PancakeSwap Chinese X Account Hacked to Promote Scam Meme Coin; CAKE Token Price Gains Amid Incident

Executive Summary

PancakeSwap's official Chinese X account was compromised on October 8, 2025, promoting a fraudulent "Mr. Pancake" meme coin, yet its native CAKE token saw an unexpected price increase amid the incident.

The Event in Detail

On October 8, 2025, PancakeSwap, a prominent decentralized exchange on the BNB Chain, confirmed that its official Chinese-language X account (@PancakeSwapzh) had been compromised via a targeted phishing attack. The attackers leveraged the compromised account to promote a fraudulent meme coin, interchangeably referred to as "Mr. Pancake" or "Sir Pancake." This scam involved deceptive posts advertising phony airdrops and "official" token launches, directing users to imposter websites that mimicked PancakeSwap's legitimate platform, often using subtle domain swaps (e.g., replacing "i" with "l").

Upon connecting their cryptocurrency wallets to these fraudulent sites, victims’ funds were instantly drained through malicious smart contract approvals. The scam token managed to generate over $20 million in trading volume before the deception was fully exposed. While PancakeSwap stated that no user funds or platform assets were directly affected on its core platform, some individual traders reported losses ranging from $8,000 to $13,000 from the scam. The PancakeSwap team responded by deleting the malicious posts, issuing warnings from its main X account (@PancakeSwap), and initiating a full investigation, reassuring users that all funds on the main platform remained secure while committing to strengthening account security measures.

Market Implications

Despite the significant security breach, PancakeSwap's native CAKE token exhibited a counter-intuitive market reaction. Following the news of the hack, CAKE gained between 6.4% and 16% in 24 hours, reaching an intraday high of $4.52. This resilience contrasts with the inherent risks highlighted by the incident, suggesting a market that, for CAKE specifically, remained largely unperturbed by the social media compromise itself, focusing instead on broader market dynamics or underlying platform fundamentals.

The incident, however, underscores a persistent vulnerability across the cryptocurrency ecosystem, particularly for official social media channels. It follows a similar compromise of BNB Chain's X account just a week prior, prompting warnings from Binance co-founder Changpeng 'CZ' Zhao. This pattern indicates that "Binance-related projects," as noted by industry observers, have become frequent targets, leading to cautious market sentiment regarding the security of official communication channels for crypto projects.

Expert Commentary

Industry experts have weighed in on the increasing frequency of such attacks. Shān Zhang, Chief Information Security Officer at blockchain security firm Slowmist, observed that "The BNB meme coin market is very hot these days," making it a lucrative target for scammers. Zhang attributed the prevalence of social media hacks to "weak security awareness" among many account controllers and their susceptibility to "phishing attacks."

Lisa, Security Operations Lead at SlowMist, emphasized the necessity for heightened user vigilance, stating, "Users must be informed, skeptical, and security-minded at all times." Further, Yu Xian, CEO of SlowMist, highlighted emerging sophisticated tactics, including new scam methods involving fake Zoom software and "frighteningly real" AI deepfakes used to deceive victims. Arda Akartuna, Lead Crypto Threat Researcher at Elliptic, underscored the escalating nature of the threat: "Criminals are scaling their operations with AI. So we are also scaling our tools to fight back."

Broader Context and Security Landscape

The PancakeSwap hack is indicative of a broader trend where high-profile social media accounts are targeted to perpetrate financial fraud within the crypto space. Precedents include the compromise of FC Barcelona's Instagram account to promote a fraudulent $FCB token and a similar incident involving Disney's Instagram in October 2025. These attacks exploit the credibility of established entities to execute pump-and-dump schemes.

The proliferation of AI deepfakes has significantly fueled a new wave of sophisticated scams. The 2025 Anti-Scam Research Report indicates global losses to crypto scams surged to $4.6 billion in 2024, with Chainalysis reporting figures as high as $9.9 billion for the same year. In the first quarter of 2025 alone, at least 87 AI-driven scam rings were dismantled, employing synthetic videos, fake video calls, and deepfake impersonations. Criminals are also using cross-chain bridges and obfuscation tools to launder stolen funds, complicating recovery efforts.

In response to these escalating threats, platforms are bolstering their defenses. PancakeSwap Infinity, for instance, has strategically partnered with Hexens, a Web3 cybersecurity company, to conduct rigorous multi-layered audits of its smart contracts, aiming to normalize robust DeFi security practices. Additionally, the adoption of decentralized identity architectures, such as Verifiable Credentials, is being explored as a method to mitigate fraud. These solutions enable cryptographically tamper-proof digital credentials bound to individuals, incorporating biometrics to counter phishing, synthetic identities, and deepfakes, offering a more secure and cost-effective authentication and fraud prevention framework for the digital economy.