Metaverse platform The Sandbox saw its Instagram profile hacked and used to try and rent out Bored Ape Yacht Club nonfungible tokens (NFTs) from a number of users on the social media platform.
The voxel-powered NFT platform’s profile was compromised by hackers on Thursday, promoting a fabricated raffle ticket event that touted a season 4 LAND giveaway to unsuspecting users.
The firm indicated that its two-factor authentication and other security measures had been bypassed to promote the fake giveaway. The profile’s website URL was changed, with one user claiming to have lost NFTs after clicking the fake link.
Cointelegraph managed to follow the link to the fake website — which prompts users to connect web-based wallets for a chance to win the fraudulent raffle.
In a bizarre twist, Sandbox co-founder and chief operating officer Sebastien Borget revealed that the hackers then reached out to a number of users on Instagram with Bored Ape Yacht Club profile pictures in an attempt to “rent” out the NFTs — offering 40 Ether (ETH) to use the BAYC NFTs for 24 hours.
Instagram account recovered. The hacker tried to rent Bored Apes Yacht Club NFTs – using our account. We would NEVER ask via DM and have contacted all users to notify them. https://t.co/1DRFR3JlIq pic.twitter.com/CKQWfVBTNF
— Sebastien (@borgetsebastien) September 8, 2022
According to Borget, The Sandbox managed to recover control of its Instagram account a few hours later, while stories promoting the fake giveaway were still live on the account at the time of publishing (:00 pm EST).
The NFT-powered Metaverse platform has collaborated with major brands and celebrities since its Alpha launch in November 2021. The likes of Paris Hilton and Snoop Dogg have partnered with the platform, while notable clothing retailers like Adidas launched NFTs wearables that are compatible with The Sandbox and other Metaverse platforms.
Cointelegraph has reached out to The Sandbox to confirm details of the incident and will update this article accordingly.
Read More: cointelegraph.com