Wired magazine reporter: An elaborate crypto scam, and I became the unwitting fall guy
TechFlow Selected TechFlow Selected
Wired magazine reporter: An elaborate crypto scam, and I became the unwitting fall guy
This type of cryptocurrency investment scam, which uses false information to "pump and dump," is all too common—I just never thought I'd end up getting caught in one.
Navigating Web3 tides with focused insightsText by: Joel Khalili
Translated by: Luffy, Foresight News
It was a cold February morning. At 7:30 a.m., groggy and bleary-eyed after my alarm went off, I already sensed something was wrong—the light from notification alerts had illuminated my phone. As my eyes adjusted, I began going through the messages.
"Congratulations, you scammed the wrong person," read a message from an anonymous sender on my personal Telegram account. "You have 10 minutes to return the $2,800 you stole from me." He attached a cryptocurrency wallet address.
Confused, I scoured my messages, emails, and social media accounts. The situation quickly became clear: someone had hijacked my X account and used it to promote a fake "Wired cryptocurrency." As people bought the token, its price rose, allowing the scammer to cash out while investors lost everything. Those who lost money were furious.
On X, I found a torrent of angry abuse directed at me, including various racial slurs from people apparently unfamiliar with world geography. "No one has beaten you up at your workplace yet, you maggot," wrote one X user. "You long-nosed, thin-lipped bastard," said another. "I hope you get hit by a car," someone else commented.
Other users tried reporting my alleged misconduct to my employer: "Your guy is scamming people here," one wrote on X, tagging Wired’s official account.
While these messages were unpleasant, there were few direct threats beyond the anonymous Telegram user. "I’m gathering extensive information about you—your address, relatives and friends at University College London [my alma mater]," they said. "If I don’t receive the refund, I’ll make your life hell."
By 9 a.m., I was still in bed avoiding the chaos, laptop resting on my outstretched legs. I contacted my editor, manager, and security team at Wired, explained what had happened, and asked for help. I also messaged my partner, who replied: "Oh, damn!!!"
This type of "pump-and-dump" crypto investment scam based on false information is common—I just never thought I’d be caught up in one.
"This is a very common attack method. The goal is a simple pump-and-dump to cash out," said Phil Larratt, head of investigations at blockchain analysis firm Chainalysis, which helped Wired analyze how this scam operated. "To do that, they need visibility—that’s why they hacked your account."
This year alone, several public figures have had their X accounts compromised to promote cryptocurrency pump-and-dump schemes. Accounts belonging to BBC journalists, UK and Argentine politicians, and even the former vice president of the Philippines have all been used to push fraudulent cryptocurrencies. Previously, accounts of Joe Biden, Barack Obama, and Bill Gates were also hijacked for similar crypto scams.
Theoretically, the greater the influence of an X account, the higher the potential payoff from a pump-and-dump scheme, as more people are likely to buy the promoted cryptocurrency. I rarely tweet and have fewer than 2,800 followers, making me an unlikely target. But to scammers, I was still valuable—likely seen as a trusted authority among crypto journalists.
"The more exposure during the pump phase, the more investors are likely to believe the hype and buy in—ultimately getting stuck holding the bag when the scammers dump," said John Powers, president of private investigation firm Hudson Intelligence.
X did not respond to requests for comment.
Although cryptocurrencies have long been used in pump-and-dump scams, the emergence of meme coin launch platforms has made such operations easier by allowing anyone to create a cryptocurrency instantly and cheaply. In my case, the scammer used Pump.fun, currently the largest such platform, to mint a cryptocurrency branded as Wired's.
"Many tokens launched on Pump.fun are used in pump-and-dumps. When bad actors combine pump-and-dumps with hacking X accounts, they can potentially profit handsomely if executed well," Larratt said.
Troy Gravitt, a spokesperson for Pump.fun, said in a statement to Wired: "We continuously invest in ensuring platform safety for users. When we detect fraud reports—such as scams involving hackers using compromised X accounts to promote tokens—we remove those tokens from our front end to reduce potential harm to unsuspecting users."
Despite frequent occurrences of meme coin pump-and-dump scams, investors continue flooding into meme coins. "Meme coin appreciation often happens early—shortly after launch," Powers said. "There's a chance you could buy in at the right moment and make big gains... Timing is everything. For many, project legitimacy is secondary."
I realized my X account had been taken over on February 17—the day before the fake Wired cryptocurrency launch. "Have I Been Pwned," a service helping users check if their data appeared in breaches or hacks, showed my X credentials had previously been sold on a hacker forum—offering a possible explanation for the breach. Crucially, I hadn’t enabled two-factor authentication, meaning the scammer only needed my password to take control.
Because the scammer changed my recovery email, I had to go through a long and difficult account recovery process via X, meaning I couldn’t immediately regain access. By the next morning, it was too late. Transaction data analysis showed the scammer behind my X account created the Wired token at 1:20 a.m. that day.
When someone creates a cryptocurrency on Pump.fun, they issue one billion tokens into circulation and usually buy some themselves at a symbolic price. According to Powers and Chainalysis, in this case, the scammer used the wallet that issued the token to purchase around 5% of the total supply, then immediately acquired more via two additional wallets once trading began. They used these auxiliary wallets to hide their true holdings from the investing public. "You can buy some of your own tokens. But if you buy too much, no one else will—they’ll see it’s suspicious," Larratt said.
In total, the scammer controlled approximately 12% of the circulating Wired tokens—a large enough share that dumping would crash the price.
At 1:23 a.m., the scammer began promoting the cryptocurrency on my X account; other users’ posts indicated they even live-streamed on Spaces. Although they later deleted various posts—and by the time I woke up, the posts were gone—screenshots captured by other X users revealed the fabricated scam narrative.
Over the previous weekend, Argentine President Javier Milei had been embroiled in a scandal involving a cryptocurrency called "Libra" (Milei denies any wrongdoing). The scammer claimed on X that Wired was launching its own cryptocurrency tied to the Milei incident. "I spoke with the person behind 'Libra'... This might be the most interesting story I’ve ever written. He walked me through the setup, process, and cash-out strategy—and we even launched our own meme coin to show how easy it is," the scammer posted on my X account.
In the following minutes, human traders and bots programmed to snap up newly launched cryptocurrencies started investing. As they bought in, the token’s price began rising. At 1:36 a.m.—16 minutes after trading started—the meme coin reached a peak valuation of $300,000. Then the scammer began dumping.
On the Raydium exchange, they flooded the market through a series of rapid transactions, earning an estimated $8,000 to $10,000, analysts say. By 1:45 a.m., the Wired token was nearly worthless.
"Compared to other pump-and-dump scams we've seen, they didn't make a huge amount. But in just 20 minutes, they may have earned five times their initial investment," Larratt said.
By 2 a.m., the proceeds from selling the Wired token were transferred through a chain of interconnected accounts into another wallet. According to Chainalysis, this wallet may be linked to a cryptocurrency exchange service where the funds were mixed with hundreds of thousands of dollars’ worth of crypto from other unknown sources.
On February 19 and 24, that wallet deposited a total of $110,000 worth of cryptocurrency into Binance.
After that, the trail went cold. Although most cryptocurrency exchanges are required to record account holder identities under regulations in most jurisdictions, they typically won’t disclose them unless requested by authorities.
"We do not disclose account holder identities to the media out of respect for our law enforcement colleagues, to preserve the integrity of ongoing investigations, and to prevent misidentification of innocent users," Binance said.
Larratt previously told Wired that criminals often use "money mules" (individuals hired to move illicit funds) or stolen identity documents to open exchange accounts—meaning identifying an account holder doesn’t necessarily identify the scammer.
In the days following the Wired meme coin pump-and-dump, I continued receiving messages from people who believed I had scammed them. As before, the most explicit threats came from the anonymous Telegram user.
"If you think I'm joking, you're dead wrong," they wrote in one message, threatening to report me to Wired’s management. "You really think you can get away with this?" they added in another.
Though I suspected these threats were bluffs, they remained unsettling. To reduce the chances of someone tracking me down, I signed up for a service promising to erase fragments of my personal data from the web. I also contacted friends and family who had received indirect threats and reported the harassment to local police.
A week later, after I posted an explanation on my X account detailing what had happened, the abuse and threats stopped.
In the meantime, people keep pouring into the uncertain world of meme coins. Third-party data shows that meme coin launch platform Pump.fun earns $1–2 million daily by charging 1% of transaction volume as fees.
On April 14, the anonymous Telegram user who threatened me posted two screenshots on X, flaunting massive profits from recent meme coin trades. "We’re so stupid," he wrote—the phrase being a self-deprecating term commonly used by memecoin traders to boast about their risk-taking. He ended the post with an emoji of an eye filled with dollar signs.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
@WIRED
