While crypto users were busy trading on February 26, 2025, Pump.fun’s X account fell victim to hackers who quickly turned it into a scam factory. The breach happened around 15:20 UTC, with no warning emails about account changes. Just like that—compromise complete.
The hackers wasted no time. They announced a fake “PUMP” governance token, promising rewards for “OG DEGENS.” Classic bait. They even promoted another bogus token called “GPT-4.5” and—get this—threatened to delete Pump.fun’s account if their fake token hit $100M market cap. Bold move.
What’s shocking? Pump.fun had solid security. Two-factor authentication with physical keys, Google 2FA, regularly updated complex passwords stored in a secure manager, the works. Didn’t matter. The attackers got in anyway.
The financial damage was swift. Their fake PUMP token ballooned to $5 million before collapsing. One wallet extracted $600,000 minutes after the token was shared. Total take from all promoted tokens? Millions. One clever trader even pocketed $135,000 in sixty seconds by riding the price manipulation. The incident created significant market uncertainty regarding cryptocurrency security, causing widespread hesitation among institutional investors.
Pump.fun responded quickly through Telegram, warning users to ignore the compromised account. They eventually regained control and confirmed the breach was limited to X—no other systems affected. Users were specifically advised to stay away from any posts related to PUMP or GPT-4.5 tokens.
This wasn’t an isolated incident. It connects to the Jupiter DAO hack from February and the DogWifCoin X account compromise last November. Security experts suspect social engineering targeting X employees or exploitation of internal systems.
The crypto community wasn’t completely fooled. Many quickly identified the scam, and blockchain data firms flagged suspicious token activity. On-chain investigators linked it to previous compromises.
This is just another reminder of social media’s vulnerability in crypto. Despite all the security measures—physical keys, 2FA, complex passwords—accounts still get compromised. As confirmed by co-founder Alon Cohen, the account compromise represented a concerning trend in cybersecurity threats facing the crypto industry. And in crypto, a compromised account doesn’t just mean embarrassing tweets. It means empty wallets.
