For 48 hours, cybercriminals controlled Ghanaian President John Mahama’s verified X account, using it to push a deceptive cryptocurrency project.
His spokesperson, Kwakye Ofosu, confirmed on Tuesday that the account had been restored.
The breach, which began on Saturday, became evident on Sunday when the hackers posted endorsements for “Solanafrica,” falsely claiming it was an initiative spearheaded by Mahama to enable free financial transactions across Africa via the Solana blockchain.
They urged his followers to invest, presenting the scheme as a revolutionary payment system.
Despite Mahama’s team deleting the fraudulent content, the compromised account continued posting crypto-related material, including references to a new memecoin launch.
Ofosu reassured the public that Mahama’s team had regained full control of the account and warned against believing any crypto-related messages from the handle.
The attack highlights the rising trend of crypto scams in Africa, where digital currencies thrive despite weak regulations.
Scammers frequently hijack verified accounts to promote fraudulent investment opportunities, as seen in past cases involving South African politician Julius Malema and Nigerian entrepreneur Tony Elumelu.
Cybersecurity analyst Abubakar Issaka warned that prominent figures, especially those in government, need stricter digital security measures.
He recommended enhanced backend monitoring, limited third-party access, and round-the-clock surveillance of official accounts.
Mahama later confirmed his account’s restoration, thanking those who reached out to assist.
Authorities have since taken precautionary measures to prevent similar breaches in the future.