Hackers Target The Sandbox Users via Employee Email

A hacker sent emails from The Sandbox employee’s account promoting a phishing scam.

Unknown the sandbox hacker in front of a bright futuristic sculpture.
  • Hackers breached the computer of an employee working at The Sandbox. 
  • The hackers sent emails from the compromised account claiming to be from the metaverse company. 

The Sandbox has informed users that hackers gained access to the computer of one of the employees at the company. The hackers used the information they found to send emails, falsely claiming to be from The Sandbox

However, the metaverse company has retained the breached account and promptly issued a notice to its users, sharing an account of the exploit. 


Hackers in The Sandbox?

The unauthorized third party broke into The Sandbox employee’s computer on February 26, 2023. This allowed the malicious hackers to access email addresses to which they then sent emails promoting a fake game under The Sandbox’s name. 

The hackers sent emails titled “The Sandbox Games (PURELAND) Access,” infested with hyperlinks to malware. The virus could remotely install unauthorized programs on users’ computers, granting them control over the machine and access to users’ personal information. 

However, The Sandbox has shared that hackers only accessed one employee’s computer. The company announced that a malware application could have compromised the employee’s account. The metaverse company added that the actors could not access any other services or accounts of The Sandbox


Additionally, the metaverse company asserted that hackers only retrieved the email addresses of The Sandbox users from the employee’s computer. 

How Did The Sandbox Deal with It? 

Soon after being notified of the unauthorized access, The Sandbox quickly emailed the known recipients of the hacker’s email. They informed the victims that they did not authorize the email. The Sandbox also instructed users not to click or download anything from the emails. 

Moreover, The Sandbox has shared that it has blocked the employee’s accounts and access to The Sandbox, reformatted the employee’s laptop, and reset all related passwords, including the two-factor authentication. 

The web3 leader has yet to determine any further impact; however, they are working with their team to monitor the situation and enhance their security practices. 

On the Flipside

  • According to a United Nations report, hackers stole over $3.8 billion in crypto assets in 2022. 

Why You Should Care

Hacks and breaches are common in Web3, and even giants like The Sandbox are not immune. This event highlights the importance of performing due diligence and taking necessary measures to protect oneself. 

Protect yourself and learn ways how blockchains can be hacked:
Ways Blockchain Can Be Hacked.

Read about some of the largest hacks in DeFi:
Top 5 Hacks That Rocked DeFi in 2022.

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Insha Zia

Insha Zia is a senior journalist at DailyCoin covering crypto developments, especially in the Cardano ecosystem. With a Bachelor of Science in Computer Systems Engineering, he delivers high-quality articles with his technical background and expertise in data analysis and programming languages, aiming to educate and inform readers accurately, transparently, and engagingly. Insha believes education can drive mass adoption of the crypto space, and he is committed to giving DailyCoin readers a better understanding of the technology.