Hackers who seized control of the official Instagram account of McDonald’s claim that they managed to steal US $700,000 from unsuspecting investors by promoting a fake cryptocurrency.
Earlier this month, hackers promoted a worthless cryptocurrency token they dubbed “GRIMACE” to the 5.1 million people following McDonald’s Instagram account.
At the same time, tweets from the account of Guillaume Huin, McDonald’s head of social media, added credence to the unusual cryptocurrency promotion. He encouraged investors to buy the GRIMACE coin with the promise that they would receive a follow from the official McDonald’s account.
The combination of social media posts successfully helped the hackers artificially pump up the price of the coin.
According to reports, the fake GRIMACE coin rose in market capital from zero to US $25 million in just 30 minutes, before crashing when the hackers withdrew their funds and disappeared.
In a final insult, the hackers left a message on McDonald’s Instagram profile bragging that they had escaped with US $700,000 as a result of their scam.
The following day, Huin confirmed that his Twitter account had been compromised and messages posted by the scammers.
McDonald’s says that it is working with the authorities to determine how the security breach occurred and attempt to identify those responsible for the hack. Â It also apologised for some of the language used during what it referred to as an “isolated incident”:
“We are aware of an isolated incident that impacted our social media accounts earlier today. We have resolved the issue on those accounts and apologize to our fans for any offensive language posted during that time.”
To its credit, it appears that McDonald’s quickly deleted the offending messages on its official Instagram account, helping to reduce the potential number of victims.