X wants to play cop. But it’s already too late.
The platform’s head of product, Nikita Bier, announced Wednesday that X is mulling new restrictions on first-time crypto posts, including auto-locking accounts and forcing verification before users can mention digital assets. Sounds reasonable. Until you realize this announcement came days after a scammer pretending to be the veterinarian for Jonathan—a 193-year-old tortoise—faked the animal’s death to pump a Solana memecoin 6,000% in hours.
Let that sink in for a moment.
The Jonathan Scam: Peak Absurdity Meets Peak Effectiveness
Here’s what happened. Some random person created a fake X account impersonating Joe Hollins, the actual vet responsible for Jonathan’s care on the island of Saint Helena. They posted that Jonathan had died. Then they dropped a link to a Solana-based memecoin also named JONATHAN. Users bought it. The token exploded. By Thursday, when the BBC and other outlets confirmed the tortoise was alive, the coin had already collapsed.
“Jonathan the tortoise is very much alive,” said the real Hollins in a statement to The Guardian. “I believe on X the person purporting to be me is asking for crypto donations, so it’s not even an April fool joke. It’s a con.”
And here’s the thing that should terrify everyone actually paying attention to crypto: this scam worked. The coin hit a peak price reflecting a market cap in the millions. Real money moved. Real people lost it.
Will X’s New Rule Actually Stop Anything?
Look, I’ve covered tech policy for two decades. Every time a platform announces new security measures after a major incident, what they’re really saying is: “We got embarrassed. Here’s theater to make it look like we care.”
Bier himself said the new rules could “kill 99% of the incentive”—which is PR-speak for “we have no idea if this will actually work.” Auto-locking accounts mentioning crypto? Fine. But scammers don’t operate on their own accounts anymore. They hack existing ones. They impersonate verified accounts. They use bots and burner accounts faster than X can lock them down. A first-time poster restriction does nothing against a compromised account with 50,000 followers.
The real problem Bier identified in his announcement was more interesting: he blamed Google for not stopping phishing emails that give scammers access to accounts in the first place. That’s the actual vulnerability. But you can’t fix that on X. That requires coordination with email providers, better password policies, and—let’s be honest—users who don’t click suspicious links.
Who Actually Benefits From This Chaos?
Here’s where I get genuinely cynical. Every time a crypto scam explodes, it generates headlines. Headlines drive adoption curiosity. People hear “memecoin pumps 6,000%” and think, “Maybe I should look into this.” Some will lose money. Some will get lucky. But the ecosystem’s reputation gets worse, which means regulators get more pressure, which means potential restrictions, which means fewer competitors for the platforms and projects already entrenched.
X benefits from being seen as “doing something.” Solana benefits because the scam was on its blockchain—yeah, bad press, but it proves the chain works and moves money fast. The legitimate crypto projects rolling their eyes at memecoins? They quietly win because the bar for serious projects gets higher.
Everyone loses except the people running the scams—and they’re already gone by the time the rules land.
The Unspoken Truth About Crypto on Social Media
Social platforms have never solved the “move fast and verify later” problem. Twitter didn’t invent this. X didn’t either. They’ve just inherited a business model that depends on volume and engagement, not safety. A verified-credential system for crypto posts sounds good. But it’s a band-aid on a broken bone.
The real issue: crypto attracts scammers because the barrier to entry is low and the potential payoff is astronomical. Jonathan the tortoise didn’t get a memecoin because the coin was inevitable—it got one because someone realized they could impersonate a credible person and make money before getting caught. That incentive structure doesn’t change with an auto-lock feature.
Meanwhile, other social platforms aren’t even trying. TikTok, Instagram, Discord—they’re all swimming in crypto scams. At least X is making a public show of caring.
What Happens Next
Bier’s team will probably implement some version of these restrictions. It’ll help with obvious scams—maybe it catches 10% of attempts. Scammers will adapt. They’ll use older accounts, compromised accounts, accounts with followers. The cycle continues. Six months from now, there will be another absurd scam—maybe a memecoin based on a celebrity’s pet rock or something—and we’ll all remember that this was supposed to be the solution.
The tortoise scam is a perfect microcosm of everything broken about crypto adoption on social media: the technology works (the memecoin did pump), the incentives are perverse (fake death = money), and the solutions are reactive theater (new posting rules).
X is trying to lock the barn door. The horses aren’t just gone—they’ve already bought the farm.
🧬 Related Insights
- Read more: Stablecoins Hit $315B as USDC Surges and Retail Demand Collapses
- Read more: Bitcoin’s Institutional Strength Masks a Deeper Crack: Why Good Friday Could Get Ugly
Frequently Asked Questions
Can I still post about crypto on X? Yes, but X is testing restrictions that would auto-lock accounts mentioning crypto for the first time and require verification. These are still in the planning phase and may not roll out to all users immediately.
How did the Jonathan memecoin scam work? A scammer impersonated veterinarian Joe Hollins and posted that Jonathan (a 193-year-old tortoise) had died, then linked to a Solana-based memecoin named JONATHAN. The token surged 6,000% before the scam was exposed by news outlets confirming the tortoise was alive.
Will this new rule stop crypto scams on X? Probably not entirely. Bier himself admitted it could kill “99% of the incentive,” but most sophisticated scammers use hacked or verified accounts, not brand new ones. The real vulnerability is phishing emails giving scammers account access in the first place.
