McDonald’s (MCD) recently fell victim to a significant cyber attack, resulting in its official Instagram account being compromised. The hacker exploited the platform to promote a memecoin called Grimace (GRIMACE30045-USD), named after the fast-food giant’s well-known purple mascot. This cryptocurrency, which operates on the Solana blockchain, saw a brief surge in market value before plummeting as the scammers cashed out their profits.
The Incident
On Wednesday morning, McDonald’s Instagram account, which has approximately 5 million followers, was hijacked, alongside the personal Twitter account of Guillaume Huin, McDonald’s Senior Marketing Director. Both accounts began posting promotions for the Grimace memecoin, encouraging followers to invest.
Following the breach, the market capitalization of the Grimace memecoin temporarily skyrocketed to around $20 million.
However, it quickly dropped below $1 million, with the scammers presumably withdrawing their earnings. The hackers went so far as to update McDonald’s Instagram bio, boasting about the $700,000 they had fraudulently acquired.
The Scam
The hackers directed users to a platform called Pump.fun, promising significant returns on small investments in the Grimace token. They crafted the posts to appear legitimate, leveraging the association with McDonald’s mascot to gain credibility. On Huin’s Twitter, fraudulent messages claimed that Grimace token holders who shared their Instagram handles would receive a follow from McDonald’s.
“We love and appreciate all the support for Grimace,” one post read, featuring an image of Grimace with Ronald McDonald, who was depicted wearing a protective face shield.
Blockchain data analysis platform Bubblemaps revealed that the hacker likely purchased a large portion of Grimace tokens before orchestrating the hack. The analysis showed that the scammer controlled about 75% of the token’s supply just before the social media accounts were compromised. After the token’s value surged, the hacker sold off their holdings, causing the price to collapse and netting around $700,000. This type of fraudulent scheme is commonly known as a “rug pull.”
Following the successful scam, the hacker edited McDonald’s Instagram bio to brag about their deceitful activities.
McDonald’s Response
In response to the breach, McDonald’s is working closely with authorities to investigate the incident and identify those responsible. The company has also committed to strengthening its cybersecurity measures to prevent similar attacks in the future.
“We are aware of an isolated incident that impacted our social media accounts earlier today. We have resolved the issue on those accounts and apologize to our fans for any offensive language posted during that time,” McDonald’s said in a statement.