The Fastest Crypto Scam Ever? Hacker Targets Ava Labs COO, Promotes Pokémon-Inspired Memecoin Pika (PIKA)

Pokémon, a global phenomenon that has captured the hearts of millions, has evolved from a simple video game into a cultural juggernaut, spanning TV shows, movies, trading cards, and countless merchandise.

But beware, it could be a scam!

A Pokémon-Themed Crypto Scam Unleashed

On 19 August, the X (formerly Twitter) account of Luigi D’Onorio DeMeo, Ava Labs’ Chief Operating Officer, fell victim to a severe security breach that sent shockwaves through the crypto community.

Known for his reputable position within the blockchain industry, DeMeo’s account suddenly began promoting a newly launched Pokémon-themed memecoin, Pika (PIKA), which appeared to target unsuspecting followers with links to dubious token airdrops.

The account's sudden shift in content raised immediate red flags, leading many to suspect that DeMeo's account had been compromised.

The now-deleted post shared the address of a Solana-based memecoin named after the iconic Pokémon character, Pikachu, in what appeared to be a classic pump-and-dump scheme.

This deceptive strategy, notorious within the cryptocurrency world, involves artificially inflating the value of an asset through misleading or fraudulent promotion, only for the scammers to sell off their holdings at peak prices, leaving late investors with worthless tokens.

In this case, according to DEX Screener, PIKA’s market capitalisation spiked to $388,570 shortly after the posts were made at approximately 1:40 am UTC, but the surge was short-lived.

The token’s value plummeted by over 99%, crashing to a mere $3,289 as the reality of the scam became apparent to the market.

How DeMeo's Account Was Compromised

According to DeMeo, the attackers gained access to his account through a phishing email that was carefully crafted to mimic a legitimate communication from X.

DeMeo was enjoying a day swimming with his kids in New Jersey when he checked his email and saw the phishing message.

The email, which claimed that his account had been accessed from a foreign country, prompted DeMeo to enter his password and two-factor authentication (2FA) code to secure his account.

Unbeknownst to him, this information was handed directly to the hackers, who swiftly took control of his account, which boasts over 54,600 followers.

Once in control, the hackers wasted no time in exploiting DeMeo’s high-profile presence within the crypto industry.

Other than the PIKA’s post, they used his account to post links to suspicious websites masquerading as official Ava Labs platforms, purportedly offering free Avalanche (AVAX) tokens.

These sites, designed to mimic the visual and stylistic elements of Ava Labs, likely contained wallet-draining malware, posing a significant threat to anyone who connected their crypto wallet.

The deceptive nature of these sites, coupled with the credibility of DeMeo’s account, made the scam particularly dangerous.

The Community's Rapid Response and Security Concerns

The crypto community on X quickly mobilised to warn others about the suspicious activity.

Numerous users posted alerts, advising their followers not to click on any links or engage with the content from DeMeo’s account.

Notably, the account had turned off comments, a move that only fueled suspicions as it prevented users from warning others directly under the posts.

The possibility of "malicious links" being shared was cited as the reason for disabling comments, but it was clear to most that this was the work of the hackers attempting to silence the voices of caution.

One vigilant X user, operating under the handle “REKTBuildr,” provided critical insights into the situation.

They reported that a link to a different scam website was shared by DeMeo’s account before being taken down.

What was particularly alarming was the speed and precision with which the hackers operated — the domain for the scam website was registered just 18 minutes before the link was posted.

The attackers managed to secure the domain, find hosting, and breach DeMeo’s account within just 30 minutes.

This rapid and highly organised effort demonstrated their intent to exploit the account swiftly before their deceit could be detected.

A Growing Trend of Social Media Hacks

This incident with DeMeo’s account is not an isolated case; it is part of a growing trend of social media hacks targeting prominent figures both within and outside the cryptocurrency space.

In July, the X account of actress Sydney Sweeney was similarly hijacked to promote a cryptocurrency token using her likeness.

These incidents highlight the evolving tactics of cybercriminals who are increasingly targeting social media accounts with large followings to perpetrate their schemes.

The breach of DeMeo’s account serves as a stark reminder of the importance of cybersecurity, especially for individuals in influential positions within the crypto industry.

With platforms like Pump.fun and Makenow.meme making it easy for anyone to create memecoins, the need for vigilance is more pressing than ever.

As the fallout from this incident continues, it reflects the need for heightened vigilance among all users — whether they are seasoned professionals or newcomers to the digital asset space.

The speed and sophistication of this attack have sent a clear message – in the world of cryptocurrency, where fortunes can be made and lost in an instant, security must be the top priority.

For the Pokémon fans, as of now, there are no officially released cryptocurrencies or NFTs.

Any such offerings are either scams or self-initiated projects with no official backing. Do not fall into any trap.

Pokémon TCG Pocket's October Launch

Meanwhile, Pokemon TCG Pocket, the virtual pack-opening app for the Pokemon Trading Card Game, is set to launch on October 30, 2024, for iOS and Android.

Announced in February, it offers a dynamic way to collect, trade, and battle with Pokémon cards in a digital space.

The app will feature two free packs daily, with additional packs available for purchase.

The latest trailer unveiled an impressive Mewtwo ex card, highlighting the app's enhanced artwork and immersive gameplay.

Pre-registration is available now, prepping fans for immediate access to their first free packs upon release.