Back

Scam Groups Impersonate Jupiter to Distribute Fake CJUP Tokens

Severity: Medium (Score: 54.6)

Sources: Bitget, www.chaincatcher.com, Panewslab

Published: 2026-05-22 · Updated: 2026-05-22

Keywords: jupiter, fake, cjup, tokens, luring, users, scam

Summary

On May 22, 2026, reports emerged of a scam group impersonating Jupiter by airdropping fake CJUP tokens into users' wallets. This fraudulent activity aims to lure victims into connecting to phishing websites, resulting in asset theft. Monitoring by SolanaFloor and ChainCatcher confirmed the ongoing scams, which exploit the reputation of Jupiter to deceive users. The exact number of affected users is currently unknown, but the attack vector poses a significant risk to individuals holding or trading CJUP tokens. Users are advised to remain vigilant and avoid connecting to unknown websites. The situation is actively being monitored by security researchers and platforms. Key Points: • Scam groups are impersonating Jupiter to distribute fake CJUP tokens. • Users are being lured to phishing websites to steal assets. • Monitoring by SolanaFloor and ChainCatcher confirms the ongoing threat.

Detailed Analysis

**Impact** Cryptocurrency users holding Jupiter wallets are targeted by scam groups distributing fake CJUP tokens. The attack potentially affects all users within the Solana ecosystem who receive these airdropped tokens. Users connecting to fraudulent websites risk asset theft, resulting in direct financial losses. No specific geographic or sectoral data is provided. **Technical Details** The attack involves airdropping counterfeit CJUP tokens into victim wallets followed by luring users to connect to phishing websites. The scam impersonates the legitimate Jupiter platform to gain user trust. No malware, CVEs, or specific infrastructure details are mentioned. The attack occurs at the delivery and exploitation stages of the kill chain. **Recommended Response** Users and defenders should block connections to suspicious or unverified websites claiming association with Jupiter or CJUP tokens. Monitoring wallet activity for unexpected token airdrops and educating users about phishing risks are critical. No patches or specific detection signatures are provided; vigilance on wallet interactions and web traffic is advised.

Source articles (3)

  • Warning: Scam groups are impersonating Jupiter to airdrop fake CJUP tokens, luring users ... — Panewslab · 2026-05-22
    PANews reported on May 22 that, according to SolanaFloor monitoring, a fraud gang is impersonating Jupiter, airdropping fake CJUP tokens into wallets, and luring users to connect to fraudulent website…
  • Chaincatcher — www.chaincatcher.com · 2026-05-22
  • Scam group impersonates Jupiter by distributing fake CJUP tokens, luring users to connect ... — Bitget · 2026-05-22
    According to ChainCatcher, as monitored by Solana Floor, a scam group is impersonating Jupiter, airdropping fake CJUP tokens to wallets and luring users to connect to phishing websites to steal their…

Timeline

  • 2026-05-22 — Scam group impersonates Jupiter: Fraudsters are airdropping fake CJUP tokens into wallets, leading users to phishing sites.
  • 2026-05-22 — Monitoring confirms ongoing scams: ChainCatcher and SolanaFloor report on the impersonation and phishing tactics employed by the scam group.

Related entities

  • Phishing (Attack Type)
  • T1566.002 - Spearphishing Link (Mitre Attack)
  • Solana (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed