The Sandbox Suffers Security Breach

Blockchain-based metaverse company – The Sandbox – warned its users about a security breach through a malware application

The Sandbox Suffers Security Breach

The Sandbox Suffers Security Breach

According to an official blog post, an unauthorized third party accessed one of the employee’s computers and used information they found to send an email pretending to be from The Sandbox. Here is his statement:

“We have blocked the employee’s accounts and access to The Sandbox, reformatted the employee’s laptop, and reset all related passwords including requiring two-factor authentication. We have not identified any further impacts.”

The Sandboх informed that the security breach, which was first identified on February 26, allowed the third party to access several email addresses to which it then sent a message falsely claiming to be from the company.

The email in question, which contained an embedded malware hyperlink, was titled “The Sandboх Game (PURELAND) Access.” This allowed an exploiter to remotely install malware on a user’s computer, take control of the computer, and gain access to the user’s personal information.

The Sandbox Suffers Security Breach

The company warned of possible phishing attacks and urged users not to click on hyperlinks or other suspicious links in phishing emails to prevent malware from being installed on their computers. It also also encouraged users to strengthen their passwords and implement two-factor authentication.

According to The Sandboх, the third party’s access was limited to a single employee’s computer, accessed through a malware application. No other services or accounts of The Sandbox were breached.

Previously, all recipients were notified by email and passwords for compromised employee accounts were reset. The team is currently monitoring the situation and working to improve related security policies and practices.

The latest development comes just days after Trezor warned users of an active phishing campaign to steal funds by tricking users into entering their wallet recovery phrases on a fake website. Its rival, Ledger, suffered a massive data breach in 2020. Perpetrators publicly leaked the personal data of over 270,000 customers.


Check out more of our latest news here

Nothing on the website ( constitutes professional and/or financial advice. All the content on the website is for informational purposes only. We have prepared all information herein from sources we believe to be accurate and reliable. However, such information is presented as is,” without warranty of any kind – whether expressed or implied. You acknowledge and agree that there are numerous risks associated with purchasing cryptocurrencies.