McDonald’s Instagram hijacked in $25m Solana ‘GRIMACE’ scam

It appears that the hackers hacked into McDonald’s Instagram page on August 21, aiming to market GRIMACE, a memecoin launched on the Solana blockchain via pump.fun.

Hamburger and Solana (SOL) memecoins collided on August 21 when hackers took over the McDonald’s Instagram page; malicious actors used the global fast-food chain’s social media to promote the Solana-based GRIMACE.

McDonald’s marketing manager Guillaume Huin also launched a double-edged attack by posting about memecoin on the X page.

Hackers promoted GRIMACE as a “McDonald’s experiment on Solana,” and early investors chasing the next moonshot bought in. According to Pump.fun data, the memecoin reached a valuation of $20 million. The rapid carpet-pulling soon dropped GRIMACE to less than $1 million in market value.

A message thanking buyers for the $700,000 Solana appeared, suggesting that hackers had embezzled less than 4% of the token’s entire value. Two minutes before launch, several wallets had deposited 6.2 SOL into GRIMACE, and the McDonald’s post was published. 28 minutes later, the addresses had pocketed around $500,000 in Solana’s local currency.

The criminals deleted all McDonald’s posts promoting Solana’s memecoin GRIMACE, including Huin’s tweets about X. At press time, neither Huin nor McDonald responded to requests for comment from crypto.news or acknowledged the incident.

Pump.fun is an easy-to-use memecoin launchpad on Solana. Developers have launched 1.8 million meme-inspired tokens using the protocol. Most of the tokens have been minted, and Pump.fun has generated over $340 million in fees since its launch in January.

Tron (TRX) and SunPump (SUN) platform launched to compete with Solana and Pump.fun for a share of the vibrant memecoin issuance market. TRX-based meme ecosystem generated more revenue than Ethereum in 24 hours.