Central African Republic ‘CAR’ memecoin info pages plagued with phishing links

Several cryptocurrency data aggregators listing the so-called Central African Republic (CAR) memecoin have been found directing users to phishing sites, according to cybersecurity experts.

The memecoin gained global attention after the official X account of Central African Republic President Faustin-Archange Touadéra claimed the government had launched an experimental token to “unite people” and “support national development.”

The project’s X account has been suspended, and its website is down at the time of writing.

Scam Sniffer founder “Fun” told Cointelegraph that the project’s Telegram group, linked from major data providers like CoinGecko, was found to contain malicious links. After being notified by Scam Sniffer, CoinGecko promptly removed the Telegram reference.

The Telegram page in question features a fake “Safeguard” bot, which Scam Sniffer identified as a phishing tool. In December, the cybersecurity firm had already warned investors about a fraudulent Safeguard verification bot targeting crypto users on Telegram.

The Telegram group, created on Feb. 3, has around 2,000 subscribers. After initial silence, the channel posted only a vague message on Feb. 5: “ca soon.”

Phishing schemes tied to the CAR memecoin are not limited to Telegram, and malicious links have been found on several aggregators other than CoinGecko.

“Cos,” founder of the blockchain security firm SlowMist, discovered a suspicious link listed on the trading platform GMGNAI. Instead of directing users to an official site, the link led to a Linktree page that included a supposed livestream hosted on the video streaming platform Kick.

Related: Fake TRUMP and MELANIA tokens record $4.8M inflows in 24 hours

However, the Kick link directed users to a fake CAPTCHA page, which executed malicious code when interacted with, according to Cos. The same Linktree URL was also promoted in the Telegram group.

Security risks from community-controlled crypto aggregators

Many cryptocurrency data aggregators allow community members to modify token-related information, meaning the entity that launched the token may not always be responsible for the information displayed across the internet. While intended to help inform investors about projects, it also raises security concerns.

“This function should be uniformly called “community takeover,” which is available on almost every platform and can be updated with payment,” Fun said.

“The security risks here depend entirely on the review process. For example, Linktree can be normal before review, and then [relevant links can be modified] after the review is passed,” he added.

The Central African Republic memecoin announcement — posted from the X account of the president, complete with a gray checkmark reserved for government entities — has sparked responses from other supposedly official accounts.

Related: Haliey Welch, aka ‘Hawk Tuah,’ speaks out after nearly two months

An X account claiming to belong to Félix Tshisekedi, the president of the Democratic Republic of Congo (DRC), responded: “When the whole world is watching Super Bowl, African people are surviving. Hopefully crypto will help us to maintain our financial problems and give us a step for grow.”

The same account later teased a memecoin of its own. However, its handle, @sadwraciborzu, appears unrelated to the DRC or its president. Further inspection shows the account was only created in February 2025. Another verified account under Tshisekedi’s name exists on X but has remained inactive since January 2020.

While skepticism surrounding the legitimacy of the CAR memecoin grows, a Cointelegraph report found that CAR President Touadéra promoting the token is suspected of being an AI-generated deepfake.

The announcement follows the launch of a memecoin associated with US President Donald Trump. In January, onchain detective ZachXBT warned investors to be cautious of surprise memecoin launches and expressed concern that Trump’s token could set a precedent for opportunistic scams.

Magazine: Trump’s crypto ventures raise conflict of interest, insider trading questions