Arthur Madrid, the co-founder, and CEO of The Sandbox, a metaverse project, experienced a Twitter account breach on May 26. Madrid later posted a message indicating that he had regained control of the account. The hacker had purportedly used Madrid’s account to promote a deceptive “airdrop” phishing scam.
In his post, Madrid cautioned Sandbox users against clicking on any suspicious links promoting fake airdrops or URLs that do not match the official domain name (http://sandbox.game). The official Twitter account of The Sandbox had also issued a warning four hours prior, notifying users that a scammer had hijacked the account and was disseminating a phishing link for a counterfeit SAND token airdrop.
The warning post included a screenshot of the fraudulent promotion, which advertised the SAND token airdrop and urged users to check their eligibility and make claims on a website with a different URL from the legitimate one. The Sandbox team acknowledged the issue and expressed their efforts to promptly take down the scam site and rectify the situation. As of 8:26 pm UTC, the alleged scam site appears to have been deactivated, displaying a 404 error.
Phishing attacks have become increasingly prevalent within the cryptocurrency community. On May 19, a scam service known as “Inferno Drainer” was uncovered on Telegram, recruiting website builders to create numerous phishing sites. By the time it was discovered, this operation had reportedly defrauded users of nearly $6 million.
According to a report by cybersecurity firm Kaspersky on April 15, 2022, these types of attacks witnessed a 40% surge in 2022 compared to the previous year.