Turns out we'll all get a job at McDonald's after all, as a scammer made away with $700,000 in Solana after hacking the official McDonald's Instagram account with over 5 million followers to promote a memecoin.
The incident that happened on August 21st was well orchestrated, with the hacker taking control of both McDonald's main account and that of Guillaume Huin, the senior marketing director.
The hacker, claiming to be part of the "India_X_Kr3w", pulled off a classic "rug pull" by promoting a fake cryptocurrency called "GRIMACE" on the Solana network.
For those who don’t know, a rug pull is when crypto creators suddenly withdraw funds from a coin's liquidity pool, leaving investors with worthless tokens.
The fake GRIMACE token skyrocketed from zero to a $25 million market cap in just 30 minutes.
The crypto community was quick to notice something fishy was going on. I mean, McDonald's suddenly "experimenting on Solana" without months of corporate planning and PR buzz? That's about as likely as Ronald McDonald going vegan.
Several accounts on X shared screenshots of the McDonald’s account actively shilling the memecoin and asking if they were hacked.
The hacker didn't stop at just promoting the fake coin. They left a parting message on McDonald's Instagram, saying: "Sorry mah n--ga you have just been rug pulled by India_X_Kr3w thank you for the $700,000 in Solana."
Different accounts on X also reacted to the incident’s aftermath with a wave of memes.
ZachXBT, the crypto version of Batman, menytioned that “degen gets rug pulled by hacked McDonald’s account… has to now get fast food job.”
The post is a reference to the classic McDonald’s “crypto bros, we’re hiring” meme.
Pudgy Penguins also reacted to the news with their own McDonald’s meme.
So, how did the hacker pull off the rug? The scam was tightly orchestrated, with the first big buyers quickly spreading their tokens across several smaller wallets, all in the same block, at the same time. It's like watching a perfectly choreographed dance routine, except instead of jazz hands, we've got jazz scams.
The attacker used a total of 24 wallets in addition to the developer's wallet, all of which bought into the coin precisely at 14:40:27 UTC. They didn't waste a single second, making sure no other buyers could get in early and grab their share.
Interestingly, the developer's wallet still holds its supply and hasn't sold anything yet. Maybe they're waiting for the heat to die down, or perhaps they're just really, really patient.
As for McDonald's, they've served up a statement acknowledging the "isolated incident" and apologizing for any offensive language.
More: Coinbase's Moral Dilemma: Profiting from a Hack While Victims Await Reimbursement
This incident is just the latest in a string of meme coin scams that have been plaguing the crypto market in 2024. In a recent analysis of 1,000 tokens launched on the Base Layer 2 network, a staggering 1 in 6 turned out to be scams.
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice of this sort, HODL FM strongly recommends contacting a qualified industry professional.