Ava Labs’ chief operating officer, Luigi D’Onorio DeMeo’s X account, is suspected of being hacked after posting about a newly launched Pokémon-themed memecoin and links to suspicious airdrops. 

Two of the posts on Aug. 19, which have now been deleted, shared the address to a Solana-based memecoin called Pika (PIKA) — styled after one of the media franchise’s central characters, Pikachu — in an apparent pump-and-dump scheme .

Many crypto users on X have posted warnings not to click or follow any links. 

“I’m an [Avalanche] maxi, but it’s inevitable that Solana is leading this bull market,” wrote one post from Demeo’s account. “Due to the increased search for memecoins, I’m creating the $PIKA token on Solana, based on my favorite character.”

Ava Labs COO’s X account suspected as hacked after posting memecoin image 0 Source: Luigi D’Onorio DeMeo

It is not known how the possible attackers managed to breach DeMeo's account. Ava Labs did not immediately respond to a request for comment sent outside business hours. DeMeo did not immediately respond to a message sent via LinkedIn.

PIKA’s market cap hit a high of $388,570 shortly after the posts from DeMeo’s account at around 1:40 am UTC, but it quickly fizzled out, falling over 99% to a current market cap of $3,289, according to DEX Screener.

Ava Labs COO’s X account suspected as hacked after posting memecoin image 1 PIKA’s market cap saw activity surge around DeMeo’s X posts but quickly dropped. Source: DEX Screener

DeMeo’s account has also posted links to suspicious websites claiming Ava Labs is giving away Avalanche ( AVAX ) tokens, inviting users to connect their crypto wallet. It also turned off comments to stem others' warning of the scam, claiming there was the possibility of “malicious links" being shared.

The websites are stylized to mimic Ava Labs’ design but likely host a wallet drainer that steals all the crypto in a connected wallet.

Ava Labs COO’s X account suspected as hacked after posting memecoin image 2 Source: Luigi D’Onorio DeMeo

X account “REKTBuildr” earlier reported that a link to a different scam website was shared by DeMeo’s account, which was later taken down.

Related: Styx Stealer malware exploits Windows vulnerability to ‘clip’ crypto

They posted that the domain was registered 18 minutes before DeMeo’s account posted a link to it, estimating that it took attackers 30 minutes to register the domain, find hosting and breach DeMeo’s account to share the scam link.

Ava Labs COO’s X account suspected as hacked after posting memecoin image 3 Source: REKTBuildr

Similar attacks have been carried out this year. In July, the X account of actress Sydney Sweeney was hacked to promote a crypto token using her likeness.

Crypto-Sec: Weird ‘null address’ iVest hack, millions of PCs still vulnerable to ‘Sinkclose’ malware