Shortly after the theft, M2 acknowledged the hack and announced that "the situation has been fully resolved". This apparently involved M2 restoring customer funds from their own assets, rather than recovering the stolen assets.
M2 cryptocurrency exchange hacked for $13.7 million
The UAE-based M2 cryptocurrency exchange was hacked for $13.7 million in bitcoin, ether, and Solana tokens. The exploiter compromised several of the exchange's hot wallets to take the funds.
Sharpei memecoin rug pulls for $3.4 million
A dog-themed memecoin project called Sharpei abruptly cashed out $3.4 million, tanking the token price by more than 96% in seconds. The project had been promoted by crypto influencers, but hit a snag when a pitch deck for the project leaked. The deck contained multiple lies, including claims to have hired multiple "KOLs" who later denied involvement, and false claims of partnerships with various platforms and projects.
As the token price stuttered along with these revelations, insiders apparently decided to quit while they were ahead, and cashed out in a quick and coordinated sale.
Almost $2 million taken from users of Telegram "Banana Gun" crypto trading bot
Some people use a Telegram-based crypto trading bot called "Banana Gun" to "snipe" crypto trades, copytrade, and perform other activities. On September 19, at least 11 victims lost around $3 million after their accounts were apparently compromised and drained.
Banana Gun acknowledged the attack on Twitter and shut down the bot. They posted that they did not believe their backend was compromised, and stated that they believed the attack occurred via a "front-end vulnerability" — though it was not clear what this might have referred to.
- "Telegram bot Banana Gun’s users drained of over $1.9M", CoinTelegraph [archive]
McDonald's Instagram hacked, hackers claim $700,000 haul
McDonald's Instagram account, as well as the Twitter account of a McDonald's marketing director, began promoting a memecoin called $GRIMACE (named for the restaurant chain's blobby purple mascot). The posts to McDonald's 5.1 million followers caused the token price to spike. Then, the attacker sold off their holdings, profiting around $700,000 and plunging the token price.
They then boasted about their haul on the compromised Instagram account, changing the bio to say: "Sorry mah nigga you have just been rug pulled by India_X_Kr3w thank you for the $700,000 in Solana 🇮🇳".
The token stunt by the massive company was perhaps made more believable by McDonald's previous forays into crypto, including when they launched a McRib-themed NFT project in December 2021. The company had also joked about a "Grimacecoin" back in January 2022, in a reply to a tweet from Elon Musk.
Trump-themed $DJT token rug-pulls, people blame Martin Shkreli or Barron Trump
Surprising just about no one, a wallet holding around 20% of the supply of the $DJT Trump-themed memecoin suddenly dumped its holdings, crashing the token price by around 90%. The token price had briefly spiked in June, when it was falsely reported that the token was "an official Trump token". However, the token's price had already dwindled since that time, and before the sudden dump.
People were quick to blame those behind the project, primarily "Pharma Bro" Martin Shkreli (who has been accused of dumping his own token before). Shkreli was quick to shift the blame to Donald Trump's youngest son, Barron, who he has also claimed is behind the token (although this has not been independently confirmed). However, the owner of the wallet that dumped its tokens is not definitively known.
Users of LI.FI protocol suffer losses of at least $10 million
Users of the cross-chain swapping API LI.FI Protocol, and of projects that build on top of it, suffered wallet drains amounting to at least $10 million (and counting). An attacker was able to exploit the users who had set infinite approvals. The protocol urged those who had interacted with several affected smart contracts to revoke permission, and warned: "Please do not interact with any LI.FI powered applications for now!"
Doja Cat's Twitter account hacked to promote meme token
The Twitter account belonging to rapper Doja Cat was compromised on July 8, tweeting to her 5.6 million followers that they should "buy $DOJA or else", and various other messages to that effect. Doja Cat quickly posted on her Instagram account to say that the Twitter account had been compromised.
The attacker appeared to have only marginal success, as the token reached a market cap of around $500,000 before collapsing by 96%.
Hackers have compromised a string of celebrity Twitter accounts to promote memecoins recently, including those of Hulk Hogan and Metallica.
50 Cent claims his accounts were compromised to promote a memecoin
50 Cent has claimed his Twitter account and website were hacked to promote a memecoin called $GUNIT. "I have no association with this crypto," the rapper wrote on Instagram.
50 Cent also claimed in the post that "Who ever did this made $300,000,000 in 30 minutes." It's not clear where 50 Cent got this number, because the token has only done $19.8 million in volume. One wallet made around $722,000 off the token, and three others also made over $100,000.
- Instagram post by 50 Cent
- $GUNIT on DEXScreener
Martin Shkreli claims to have been behind a Donald Trump memecoin
After Arkham Intelligence announced a $150,000 bounty for anyone who could prove the identity of the person behind a Donald Trump memecoin called $DJT, blockchain sleuth zachxbt quickly rose to the occasion. He submitted evidence that Martin Shkreli, the "pharma bro" who spent years in federal prison for financial fraud and who was previously known for hiking the price of an anti-malaria drug 56×, was behind the token. This wouldn't have been Shkreli's first foray into the blockchain world, after he launched a "web3 drug discovery platform", and then later dubiously claimed to have been hacked for over $450,000 after his computer was infected by a trojan after he torrented a porn video.
Shkreli attempted to frontrun the news in a Twitter space, and came out with his own claims that he had collaborated with Barron Trump to create the token, and with Andrew Tate to pump its price. However, fellow felon and memecoin pumper Roger Stone subsequently crawled out of the woodwork to claim that neither Barron nor Donald Trump was involved with $DJT.
Shkreli has yet to provide solid proof that he created the memecoin, though zachxbt's research tends to be very strong. If true, Shkreli faces potential legal repercussions, as he is still on parole after his release in 2022. The terms of his parole require him to "refrain from engaging in self-employment which involves access to client's assets, investments, or money, or solicitation of assets, investments, or money", and to make financial disclosures to the courts. Shkreli was also banned from the securities industry in 2018, as part of a settlement with the SEC.
Caitlyn Jenner launches memecoin amid deepfake confusion
Olympic athlete-turned-Trumpworld media personality Caitlyn Jenner has confused many by apparently launching a memecoin on pump.fun and heavily promoting it on her Twitter account with more than 3 million followers. Her original post featured a photo of her grasping hands with Donald Trump, with the text "make america great again!!! 🇺🇸 and we love crypto!".
At first, people widely believed her account had been hacked, given how frequently celebrity token promotions turn out to be compromised Twitter accounts. Then, she began joining Twitter spaces and posting videos about the token, but with the emergence of more and more convincing deepfakes, even those didn't convince people that it was truly Jenner behind the token.
Despite the confusion — or perhaps because of it — the token has been popular.
The token launch was linked to Sahil Arora, a person allegedly connected to multiple celebrity rug pulls and pump-and-dumps. However, Jenner quickly turned on Arora shortly after the token's launch, posting on Twitter "FUCK SAHIL! He scammed us! BIG TIME!" and that "Sahil appears to be fully out".
Jenner is not the first in her family to get mixed up with crypto. In October 2023, her stepdaughter Kim Kardashian was fined over $1 million for unlawful touting of a crypto security.