- Posts, phone numbers, emails, and contact information called “Arvind” have been released on the post.
- Zachxbt says attackers have collected Gokal’s information using social engineering.
- Meta removed the post after 90 minutes after the account was damaged.
Raj Gokal’s personal data, co -founder of Solana, was leaked by the compromise of the official Instagram account of the rapper Migos.
The hacking held on May 25, 2025 includes Gokal, including a passport and a driver’s license, and his wife’s ID document.
The attackers demanded a ransom for 40 bitcoin and began to release the content after the demand was not met.
The case has raised a wide range of concerns about the potential of personal data exposure related to data security, social engineering and extensive industrial violations.
Hacker posted KYC image and contact information
The damaged Instagram account posted at least seven photos including Gokal’s personal information, including photos with passports. The other was, “It was only 40 BTC.
Some posts marked the phone number and email address, while one image showed a person identified only by “Arvind” and raised additional concerns about the degree of data theft.
Posts were displayed for about 90 minutes before removing the META guy and taking measures to regain account control.
In this window, the telegram link was shared on Migos’s changed bio, promoting memes coins and promoting unpublished music tracks.
Suspicious tactics and previous warnings
Blockchain Investigator ZACHXBT suggested that attackers have been targeting Gokal using social engineering tactics last week.
He noted that hackers attempted to rob their funds using personal identification information (PII) acquired before the online assault.
ZACHXBT previously said in Twitter X that “they tried to rob him with the funds of PII.” “He didn’t pay, so he started trolling after compromising his Migos Instagram account today.”
Gokal has already warned his followers a few days before the incident.
In X’s post, he warned that unknown attackers tried to access his email, Apple ID, Google account and other digital assets.
He warned the user to avoid suspicious links or funds for funding in his name.
Questions about coinbase links and data origin have been raised.
Due to the characteristics of the leaked image, some analysts generally believed that they knew the customer (KYC) verification file used to identify the encryption platform.
This assumption has been speculated that Gokal’s data may be related to the recent leakage of Coinbase data.
In early May, Coinbase said the security incident had an influence of about 1%of monthly active users. The hackers said the exchange demanded $ 20 million in ransom.
There is no payment, but the fear has grown that the attacker may have access to the user KYC document, including photos used for self -verification.
One analyst said, “If you have KYC for Solana’s founders, you have KYC of everyone who used the platform.”
This is 10 times worse than ordinary KYC leaks.
Despite the guess, there is no proven evidence that directly connects Gokal’s data leakage to the coinbase violation.
META and Gokal have not yet published official statements about this incident, and the exact source of damaged information has not been confirmed.
Meta faces pressure as the infringement of encryption -related accounts increases.
This event is added to a list of famous social media violations related to encryption fraud.
Bad actors intercepted the proven accounts for celebrities and influential people, secretly put fraudulent tokens, and often left losses that could often be repeated to the victims.
In this case, however, the attackers seem to have emphasized the evolutionary tactics used for encryption target cyber attacks by combining public humiliation and promotion and robbery.
Using the damaged Instagram account of a popular public person to leak sensitive data, urgently asks an urgent question about a platform, such as a meta on how to solve these violations.
The overall scope of information leakage is not known, including whether it is affected by other Solana team members.
Users of the encryption community must maintain warnings in light of these developments, monitor digital accounts, and practice enhanced cyber security hygiene.