ARTICLE AD BOX
TLDR
- Former Fortnite pro player Serpent allegedly involved in $3.5M memecoin scams through hacked social media accounts
- Investigation by ZachXBT linked wallet addresses associated with Serpent to multiple high-profile account takeovers
- Compromised accounts included McDonald’s, Usher, Wiz Khalifa, and others
- Serpent previously posed as a cybersecurity analyst and founded threat mitigation system Sentinel
- Investigation suggests stolen funds were used for online gambling
A former professional Fortnite player known as Serpent has been linked to cryptocurrency scams totaling approximately $3.5 million through a series of high-profile social media account takeovers, according to blockchain investigator ZachXBT.
The investigation, published on November 27, 2023, revealed that wallet addresses connected to Serpent showed direct ties to multiple compromised social media accounts, including those belonging to McDonald’s, singer Usher, and rapper Wiz Khalifa.
Serpent, who was previously expelled from the esports organization “Overtime” in June 2020 for alleged cheating, had recently presented himself as a cybersecurity analyst and founded a threat mitigation system called Sentinel.
The alleged scam operation utilized the Pump.fun platform to create and promote memecoins through the compromised accounts. These tokens were then allegedly used to defraud cryptocurrency investors who believed they were participating in legitimate token launches endorsed by well-known brands and celebrities.
ZachXBT’s investigation tracked a series of related compromises across both X (formerly Twitter) and Instagram platforms. The compromised accounts included not only celebrities but also the account of Kabosu’s owner (the dog featured in the Doge meme) and various other high-profile users.
1/ An investigation into how the threat actor Serpent went from a pro Fortnite player to helping steal $3.5M via meme coin scams launched from 9+ account compromises on X & IG and gambling the proceeds away at online casinos. https://t.co/zR6QtuQW8a pic.twitter.com/Y8ovnEnQgj
— ZachXBT (@zachxbt) November 27, 2024
According to the blockchain sleuth’s findings, a wallet address associated with Serpent’s project called “ERROR” demonstrated direct connections to multiple account takeovers. This project was itself allegedly a “rug pull,” a term used in cryptocurrency circles to describe schemes where developers abandon a project and take investors’ funds.
The investigation uncovered evidence suggesting that proceeds from the scams were being used for online gambling. ZachXBT reported finding recordings of gambling sessions where deposit and withdrawal addresses showed high exposure to addresses involved in the account takeovers.
Before these allegations came to light, Serpent had positioned himself as a defender against crypto scams. In 2022, he published a guide warning users about common cryptocurrency scam tactics, including the very methods he is now accused of employing: fake websites, hacked verified accounts, phishing attempts, and fraudulent airdrops.
The blockchain security firm SlowMist had previously noted Serpent’s public warnings about vulnerabilities in Google ads during 2022, adding another layer of complexity to his alleged role in these scams.
Following the publication of the initial investigation on November 26, Serpent reportedly began deleting all posts from his new X account, raising further questions about his involvement in the alleged schemes.
The compromised accounts were used across multiple platforms, suggesting a sophisticated operation that targeted both individual celebrities and major corporations. The scope of the operation extended beyond simple account takeovers to include the creation and promotion of fraudulent cryptocurrency tokens.
Each compromised account was allegedly used to promote specific memecoin launches on the Pump.fun platform, leading to substantial financial losses for investors who trusted the seemingly legitimate endorsements.
The investigation also revealed connections between various wallet addresses that formed a pattern of activity linking the compromised accounts to specific cryptocurrency transactions and gambling activities.
Technical analysis of the blockchain transactions showed how funds moved between different addresses, creating a trail that connected the various components of the alleged scam operation.
Authorities have not yet announced any formal charges or legal actions related to these allegations as of the investigation’s publication date.
This case has added to the growing list of social media account compromises being used for cryptocurrency fraud, with the alleged involvement of a former gaming professional bringing additional attention to the issue.