McDonald’s reportedly suffered a hack of its Instagram account Wednesday (Aug. 21), with the hackers claiming they used the fast-food giant’s account to promote a fake cryptocurrency that they dubbed “GRIMACE” and pocket $700,000 from the scam.
The hackers’ posts were later deleted, the New York Post reported Wednesday.
Reached for comment by PYMNTS, McDonald’s USA provided an emailed statement saying: “We are aware of an isolated incident that impacted our social media accounts earlier today. We have resolved the issue on those accounts and apologize to our fans for any offensive language posted during that time.”
The type of scam committed by the hackers was a “rug pull” in which fraudsters typically create a fake cryptocurrency, promote it to investors on social media and other online channels, withdraw funds from a coin’s liquidity pool and then disappear, according to the report.
In the case of GRIMACE, the fake coin when from zero to $25 million in value in 30 minutes before crashing, per the report.
In commentary on the reported incident emailed to PYMNTS, Rob Hughes, chief information security officer at RSA Security, said that cybercriminals are increasingly targeting identity and crypto.
While emphasizing that it’s not known how the McDonald’s account was taken over, Hughes said that the threat actors in other data breaches in the past used stolen credentials, phished credentials or ways to evade multifactor authentication.
“Cybercriminals will typically go where the money is, and increasingly that means campaigns built around crypto,” Hughes said in his commentary. “It also means using the tactics that are likeliest to work, and that typically means targeting identity.”
In an earlier “rug pull” scam, the U.S. Attorney’s Office of the Eastern District of New York said in January 2023 that a fraudster used this method to defraud buyers of nearly $3 million in cryptocurrency.
The number and size of “rug pulls” exploded in 2021, with scammers making off with about $2.8 billion in that way that year, PYMNTS reported at the time.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More