by the perpetrators shortly thereafter, and it was utilized to promote SCHRADER. The meme coin was named after a character portrayed by the actor in the popular television series “Breaking Bad,” which was a reference to popular culture.
Operations that are interconnected
The USHER coin was marketed using the account of Usher, an eight-time Grammy Award recipient. The 110 SOL used to snipe the coin was sourced from the same address that received the funds from the McDonald’s attack.
The approximately 4868 SOL gained from the USHER scam was subsequently deposited into a wallet that was subsequently linked to subsequent assaults on the social accounts of Andy Ayrey, the creator of Truth Terminal and the Enoshima Aquarium.
The assault on Ayrey’s account was particularly audacious. Over the course of several days, the exploiters promoted six distinct meme currencies, including RNA, TRUTH, INFINITY, and WOAH. They reportedly deposited $750,000 of the over $2.1 million they generated from these tokens into a casino address.
The most recent recorded incident occurred on November 3, when Wiz Khalifa’s X account was compromised and utilized to advertise two meme coins, WIZ and WIZZLE. ZachXBT directly connected the Wiz Khalifa ATO to the Ayrey incident and another scam that hijacked the Instagram account of the proprietor of Kabosu, the renowned Shiba Inu that served as the inspiration for the Dogecoin branding, and utilized it to advertise the fabricated KAI token.
It is reported that at least $3.5 million was lost by unsuspecting investors, and social media platforms are currently grappling with the consequences. ZachXBT has pledged to disclose the identities of the individuals responsible for the compromises later today.
