Ava Labs COO’s X account suspected as hacked after posting memecoin
Ava Labs’ chief operating officer, Luigi D’Onorio DeMeo’s X account, is suspected of being hacked after posting about a newly launched Pokémon-themed memecoin and links to suspicious airdrops.
Two of the posts on Aug. 19, which have now been deleted, shared the address to a Solana-based memecoin called Pika (PIKA) — styled after one of the media franchise’s central characters, Pikachu — in an apparent pump-and-dump scheme .
Many crypto users on X have posted warnings not to click or follow any links.
“I’m an [Avalanche] maxi, but it’s inevitable that Solana is leading this bull market,” wrote one post from Demeo’s account. “Due to the increased search for memecoins, I’m creating the $PIKA token on Solana, based on my favorite character.”
Source: Luigi D’Onorio DeMeoIt is not known how the possible attackers managed to breach DeMeo's account. Ava Labs did not immediately respond to a request for comment sent outside business hours. DeMeo did not immediately respond to a message sent via LinkedIn.
PIKA’s market cap hit a high of $388,570 shortly after the posts from DeMeo’s account at around 1:40 am UTC, but it quickly fizzled out, falling over 99% to a current market cap of $3,289, according to DEX Screener.
PIKA’s market cap saw activity surge around DeMeo’s X posts but quickly dropped. Source: DEX ScreenerDeMeo’s account has also posted links to suspicious websites claiming Ava Labs is giving away Avalanche ( AVAX ) tokens, inviting users to connect their crypto wallet. It also turned off comments to stem others' warning of the scam, claiming there was the possibility of “malicious links" being shared.
The websites are stylized to mimic Ava Labs’ design but likely host a wallet drainer that steals all the crypto in a connected wallet.
Source: Luigi D’Onorio DeMeoX account “REKTBuildr” earlier reported that a link to a different scam website was shared by DeMeo’s account, which was later taken down.
Related: Styx Stealer malware exploits Windows vulnerability to ‘clip’ crypto
They posted that the domain was registered 18 minutes before DeMeo’s account posted a link to it, estimating that it took attackers 30 minutes to register the domain, find hosting and breach DeMeo’s account to share the scam link.
Source: REKTBuildrSimilar attacks have been carried out this year. In July, the X account of actress Sydney Sweeney was hacked to promote a crypto token using her likeness.
Crypto-Sec: Weird ‘null address’ iVest hack, millions of PCs still vulnerable to ‘Sinkclose’ malware
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Abstract may support ai16z’s Eliza codebase when it launches its mainnet next January
German parliament passes Financial Market Digitalization Act
AR breaks through $16
German tokenization firm Cashlink receives cryptocurrency custody license