SpaceX and Starlink X Account Reportedly Compromised to Push Fake Crypto Coins

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Spread the love

The official SpaceX and Starlink accounts on X appear to have briefly promoted a fraudulent cryptocurrency after being compromised, with the scam token subsequently “rug-pulled” on unsuspecting buyers.

Multiple online reports indicate that an account calling itself “Sam Catman,” displaying a badge that falsely associated it with SpaceX’s AI initiatives, posted promotional content for a new crypto coin.

The official SpaceX and Starlink X accounts then reposted this content, lending the scam an appearance of legitimacy given their massive, verified follower base. Screenshots circulating online show the repost sitting alongside SpaceX’s routine posts about Grok AI model updates, suggesting the malicious repost was inserted directly into the account’s normal posting activity rather than through an obvious account takeover banner change.

Image Source: (International Cyber Digest)

As is typical with this style of fraud, investors who purchased the token found themselves rug-pulled shortly after — a scheme in which scammers drain a token’s liquidity pool once enough victims have bought in, leaving holders with a worthless asset and no way to recover funds. Because only the coin’s creator typically retains control of the underlying smart contract, victims are usually unable to reverse or trace their losses through the exchange itself.

This is not an isolated case. High-profile and official X accounts have repeatedly been hijacked to push fraudulent tokens, from the U.S. SEC’s account falsely announcing bitcoin ETF approval in January 2024 to BBC presenter Nick Robinson’s account being used to promote a fake Solana token called “$Today” earlier this year.

SpaceX-branded crypto scams specifically have circulated for years, including a 2021 campaign that used fake SpaceX coin promotions on YouTube to steal roughly $1 million from investors before the liquidity was pulled.

Attackers repeatedly target large, trusted brand accounts because a single post reaches millions of followers instantly, and the platform’s verification checkmark or affiliate badge creates a false sense of authenticity that lowers victims’ guard.

Compromise vectors in comparable incidents have included phishing emails mimicking platform policy notices and unauthorized access to phone numbers tied to account recovery, rather than sophisticated technical exploits.

As of now, neither SpaceX nor X has issued an official public statement confirming the scope or resolution of the compromise, and details continue to emerge from user reports.

 Strengthen Your SOC by Accelerating Threat Detection & Rapid Investigations. -> Integrate ANY.RUN With Your SOC Now.