A security blunder during a live broadcast allowed an attacker to seize control of a Robinhood co-founder’s digital wallet and execute a high-speed memecoin pump-and-dump, highlighting the extreme risks of seed phrase exposure and blind copy-trading.
The incident, detailed by Michael, Chief Business Officer of wallet provider TokenPocket, began when the founder’s mnemonic phrase—the 12- or 24-word recovery seed—was accidentally displayed on a livestream. The hacker, who was watching, immediately imported the wallet, gaining full access to its roughly $1.5 million in assets.
With the compromised address, the attacker started accumulating a little-known token called $1. On-chain watchers, mistaking the purchases for a legitimate move by the Robinhood founder, flooded in. Within roughly two hours, the token’s market cap rocketed from about $500,000 to $14 million, generating over $20 million in trading volume. The price then collapsed as the hacker dumped holdings, leaving late-stage buyers with heavy losses.
Robinhood’s RPC service subsequently blocked the compromised wallet, preventing any further outgoing transactions. However, the freeze could not reverse the already-executed trades. Meanwhile, the attacker shifted to the BNB Chain (BSC), issued a new token, and used wash trading—buying and selling the same asset to fake activity—to inflate volumes and cash out illicit gains.
The episode exposes a system-wide vulnerability: traders on any platform can be exploited simply by following a known wallet without verification. It also underscores the critical importance of safeguarding seed phrases, as stressed in Robinhood’s own self-custody guides. While the direct financial fallout was confined to the $1 memecoin, the manipulation tactic mirrors broader on-chain abuse; research firm Solidus Labs estimated that suspected wash trading across blockchains reached $2.57 billion in 2025. The event serves as a stark reminder that even a single moment of carelessness can ignite a destructive market cascade.