Sandbox blockchain game breached to send emails linking to malware
The Sandbox blockchain game is warnings its community that a security incident caused some users to receive fraudulent emails impersonating the game, trying to infect them with malware.
The Sandbox is a blockchain-based open-world multiplayer game with over 350,000 active monthly users, offering them ways to build, own, and monetize interactive content like virtual worlds, items, and experiences.
The game’s metaverse offers players multiple ways to make money, like creating pixel art NFTs that can be sold on The Sandbox NFT Marketplace or OpenSea or earning its own native “SAND” token that can be traded on Binance and Coinbase.
According to the February 26th security incident notice, an attacker hacked an employee of The Sandbox to gain access to several email addresses belonging to the company.
Next, the attacker leveraged this access to send emails to users that appeared to come from The Sandbox, containing links to malware hosted at another site.
The firm says the intruder was limited to that single employee’s computer, and they never gained access to any other services or accounts.
Hence, the impact of the incident for each user depends on whether or not the recipients of the emails clicked on the hyperlinks and installed malware on their computers.
The game publisher says that upon discovering the breach, it quickly identified recipients of the malicious email and sent follow-up messages warning them not to open or download anything from the external website.
Meanwhile, the compromised account was blocked from The Sandbox network, all employee passwords were reset, and two-factor authentication was enforced on all accounts.
The Sandbox advises its users to do the following:
- Enable two-factor authentication to better protect their accounts and use long, unique passwords.
- Avoid clicking on hyperlinks contained in email messages.
- Keep an antivirus up to date and running on their systems.
- Consider formatting their computer if they suspect they have been infected with malware.
As the threat actor now has a list of Sandbox users, all emails from the game should be inspected to ensure that links only go to the legitimate website located at https://sandbox.game.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon using the button below
To keep up to date follow us on the below channels.