Hackers Gain Control Over Pump.fun's X Account to Peddle Fraudulent Cryptocurrency Tokens
February 26, 2025: The account of meme token factory, Pump.fun, was hacked and used to promote fraudulent tokens. Although the account was compromised, the project team managed to regain control later the same day.
ZachXBT, an on-chain investigator, connected the Pump.fun hack to recent attacks on other meme-focused projects. Additional victims included Jupiter DAO and DogWifCoin, which also saw their accounts misused for fake meme tokens. According to ZachXBT, the attacker may have employed social engineering strategies, including forged documents or phishing emails, or exploited a platform vulnerability to gain access.
Prior to the hack, Pump.fun faced accusations of siphoning off $600 million from the cryptocurrency ecosystem over the previous year and converting the funds into fiat currency.
DFarmer, a user of Pump.fun, pointed out that more than 9 million tokens have been launched on the platform, none of which have achieved a market capitalization above $500 million. Since its launch in January 2024, the platform's total revenue from fees has reached $431 million.
As Pump.fun prepares to relaunch with enhanced security measures on June 8, 2025, potential new safety features may include Automated Market Maker (AMM) options. A test token, CRACK, was recently added to an AMM pool, indicating the possible introduction of such features.
While Pump.fun has implemented measures like a fair launch process, liquidity burning mechanism, and safety features to secure their platform, ongoing issues such as rug pulls and scams remain concerns. The platform's efforts to restore assets using funds from the Cetus treasury, and focus on a fair launch process, help contribute to a safer token ecosystem. However, the need for further regulatory compliance is evident, as Pump.fun faced a blocked status in the UK due to regulatory warnings.
- The hack on Pump.fun, a meme token factory, raises concerns about the fusion of finance and technology, as hackers may target such platforms to exploit vulnerabilities.
- In the wake of the Pump.fun hack, the persistent requirement for robust cybersecurity measures in the technology-driven finance sector becomes even more evident, particularly in the decentralized autonomous organization (DAO) space.
