On August 21, 2024, McDonald’s official Instagram account was hacked, resulting in a cryptocurrency scam that made the hackers around $700,000.
The hackers exploited the fast-food giant’s massive social media following to promote a fraudulent cryptocurrency called “GRIMACE,” named after the company’s iconic purple mascot.
The cybercriminals took control of McDonald’s Instagram page and used it to post deceptive messages claiming that the company was distributing free cryptocurrency.
Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot
The posts included links to a phishing website designed to steal users’ personal information and cryptocurrency wallet details. Within just 30 minutes of the fake promotion, the value of the “GRIMACE” token surged to $25 million.
This scam is known as a “rug pull” in the cryptocurrency world. After artificially inflating the token’s value, the scammers began dumping their holdings in Solana, causing the value to plummet to nothing. This left many unsuspecting investors with worthless tokens and significant financial losses.
McDonald’s Response
McDonald’s quickly became aware of the situation and took steps to regain control of their account. In a statement, the company acknowledged the incident, saying, “We are aware of an isolated incident that impacted our social media accounts earlier today. We have resolved the issue on those accounts and apologize to our fans for any offensive language posted during that time.”
Cybersecurity experts are advising the public to be cautious of similar scams and to verify the authenticity of any offers related to digital currencies before sharing personal or financial information online.
As cryptocurrency scams become increasingly sophisticated, both individuals and organizations must remain alert to protect themselves from falling victim to such schemes.
Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Acces