PancakeSwap China X account hacked, CAKE holds gains
PancakeSwap warned on October 8 that its Chinese account @PancakeSwapzh was compromised and used to push a fraudulent meme coin called “Mr. Pancake.” The DEX urged users to avoid any links from that handle and said updates would come only from the main @PancakeSwap account while it works with X to restore control.
CAKE continued its upward move despite the security incident. The token climbed traded higher on the day, up roughly 6% over 24 hours and touched an intraday high near $4.50 before settling around $4.30, according to CoinGecko. Traders appeared to treat the breach as a social‑media issue rather than a protocol vulnerability.
PancakeSwap joins a growing list of major crypto brands hit by account takeovers. BNB Chain’s X account was hijacked last week to post phishing links; the team later regained access and estimated losses around $8,000, with Binance co‑founder CZ amplifying warnings.
Security experts identified human error as the main weakness. Slowmist CISO Shān Zhang said the recent surge meme‑coin activity on BNB Chain has created prime conditions for scammers, while many account controllers “have weak security awareness and are susceptible to phishing.” Kerberus CEO Alex Katz noted that attackers focus on people – community managers and developers – because exploiting individuals is easier than breaking code.
Attack methods are getting more sophisticated. AMLBot head Slava Demchuk reported a sharp rise in AI‑assisted phishing, including real‑time deepfake face spoofing tools openly sold in Telegram groups and on dark‑market forums. These tools give even inexperienced scammers access to advanced techniques.
PancakeSwap repeated standard security advice for users and teams: enable two-factor authentication, use strong and unique passwords, never share credentials, and stay cautious with direct messages and shortened links. Katz stressed that companies should enforce 2FA not tied to phone numbers to avoid SIM‑swap attack, alongside stricter role‑based permissions and hardware keys for administrators.
PancakeSwap said it's working with X to resolve the incident and will post recovery updates only from the primary @PancakeSwap handle. Users should treat any token promotions, airdrops, or links from @PancakeSwapzh as unsafe until the team confirms control has been restored.
