In summary
- On Wednesday, a McDonald’s employee was hacked on the company’s social media, promoting a short-lived scam involving a Grimace-themed Solana memecoin.
- Posts on McDonald’s Instagram page and Senior Marketing Director Guillaume Huin’s Twitter account praised a new token called GRIMACE, which soared 195,000% before the token’s creators withdrew liquidity.
- The hackers changed the bio on McDonald’s Instagram account to say they had committed a rug pull and thanked Solana for the $700,000.
On Wednesday, a McDonald’s employee apparently suffered a hack on the company’s social media, allowing a short-lived scam involving a Grimace-themed Solana memecoin to be promoted on the fast food giant’s prominent public accounts.
Late Wednesday morning, posts on both McDonald’s Instagram page — which has some 5 million followers — and Senior Marketing Director Guillaume Huin’s personal Twitter account began praising a new token called GRIMACE. Solana’s memecoin was launched on Pump.fun, which seemed like an unusual choice for a $207 billion company.
On Huin’s Twitter, posts promised that GRIMACE holders who listed their Instagram accounts would soon be followed by McDonald’s.
“We love and appreciate all the support from Grimace,” one post read, accompanied by a photo of the ambiguous purple character alongside Ronald McDonald wearing a face shield.
Screenshot of the apparently hacked McDonald’s senior executive, which was deleted shortly after. Image: Decrypt
As is often seen in these meme Cryptocurrency scams linked to hacked brand or celebrity social media accounts, the price of GRIMACE skyrocketed an obscene 195,000% in a matter of minutes before the token’s deployers withdrew liquidity, instantly collapsing the token’s value to zero.
In case the shocking sequence of events left any room for ambiguity, the hackers then returned to McDonald’s Instagram account, where they changed the company’s bio to report that they had performed a “rug pull,” adding: “Thanks for the $700,000 on Solana.”
Blockchain data visualization startup Bubblemaps wrote on Twitter that the hacker apparently used numerous addresses to purchase the vast majority of tokens on Pump.fun before the price surge — roughly 75% of the supply — and then distributed them across roughly 100 wallets before selling them all for roughly $700,000.
The group of digital bandits, who appear to have called themselves “India X Kr3w,” also linked to a Telegram group in their Instagram bio. So far, they’ve only used the group to post the music video for Juicy J’s 2016 song “Blue Bentley,” in which the artist repeatedly celebrates having “just gotten paid.”
Interestingly, despite what one might consider a fair amount of red flags, the GRIMACE token accumulated over $20 million in trading volume in less than two hours.
This can sometimes happen when crypto traders, fully aware that the token is a scam, try to participate in the rug pull and get out before the token plummets to worthless value. This is an incredibly risky strategy that often backfires.
McDonald’s appears to have finally regained control of its Instagram account more than an hour after hackers first posted about the GRIMACE token. The company removed all posts related to the meme coin but did not immediately respond to Decrypt’s request for comment on the matter.
The short, lively saga underscores how easily hackers can access — and profit from — even the most protected corporate social media accounts by identifying a single weak spot in a single employee’s online security.
In recent months, hackers have used similar tactics to launch fake tokens from the accounts of Sydney Sweeney, Doja Cat and 50 Cent, among other celebrities.
Edited by Andrew Hayward
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
Crypto Keynote USA
For the Latest Crypto News, Follow ©KeynoteUSA on Twitter Or Google News.