The Solana-based memecoin Launchpad Pump.fun’s X account has been hacked and used to promote fake cryptocurrencies, including an “official” PUMP governance token. On-chain investigators suspect the hack is linked to other X account compromises.

Related Reading

Pump.Fun Hackers Launch PUMP Memecoin

On Wednesday, Pump.fun’s official X account was compromised, with hackers promoting different tokens during the incident. The account started to post different contract addresses (CA) for various memecoins before deleting them.

The hackers initially shared the contact address of PUMP, the “official Pump.fun governance token,” stating that “democracy has never been this degen” and that they would be rewarding their “OG DEGENS.”

The crypto community quickly identified the memecoin as a scam and alerted other users of the potential account compromise.

Blockchain data firm Bubblemaps warned users of the fake memecoin, explaining that PUMP was “heavily bundled and will dump,” as 60% of the token’s supply was held in two clusters.

Meanwhile, Pump.fun’s founder, Alon Cohen, confirmed the X hack and asked the community not to interact with it or any links shared until it was recovered.

According to on-chain investigator Dethective, the hackers extracted around $600,000 from the token minutes after sharing the memecoin. The crypto sleuth explained that their strategy consisted of posting the CA of a bundled scam token and deleting it after rugging investors.

Besides the fake PUMP token, the malicious actor promoted OG, Extract Protocol (EXAI), and Pump.fun Hacked (HACKED), extracting around $90,000 from these memecoins. Dethective noted that some investors continue to buy the tokens after the hackers repeatedly rugged the previous ones, with the last token hitting a $1.5 million market capitalization at the top.

The malicious actors asked the crypto community whether they should create a “legit token on Pump.fun” and call it “Hackeddotfun.” They “promised” to pump the memecoin to a market capitalization of $100 million, assuring it wouldn’t “be a bundle” and would be launched through the platform before deleting the posts.

Pump.Fun Hack Linked To Jupiter’s X Compromise?

Renowned on-chain detective ZachXBT revealed the Pump.fun compromise is “directly connected on-chain” to the Jupiter DAO and DogWifcoin compromises from February 2025 and November 2024, respectively.

On his Telegram channel, the internet sleuth suggested that the attacks are “likely not the fault of either the Pump.fun or Jupiter teams.” Instead, Zach suspects a threat actor is “social engineering employees at X with fraudulent documents/emails or a panel is being exploited.”

Wu blockchain shared GMGN data revealing that only one Pump.fun memecoin had a market value above $1 million yesterday. The post detailed that several tokens hit the $1 million barrier but quickly experienced a sharp drop.

Related Reading

Following the TRUMP and MELANIA memecoins and the recent Libra token controversy, investors have expressed exhaustion from the continued memecoin scams deployed via the Solana-based launchpad.

Some community members called the hack “the nail on the meme coin coffin,” as sentiment surrounding the sector’s “memecoin fiesta” is at its lowest point this cycle.

At the time of this writing, Pump.fun’s team has regained access to the account and stated they will continue to monitor the situation as “the attack that led to this compromise is unknown, but it’s unlikely that the team is at fault.”

Featured Image from Unsplash.com, Chart from TradingView.com