Michaela
The official X account of Pump.fun, the Solana-based token launch platform, has been compromised, with hackers using it to promote a fraudulent governance token called “PUMP.” This breach marks the latest in a series of cybersecurity threats targeting the crypto industry, raising concerns over social media security and investor protection.
In a February 26 X post, Alon Cohen, co-founder of Pump.fun, confirmed that the platform’s official X account has been threatened. Cohen further urged users to refrain from engaging with it.
Blockchain investigator ZachXBT also cautioned users to avoid the page and refrain from clicking on any links it shared.
The blockchain analyst linked the recent Pump.fun X account hack to previous security breaches, including the Jupiter DAO hack in February 2025 and the DogWifCoin X account compromise in November 2024. He noted that neither the Pump.fun nor Jupiter teams were likely responsible for the attacks.
“I suspect a threat actor is social engineering employees at X with fraudulent documents/emails or a panel is being exploited,” ZachXBT wrote.
Later on the same day, Pump.fun announced that it had successfully regained full access. In a statement addressed to users, the platform confirmed that, based on the information available, the compromise was restricted solely to the X account and did not extend to other systems or assets.
“The security protocols taken by the team to secure the X account were thorough, relied on industry best-practices, and focused on minimizing the risk of such an event occurring. The attack that led to this compromise is unknown,” the account wrote.
Pump.fun further clarified that no confirmation emails were received regarding changes to the account’s email, password, delegation settings, or two-factor authentication (2FA) during the breach.
Typically, platforms notify account holders of such critical modifications via email, raising questions about how the compromise occurred without triggering standard security alerts.
Pump.fun disclosed that at the time of the X account hack, access was restricted to a single authorized individual. The platform emphasized that this user did not click on, interact with, or engage with any suspicious links. This raised further uncertainty about how the breach occurred.
“We will continue to monitor the situation and analyze any scenarios that could have taken place and report if there are any updates,” Pump.fun wrote.
The crypto industry is facing a rising wave of security threats, with social media platforms becoming a prime target for hackers. Cybercriminals are hijacking official accounts of crypto projects to promote scam tokens, exploiting the trust of their followers to lure unsuspecting investors.
These attacks often involve phishing schemes, compromised credentials, or SIM-swapping techniques, allowing hackers to spread fraudulent links and fake token launches. The trend highlights the urgent need for stronger security measures, as even well-established platforms struggle to prevent these breaches.
As scams grow more sophisticated, users must remain vigilant by verifying information and avoiding interactions with suspicious posts to shield themselves from financial loss.
Read More
- Pump.fun Denies Token Launch Amid Legal Challenges and Speculation
- Few Traders See Big Gains as Pump.fun Revenue Nears $400 Million
- Pump.fun Under Fire as Livestreams are Exploited for Disturbing Content
Michaela has no crypto positions and does not hold any crypto assets. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.
