On August 21, 2024, McDonald’s official Instagram account was compromised, leading to a cryptocurrency scam that netted the hackers approximately $700,000.
The attackers took advantage of the fast-food giant’s vast social media audience to promote a fake cryptocurrency named ‘GRIMACE,’ inspired by the brand’s well-known purple mascot.
The cybercriminals hijacked McDonald’s Instagram page, posting misleading messages that falsely claimed the company was giving away free cryptocurrency.
The posts contained links to a phishing website intended to steal users’ personal information and cryptocurrency wallet details. In just 30 minutes after the fraudulent promotion began, the value of the ‘GRIMACE’ token skyrocketed to $25 million.
In the cryptocurrency world, this type of scam is referred to as a ‘rug pull.’ The scammers artificially inflated the token’s value before dumping their holdings in Solana, which caused the value to crash to zero. As a result, many unsuspecting investors were left with worthless tokens and suffered significant financial losses.
McDonald’s Response
McDonald’s promptly recognized the breach and acted swiftly to reclaim control of their account. In an official statement, the company addressed the incident, stating, ‘We are aware of an isolated incident that affected our social media accounts earlier today. The issue has been resolved, and we apologize to our fans for any inappropriate content that was posted during this period.
