A hacker compromised the @SpaceXAI and @Starlink X accounts on Thursday and used the reach to push a freshly minted memecoin called $SCATMAN. On-chain data shows the attacker minted 10 trillion $SCATMAN tokens and immediately sold the entire supply for roughly 59 ETH (about $108,000). A second wallet linked to the same operator offloaded another 59.28 million $SCATMAN for about 14.7 ETH ($27,000), bringing the haul to roughly $125,000 before the token collapsed.
The hijack fits a familiar pattern. Compromised high-follower X accounts, especially anything brand-adjacent to Elon Musk's ecosystem, are routinely repurposed to shill low-liquidity memecoins. The economics are short: a credible-looking timeline briefly funnels retail flow into a token with no exit liquidity beyond the deployer, who mints, dumps, and moves the ETH through mixers within minutes. By the time the account posts are flagged and removed, the funds are usually already laundered.
The two attacker wallets (0xfee50d4ce48f2d05f520ce04c875647e4870a8ba and 0xdd9f6d3e16ebda7f35cb694ceadb50af3eebba89) are now publicly tagged. Anyone who bought $SCATMAN in the window between promotion and takedown is sitting on a worthless token. Account-takeover scams of this size rarely yield refunds; the practical defense is treating any token promoted from a high-profile account as compromised by default and waiting for an on-the-record confirmation from the brand before clicking through.
Frequently asked questions
-
What is the $SCATMAN token?
$SCATMAN was a short-lived memecoin deployed on Ethereum by a hacker who compromised the @SpaceXAI and @Starlink X accounts. The token had no real utility and was designed to be dumped on buyers during the brief window the hijacked accounts were promoting it.
-
How much did the hacker make from the $SCATMAN scam?
On-chain data shows the operator netted roughly $125,000 across two linked wallets. The primary wallet sold 10 trillion $SCATMAN for about 59 ETH ($108K), and a second wallet sold another 59.28 million $SCATMAN for around 14.7 ETH ($27K).
-
Which X accounts were compromised in the $SCATMAN hack?
The hacker took over @SpaceXAI and @Starlink, both X accounts tied to Elon Musk's SpaceX ecosystem. The accounts were used to promote $SCATMAN to their combined followers before the posts were removed.
-
Can victims of the $SCATMAN scam get a refund?
Account-takeover memecoin scams almost never result in refunds. The deployer typically mints, dumps, and moves the ETH through mixers within minutes, leaving buyers holding a worthless token once the promotion posts are taken down.
-
How can users avoid this type of X account-takeover scam?
Treat any token promotion from a high-profile account as compromised by default. Wait for an on-the-record confirmation from the brand, check the token contract on a block explorer, and never buy a token purely because a familiar account name is shilling it.
Lookonchain