- Cybersecurity consultants expose phishing schemes tied to CAR’s viral memecoin challenge.
- Main crypto aggregators discovered linking customers to fraudulent websites and malicious bots.
- Group-controlled information updates on crypto platforms increase vital safety dangers.
What began as a viral announcement from Central African Republic President Faustin-Archange Touadéra has rapidly unraveled into a possible nightmare for crypto traders. The so-called CAR memecoin aimed to “unite individuals” and “help nationwide improvement,” however inside days, it grew to become clear that one thing was off.
The challenge’s official X account was suspended, and its web site went offline, forsaking a path of suspicious Telegram hyperlinks and phishing scams. Rip-off Sniffer, a well known cybersecurity agency, found malicious hyperlinks embedded within the Telegram group promoted by main information aggregators like CoinGecko. The group featured a pretend “Safeguard” bot—designed to phish unsuspecting customers.
Whereas CoinGecko eliminated the malicious hyperlink after being alerted, the Telegram group stays lively. It has round 2,000 members and posts sporadic, cryptic messages like “ca quickly,” including to the rising sense of suspicion.
From Pretend Captchas to Malware
The scams tied to this memecoin go far past Telegram. One other blockchain safety professional, “Cos” from SlowMist, uncovered a fraudulent hyperlink listed on GMGNAI, a buying and selling platform. As an alternative of main customers to the official web site, the hyperlink redirected them to a pretend Linktree web page, full with a bogus livestream hosted on Kick.
However the true entice? A pretend CAPTCHA web page that executed malicious code as quickly as somebody interacted with it. In response to Cos, interacting with the CAPTCHA might result in malware downloads, placing customers’ funds and private info at severe danger.
This isn’t an remoted case both. The power for neighborhood members to replace info on token aggregator websites, whereas helpful, opens the door to manipulation. Rip-off Sniffer founder “Enjoyable” warns that many platforms enable these “neighborhood takeovers,” which might rapidly be weaponized if not correctly monitored.
Group Takeovers and Deepfakes: The place Actuality Blurs
Including to the chaos, one other twist emerged when cybersecurity consultants questioned the authenticity of the CAR President’s announcement. A Cointelegraph investigation prompt that the viral promotion of the memecoin might have been an AI-generated deepfake.
The state of affairs escalated when a verified X account, claiming to belong to Félix Tshisekedi, President of the Democratic Republic of Congo, chimed in with help for crypto. It even teased a brand new memecoin of its personal. Nevertheless, additional digging revealed that this account was seemingly unrelated to Tshisekedi, because it had solely been created in February 2025.
Whereas some accounts seem verified, skepticism stays excessive. The promotion of memecoins by seemingly professional figures raises questions on how far these scams can go. This incident follows carefully on the heels of the controversial Trump memecoin launch, which onchain investigator ZachXBT flagged as a possible breeding floor for opportunistic scams.
The CAR memecoin story serves as a stark reminder: not every part that glitters within the crypto world is gold. For traders, staying vigilant and questioning too-good-to-be-true bulletins is extra essential than ever.