Hacks Targeting Celebrities and Big Brands Fuel Wave of Pump-and-Dump Schemes
Prominent blockchain detective ZachXBT has uncovered a hacking spree targeting popular accounts on X and Instagram, which fueled a wave of pump-and-dump schemes linked to meme coins launched on Pump.fun.
Celebrities such as musicians Usher and Wiz Khalifa, actor Dean Norris, as well as a Japanese public aquarium fell victim to these attacks.
Hacks Targeting Celebrities, Big Brands
In a detailed thread on X, ZachXBT revealed that social media account takeovers (ATOs) started in August 2024. Each incident followed a similar pattern: first, accounts were breached; then bogus tokens were promoted; and finally, the proceeds from the token sales were moved to anonymous wallets.
Most of the attacks ZachXBT documented were connected, with funds made from one operation used to deploy and snipe another fake meme coin that was shilled on a compromised social account.
High-Profile Victims
Global fast food giant McDonald’s was among the first casualties, with its Instagram account hacked and used to promote the GRIMACE token. That particular operation netted the bad actors about $690,000, which was quickly consolidated into two wallets.
Dean Norris, the actor from the hit TV show “Breaking Bad”, had his X account breached and used to promote SCHRADER, a meme coin named after a character he played in the show.
Usher, the eight-time Grammy Awards winner, had his account hacked and used to shill the USHER coin. The 110 SOL used to snipe the USHER token came from the same address that received the funds reaped from the McDonald’s attack.
Connected Operations
The money made from the USHER scam, approximately 4868 SOL, was then deposited into a wallet that was later connected to subsequent attacks on the Enoshima Aquarium and Truth Terminal creator Andy Ayrey’s social accounts.
The Enoshima Aquarium, a Japanese public aquarium, was also targeted by the attackers, who made off with an estimated 750 SOL.
Wiz Khalifa, another celebrity whose X account was hacked, was used to promote two meme coins, WIZ and WIZZLE. ZachXBT directly linked the Wiz Khalifa ATO to the Ayrey incident and another scam that took over the Instagram account of the owner of Kabosu, the famous Shiba Inu that inspired the Dogecoin branding and used it to promote the fake KAI token.
Impact and Losses
In total, unsuspecting investors reportedly lost at least $3.5 million, with social media platforms struggling to contain the damage. ZachXBT has promised to reveal the identities of those behind the compromises later today.
The scale of the hacking spree has raised concerns about the effectiveness of current cybersecurity measures, particularly in the context of social media accounts.
Conclusion
The hacking spree targeting popular celebrities and big brands has demonstrated the severity of the security threats facing social media accounts. As the crypto world continues to grow, it is crucial to stay vigilant and develop robust measures to prevent these types of attacks.
FAQs
What is a Social Media Account Takeover (ATO)?
A Social Media Account Takeover (ATO) is an incident where a hacker gains unauthorized access to a social media account and uses it to promote their own malicious activities, such as scamming or phishing.
How did the hackers breach these accounts?
The exact methods used by the hackers to breach the accounts have not been publicly disclosed, but it is believed to involve sophisticated social engineering tactics and possibly advanced hacking tools.
What is a pump-and-dump scheme?
A pump-and-dump scheme is a type of financial fraud where a group of people artificially inflate the price of a cryptocurrency or token, and then sell it, causing the price to collapse and resulting in significant financial losses for unsuspecting investors.
Who is behind the hacking spree?
As of now, the identity of those behind the hacking spree is unknown. Blockchain detective ZachXBT has promised to reveal the identities of those responsible later today.
How can individuals protect themselves from these types of attacks?
Individuals can take several steps to protect themselves from these types of attacks, including regularly changing passwords, enabling two-factor authentication, and avoiding suspicious links or attachments.
