Ex-Malaysian PM Mahathir’s X Account Hacked to Shill Meme Coins

Former Malaysian Prime Minister Mahathir Mohamad is the latest high-profile victim of a crypto scam, as hackers hijacked his X account to promote a fraudulent meme coin.

Yu Xian, the founder of cybersecurity firm SlowMist, revealed that Mahathir’s compromised account was used to shill a token called MALAYSIA.

注意下，马来西亚前首相 @chedetofficial 账号应该是被黑了，通过 @MistTrack_io 的分析，发现了其发布 CA 的创建者关联了历史作恶团伙。 pic.twitter.com/IjuxCjjJZe

— Cos(余弦)😶‍🌫️ (@evilcos) February 5, 2025

The fraudulent promotion led to a rapid market cap surge, peaking at $3.4 million before collapsing to a mere $153,000.

This is part of a broader trend in which scammers use the influence of political figures to create fake tokens and execute pump-and-dump schemes.

The attack mirrors previous incidents, including one involving Brazil’s former president.

Some believe these scams are linked to the Russian cybercrime syndicate Evil Corp, which is notorious for large-scale financial frauds.

MALAYSIA: The Fake Meme Coin Promoted By PM Mahathir’s X Account

Crypto scams using social media continue to rise, and the case of the MALAYSIA token is just a new of many.

Hackers took control of Mahathir’s X account and posted an announcement claiming that the coin was Malaysia’s “official cryptocurrency.”

The post read:

“Malaysia’s Official Cryptocurrency MALAYSIA is Now Live on Solana! This marks a significant milestone in showcasing the strength of our people and our nation’s presence in the digital economy. It is an honor for us to demonstrate Malaysia’s power on the global crypto network.”

Although the post was taken down within an hour, it had already done significant damage.

Data from GeckoTerminal indicates that the token’s market cap skyrocketed to $1.7 million within 15 minutes of the tweet before plummeting.

Source: GeckoTerminal

Data also suggest that the hackers behind this scam were able to steal over $1.7 million from unsuspecting investors before liquidating their holdings.

The MALAYSIA token is just one in a wave of politically themed crypto scams. Among the latest was the infamous BARRON Trump’s token scam, which occurred last month and defrauded investors of millions before crashing more than 95%.

JUST IN: A fake Barron Trump Solana meme coin $BARRON just pumped to $73 million in market cap in 7 minutes

It then rugged and dumped 99% in a matter of seconds

Cointelegraph even posted it as "the Official Barron meme" 💀 pic.twitter.com/GErmNckr2x

— BlockNews (@blocknewsdotcom) January 21, 2025

This hack looks exactly the same as the one that happened recently to Mohammed Dewji MO, a Tanzanian politician, with the hacker stealing over $1.4 from the hack.

Mohammed Dewji MO (@moodewji) launched $TANZANIA and sold it to investors, pocketing $1.48M!

He distributed 90 $SOL($18K) to 20 wallets and bought 793M $TANZANIA(79.5% of the total supply).

After accumulating his position, he shared the contract address, then offloaded all 793M… pic.twitter.com/QI269w991P

— Lookonchain (@lookonchain) February 5, 2025

Amid this increasing trend of influencer exploits, Ethereum co-founder Vitalik Buterin sounded the alarm, cautioning investors and politicians alike against such manipulative schemes.

The risk of politician coins comes from the fact that they are such a perfect bribery vehicle. If a politician issues a coin, you do not even need to send *them* any coins to give them money. Instead, you just buy and hold the coin, and this increases the value of their holdings… https://t.co/8Zkd7KcpuA

— vitalik.eth (@VitalikButerin) January 23, 2025

Beyond political figures, other major entities have been exploited for fraudulent crypto promotions.

A Wider Trend of Social Media Exploits

The Mahathir hack is not an isolated case. High-profile social media accounts continue to be prime targets for crypto scams.

Just last month, TV actor Dean Norris, widely known for playing Hank Schrader in Breaking Bad, had his X account hijacked for the second time.

Hackers used his likeness to promote a meme coin in a pump-and-dump scheme, tricking unsuspecting investors.

In fact, just today, Solana-based DEX aggregator Jupiter also suffered a security breach when its official X account was hacked to promote fraudulent meme tokens, including a fake $MEOW token.

⛔ Solana DEX aggregator @JupiterExchange fell victim to a security breach on Wednesday, with its official X account being compromised.#Solana #Hackhttps://t.co/J6LQRzrHDo

— Cryptonews.com (@cryptonews) February 6, 2025

Despite swift action from the team, the hacker continued posting scams, which caused traders to lose millions within minutes.

Jupiter’s founder, @weremeow, suggested the breach might not be a standard cyberattack, speculating that Mei, a key team member, may have been physically targeted while traveling.

However, the team assured users that Jupiter’s treasury and smart contracts remained secure.

All these incidents add to the growing exploit hackers use to steal millions annually from the crypto space.

Source: cryptonews.com