McDonald’s Instagram Hacked, Scammers Steal $700,000 in Solana

On August 21, McDonald’s official Instagram account was hacked. The hacked account was promoting a fraudulent meme coin called “Grimace” and the scammers made off with thousands of dollars worth of SOL. Meanwhile, new threats such as the PG_MEM malware are targeting databases managed by PostgreSQL, while the notorious MEV bot “jaredfromsubway.eth” has re-emerged with enhanced capabilities.

On August 21, McDonald’s official Instagram account was hacked and attackers managed to steal more than $700,000 in Solana (SOL) by promoting a fraud same corner Scammers took advantage of McDonald’s massive social media following of nearly 5.1 million to falsely advertise the token as a legitimate experiment by the fast food giant in the Solana Blockchain.

Screenshots shared on X revealed that hackers posted several updates about the token and used McDonald’s iconic purple mascot, Grimace, to lure investors. Blockchain analytics service Bubble maps reported that hackers initially acquired 75% of the total circulating supply of the Grimace token through a Solana meme coin implementer called Bomb.FunThey then distributed these tokens into about 100 different wallets.

DexScreener Data revealed that the fraudulent promotion caused the Grimace token’s market cap to skyrocket from a few thousand dollars to $25 million in just 30 minutes. However, the surge was short-lived as the hackers quickly got rid of their holdings.

After running the scam, the hackers edited McDonald’s Instagram bio to brag about their success. They also shared that they had made $700,000 in Solana thanks to the scam. The posts and altered bio were eventually deleted, and McDonald’s was able to regain control of their account.

Screenshot of the hacked McDonald’s account (Source: X)

In response to the incident, McDonald’s issued a statement to the The New York Postand called the attack an “isolated incident” that affected its social media accounts. The company also assured people that the issue is resolved and apologized for any offensive content that was posted during the attack.

New cryptojacking threat

It’s not just social media attacks that plague the crypto community. new malware A bug called PG_MEM has been discovered that targets PostgreSQL managed databases for installation. Cryptocurrency mining This malware poses a major threat to the more than 800,000 PostgreSQL databases worldwide, particularly those with weak passwords.

The attack begins with a brute-force attempt to find a weak password. This allows the threat actor to gain access to the database. Once inside, the attacker creates a new user with elevated privileges, downloads files from their server, and secures the system to prevent other threat actors from exploiting the same database.

The malware then connects to a mining pool and uses the database’s computing resources to mine cryptocurrency. This is known as cryptojacking. Worryingly, these types of attacks are becoming more common. In fact, there has been a 400% increase in Crypto-malware attacks in the first half of 2023 compared to the previous year.

PG_MEM attack flow (Source: Water)

PG_MEM is particularly worrying because it exploits a very common problem. vulnerability In Internet-facing databases. This vulnerability is due to weak passwords resulting from incorrect configurations and inadequate identity controls. Many organizations inadvertently expose their databases to this type of risk by connecting them to the Internet without sufficient security measures.

While cryptojacking is mostly seen as a threat, there are those who see potential in harnessing unused computing power for legitimate purposes. Companies like They will gowhich provides a decentralized cloud infrastructure, uses similar methods to offer scalable and cost-effective computing services by aggregating unused GPU capacity from data centers.

Revamped MEV bot targets DeFi protocols

The infamous maximum extractable value (MEV) botknown as “jaredfromsubway.eth”, has re-emerged with some new capabilities that allow it to execute more complex “sandwich” attacks on decentralized finance (DeFi) protocols. This bot made millions dollars through arbitrage and sandwich attacks in early 2023, but has now been enhanced with new strategies that make it even more formidable.

On August 20, the MEV tracking site EigenPhi He shared that a new MEV contract linked to the bot has emerged, which now employs sophisticated multi-layer sandwich attacks. These attacks involve scheduling transactions both before and after a victim’s transaction in order to manipulate prices and extract profits at the victim’s expense. Over the past two weeks, this new contract has been seen using a number of advanced on-chain trade compression methods.

The bot operates by exploiting vulnerabilities in DeFi protocols, especially in Uniswap V3 Pools, where multiple transactions are executed in the same block to manipulate exchange rates. This results in profits for the bot and losses for other users.

The updated bot is called “Jared 2.0” and now incorporates adding and removing liquidity on the decentralized exchange (PERFORMANCE) as part of their sandwich attacks. This new tactic complicates the analysis and monitoring of their profitability.

According to EigenPhi, the original contract address for jaredfromsubway provided Business strategies which paid out nearly $2.2 million to other bots or traders over a two-week period starting on August 1. However, activity on this contract began to decline on August 7 and eventually dropped to zero on August 14.

MEV attack volume (Source: EigenPhi)

Despite reduced activity on the original contract, the volume of sandwich attacks surpassed $17 billion in the last month alone.

Crypto whale loses $55 million in phishing scam

Meanwhile, a crypto whale lost $55 million worth of stablecoins after a phishing attack on August 20. The incident occurred when the wallet owner He unwittingly signed a malicious transactionresulting in the transfer of 55.47 million DAI to a phishing address on the Maker decentralized finance protocol.

The whale realized his mistake and tried to withdraw the funds to a new address, but this unfortunately did not work as the ownership of the wallet stablecoins had already been transferred.

Blockchain analytics firm Lookonchain quickly detected the incident and revealed that the attackers exchanged 27.5 million DAI for 10,625 ETH after establishing wallet ownership to a newly created address.

Phishing attacks They are a major threat in the crypto space. They often trick victims into signing malicious transactions or installing fake software, which then leads to the theft of digital assets.

These attacks have already caused huge financial damage in 2024, with nearly $500 million lost in the first half of the year alone. On July 3, blockchain security firm CertiK reported that $498 million had been lost due to phishing attacks.

Fortunately, some steps are being taken to combat these types of attacks. The Australian Federal Police (AFP) announced on August 4 that it was investigating losses caused by phishing scams that affected 2,000 Australian-owned digital asset wallets.

This comes after analytics firm Chainalysis discovered that these wallets had been targeted by “approval phishing” tactics. In response, the Australian Securities and Investments Commission (ASIC) reported that it removed over 5,530 fake investment platforms, 1,065 phishing links, and 615 Cryptocurrency Investment Scams from July 2023.

Source link

Disclaimer:
The information contained in this post is for general information purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the post for any purpose.
We respect the intellectual property rights of content creators. If you are the owner of any material featured on our website and have concerns about its use, please contact us. We are committed to addressing any copyright issues promptly and will remove any material within 2 days of receiving a request from the rightful owner.

Leave a Comment