Cybercriminals Exploit Celebrity Instagram to Expose Solana Executive's Private Information

Cybercriminals hijacked rapper Migos' Instagram account to publicly release sensitive personal data belonging to Solana co-founder Raj Gokal, including passport and Know Your Customer (KYC) documents, as part of a bitcoin extortion scheme demanding 40 BTC payment.

Gokal had previously warned followers about ongoing attempts by hackers to infiltrate his Google, social media, and Apple accounts approximately one week before the breach. Instagram removed the malicious post from Migos' account nearly sixty minutes after the attackers published Gokal's and his family's confidential information.

The incident highlights growing security vulnerabilities facing cryptocurrency executives, who increasingly become targets for sophisticated social engineering attacks and extortion campaigns.

Extortion Campaign Escalates After Payment Refusal

The attackers posted Gokal's passport and identification photographs with the provocative caption "you should have paid the 40 BTC," suggesting they had previously attempted to extort the Solana executive but were refused payment.

Blockchain investigator ZachXBT confirmed on X that Gokal's personal accounts were likely compromised through social engineering techniques, with attackers subsequently attempting to extort funds using the obtained personal information. Following Gokal's reported refusal to comply with payment demands, the hackers escalated their campaign by publicly releasing sensitive data through the compromised celebrity Instagram account.

The leaked information included driver's licenses, passports, and phone numbers belonging to both Gokal and his wife, with photographs appearing to originate from KYC verification submissions typically required by financial services platforms.

Cryptocurrency Industry Faces Mounting Security Challenges

This incident occurs alongside other significant security breaches affecting the cryptocurrency sector. Coinbase recently disclosed a substantial data breach affecting at least 69,461 customers, representing less than one percent of the exchange's monthly active users.

The breach, which began on December 26, 2024, and continued until earlier this month, resulted in the theft of personal and financial information from affected customers. Coinbase now faces a class action lawsuit following stock price declines attributed to the data breach disclosure, with plaintiffs alleging the company failed to report the incident promptly.

The lawsuit claims Coinbase's delayed disclosure contributed to stock price volatility, raising questions about corporate transparency obligations regarding cybersecurity incidents in the cryptocurrency industry.

These incidents underscore the heightened security risks facing cryptocurrency companies and their executives, as cybercriminals increasingly target high-profile figures within the digital asset ecosystem through sophisticated social engineering and extortion campaigns.