The Mechanics of Pump-and-Dump Schemes

Pump-and-dump schemes have become increasingly prevalent in the cryptocurrency market, particularly with the rise of easy-to-use platforms for coin creation. These scams typically involve the deliberate inflation of a coin’s value through misleading promotions, only for the scammer to sell off their holdings once the price has risen, leaving investors at a loss.

A Case Study

An incident involving a hacked social media account illustrates how scammers exploit the trust factor associated with prominent figures in the crypto community. A reporter, who tweets infrequently and has a modest following of fewer than 2,800, found their account compromised. This vulnerability arose in part from prior exposure of their credentials on hacking forums.

According to John Powers, president of Hudson Intelligence, “The greater exposure during the pump, the more likely it is that multiple investors will buy into the messaging and buy into the eventual dump of the coin.” Such tactics underscore how scammers target perceived authorities to amplify their fraudulent schemes.

The Role of Launchpads

The emergence of launchpad platforms such as Pump.Fun has made it easier for anyone to create and promote new cryptocurrencies at no cost. In this particular case, the scammer employed Pump.Fun to mint a fraudulent coin branded with a well-known entity. These platforms can inadvertently facilitate scams by enabling rapid coin creation without sufficient checks in place.

Troy Gravitt, a spokesperson for Pump.Fun, stated, “We continue to invest in making the platform safe for users. When we find allegations of fraud, such as hacked X accounts shilling token scams, we’re able to delist those tokens from our front end to mitigate any threat they might pose to unsuspecting users.”

Investor Behavior and Market Risks

Despite the high risks associated with memecoins, many investors continue to engage heavily in this area. Powers notes, “A lot of the appreciation of value in memecoins occurs very early in the process, soon after launch. There’s this chance you might get in at the right moment and make a killing… Timing is everything.” This mindset can lead to a dangerous disregard for the legitimacy of the offerings.

How Accounts Are Compromised

The compromised account was taken over on February 17, just a day before the fraudulent coin’s launch. The timing of this event highlights the vulnerability of social media accounts lacking two-factor authentication. As a result, the original account owner faced significant challenges in regaining access, allowing the scammer to initiate the fraudulent coin’s creation undetected.

On the morning of the coin’s creation, transaction data revealed that the scammer had minted the fraudulent WIRED token and purchased a sizable quantity—around 5% of the total supply—using the same wallet established for the coin.

Concealment Tactics

The scammer, in an effort to obfuscate their activities, moved portions of the acquired coins to secondary wallets immediately after trading began. This tactic is common, as Powers and Chainalysis highlight that such maneuvers are frequently used to disguise the true extent of holdings from potential investors. “You can buy a certain amount of your own token. But if you buy a lot, nobody is going to buy in because it’s very suspicious,” Larratt remarked.