In a shocking cyber heist, scammers hacked into McDonald’s official Instagram account, leveraging the fast food giant’s global presence to promote a fraudulent memecoin based on its beloved mascot, Grimace. The perpetrators walked away with over $700,000 worth of Solana after successfully duping followers into investing in the sham coin.
A Sophisticated Scheme Unfolds
On August 21, the hackers took control of McDonald’s Instagram page, which boasts a massive 5.1 million followers. They quickly began posting a series of misleading promotions for a token they branded as “Grimace,” claiming it to be part of a McDonald’s experiment on the Solana blockchain. The posts were designed to look legitimate, fooling unsuspecting users into believing the memecoin was an official venture.
The attackers orchestrated the scam meticulously. According to blockchain analytics firm Bubblemaps, the hacker first utilized the Solana memecoin deployer platform, pump.fun, to acquire 75% of the Grimace token’s total circulating supply. This substantial holding was then strategically distributed across approximately 100 different wallets to create the illusion of widespread interest.
A Meteoric Rise and a Sudden Fall
Following the posts from the official account, the value of the GRIMACE memecoin skyrocketed, escalating from a negligible market capitalization to a staggering $25 million within just 30 minutes, as per DexScreener data. The surge in value drew in more investors, hoping to capitalize on what they believed was a lucrative opportunity.
However, the bubble burst almost as quickly as it had inflated. Within 40 minutes, the hacker dumped their holdings, causing the token’s value to plummet to a mere $650,000. This rapid sell-off, known as a “rug pull,” left investors in the lurch, and the hacker’s wallets were richer by approximately $700,000 in Solana.
Mocking the Victims
Adding insult to injury, the hacker edited the bio section of McDonald’s Instagram page to boast about the successful scam. The new bio taunted the victims, thanking them for the $700,000 and attributing the scam to a group named India_X_Kr3w.
McDonald’s Responds
The fraudulent posts and bio were eventually removed, and McDonald’s swiftly issued a statement to address the breach. The company confirmed that an “isolated incident” had impacted their social media accounts on August 21. They assured their followers that the issue had been resolved and expressed regret for any offensive content that had been posted during the hack.
The Aftermath
This incident underscores the vulnerabilities that even major corporations face in the digital age, where social media platforms can be weaponized by cybercriminals to execute elaborate fraud schemes. The event also serves as a stark reminder for users to exercise caution and verify the legitimacy of investment opportunities, particularly in the volatile world of cryptocurrencies.
