Fast-food giant McDonald’s Instagram account was hacked on Thursday, which cost fans dearly. The McDonald’s Instagram hack was orchestrated on August 22, 2024, when crypto scammers exploited the platform to promote a fraudulent crypto scheme named “GRIMACE”, McDonald’s iconic purple mascot. The hackers claimed to have netted $700,000 after the hack.
The hackers used the hijacked Instagram account to post deceptive messages claiming the company was distributing free cryptocurrency. This tactic, known as social engineering, preys on unsuspecting users by exploiting brand trust and the allure of a quick financial windfall.
The fraudulent messages included links to malicious websites designed to steal personal and financial information, or trick users into investing in the fictitious GRIMACE coin.
While the full extent of the damage remains unclear, McDonald’s has acknowledged the incident and confirmed they have regained control of their Instagram account. In a statement to the New York Post, the company said, “We are aware of an isolated incident that impacted our social media accounts earlier today. We have resolved the issue on those accounts and apologize to our fans for any offensive language posted during that time.”
However, the incident raises serious questions about social media security and the vulnerability of even major corporations to cyberattacks.
How did Hackers Lure Victims?
On Thursday morning, suspicious posts promoting a new cryptocurrency called “grimace” started appearing on two key online platforms. The first was McDonald’s official Instagram page, which boasts a massive following of around 5 million users. The second platform was the personal Twitter account of Guillaume Huin, a senior marketing director at McDonald’s.
The posts on both platforms encouraged users to invest in the grimace token through a website called Pump.fun. The hackers promised significant returns for users who invested relatively small amounts of money.
To make the posts appear legitimate, the hackers cleverly leveraged the association between Grimace, the purple McDonald’s mascot, and the brand itself. This added a layer of credibility to the scam.
On Huin’s Twitter account specifically, the fraudulent posts promised that anyone holding the GRIMACE token and sharing their Instagram handle would be followed by McDonald’s. One post even included an image featuring Grimace next to Ronald McDonald, the iconic clown mascot, with Ronald sporting a protective face shield.
Hackers Claim Netting $700,000
According to blockchain data analysis platform Bubblemaps. the hacker behind the scam may have purchased a significant amount of the grimace token themselves before the price surge. Data suggests that just before the McDonald’s social media accounts were compromised, the hacker controlled roughly 75 per cent of the total GRIMACE tokens in circulation.
Once the price of the token skyrocketed due to the social media promotion, the hacker appears to have sold all their holdings. This caused the value of the grimace token to plummet, netting the hacker around $700,000 in the process. This type of pump-and-dump scheme is known in the cryptocurrency world as a “rug pull.”
Shortly after the cyberattack, the hackers even updated the McDonald’s Instagram bio to thank followers for the $700,000 they had fraudulently collected.
The use of a fake cryptocurrency in this attack highlights the growing trend of crypto scams targeting social media users. The volatile nature of the cryptocurrency market, coupled with the anonymity it offers, makes it a breeding ground for fraudsters.
This incident serves as a stark reminder for everyone to exercise caution when encountering unsolicited cryptocurrency offers, especially those originating from seemingly legitimate sources.