The official X social media accounts for Elon Musk’s SpaceX and its satellite internet subsidiary, Starlink, were briefly compromised early Monday to promote a fraudulent cryptocurrency scheme, netting attackers more than $135,000 before control was restored.
According to on-chain blockchain data, the hackers used the high-profile, verified accounts to amplify and retweet a newly launched memecoin named $SCATMAN, falsely claiming it was affiliated with a prominent Robinhood Chain token project. The endorsement—leveraging the credibility and massive reach of SpaceX and Starlink—rapidly inflated the token’s market capitalization to a peak of $2 million.
Immediately after the surge, the attackers executed a coordinated “rug pull,” dumping their holdings and crashing the token’s value to near zero. The primary attacker wallet liquidated 10 trillion $SCATMAN tokens for 59 ETH (approximately $108,000), while a secondary linked wallet sold 59.28 million tokens for an additional 14.7 ETH (around $27,000).
Retail investors who bought into the token during the artificial pump were left with worthless assets as the price collapsed within minutes of the dump.
Security analysts warn that this incident underscores the persistent vulnerability of high-profile corporate social media accounts. Verified profiles are increasingly targeted by cybercriminals seeking to lend instant legitimacy to sophisticated financial scams.
Neither X (formerly Twitter) nor SpaceX has issued a public statement detailing how the breach occurred. Cybersecurity experts urge organizations to strengthen digital defenses by implementing robust multi-factor authentication and strict access controls to protect brand integrity against escalating social media hijackings.
