Sandbox, a blockchain-based platform, faced a security breach that allowed threat actors to gain access to email addresses of users.
Threat actors used the information to send emails falsely claiming to be from The Sandbox. Emails, titled “The Sandbox Game (PURELAND) Access” included hyperlinks which may have the ability to remotely install malware on a user’s computer, the company said in a blog post.
Malware attached to these emails could then be used to access personal information and compromise the security on targeted systems.
While the breach was limited to the computer of one employee, and occurred through a malware application, the company said it has contacted known recipients of the email informing them about the unauthorised message.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
However, since threat actors have a list of Sandbox users’ emails, the company has advised users to implement two-factor-authentication on their accounts and avoid clicking on hyperlinks in emails they suspect to be illegitimate.
The Sandbox is a blockchain based open world multiplayer gaming platform with over 350,000 active monthly users. The platform describes itself as a “community-driven platform where creators can monetize voxel ASSETS and gaming experiences on the blockchain”.
The Sandbox game’s metaverse allows players to monetise their offerings by creating pixel art and NFTs which can be sold on The Sandbox NFT Marketplace or OpenSea. Users can also trade native “SAND” tokens on Binance and Coinbase.