Arthur Madrid, co-founder and CEO of metaverse project The Sandbox, was the victim of a hack on his Twitter account on May 26, according to a post from Madrid that apparently came after he restored the account. The attacker allegedly used Madrid’s account to promote a fake “airdrop” phishing scam.
In Madrid’s post, he warned Sandbox users to “never click on any link that promotes an Airdrop or URL that looks SCAMMY – and not 100% use our correct and unique URL/domain name: http://sandbox.game.”
My Twitter was hacked today. and now it’s back. Please never click on any link that promotes Airdrop or URL that looks SCAMMY – and not 100% using our correct and unique URL/domain name: https://t.co/X3rXN9z8z7
— Arthur Madrid (@arthurmadrid) May 26, 2023
Four hours before Madrid’s post, The Sandbox’s official Twitter account also warned that a fraudster had taken control of the account and was promoting a “scam/phishing link for a fake airdrop of SAND tokens”.
The post included a screenshot of an alleged fraudulent post that advertised an airdrop of SAND and encouraged users to “check eligibility and claim on the web”, referring users to a website with a non-official URL.
The Sandbox team said they are “working to get the site up and running as soon as possible”.
⚠️ The Twitter account of our CEO and co-founder Arthur Madrid has been hacked ⚠️
Hacker posts scam/phishing link to fake SAND token drop.
⛔️DO NOT click on the link and instead report the post to get it blocked.
We are working on getting the website up and running and fixing… pic.twitter.com/sOqzAV5OUT
— The Sandbox (@TheSandboxGame) May 26, 2023
As of 20:26 UTC, the alleged scam site appears to have been taken down as it now produces a 404 error.
Related: Six Tools Hackers Use to Steal Crypto: How to Protect Wallets
Phishing attacks have become a common problem in the crypto community. On May 19, a scam as a service called “Inferno Drainer” allegedly happened. found it works on Telegram, recruiting website builders to create hundreds of these phishing scam sites. By the time it was discovered, it had allegedly stolen nearly $6 million from users.
On April 15, cybersecurity company Kaspersky announced that these types of attacks increased by 40% in 2022 compared to the previous year.
