A concerning escalation of targeted cyberattacks within the crypto industry has recently seen Solana co-founder Raj Gokal become the latest high-profile victim of a coordinated cybersecurity incident. This most recent event is much like previous disturbances in that it centers on an attempted cybersecurity extortion scheme. What sets it apart, however, is that the bad actors involved in this incident attempted to gain the upper hand by first doing something that no one in the crypto space should have to worry about: they released a bunch of personal, sensitive, and now totally useless documents that were supposed to be private. Instagram Account of Rapper Migos Hijacked to Spread Leaked Materials When hackers took over the official Instagram account of the late rapper group Migos, the attack served a more sinister and specific purpose. Using the Migos account—a high-profile target—the attackers shared images that included copies of Raj Gokal’s passport, personal family photographs, and other identifying materials that one would expect to be part of KYC verification. These were not just run-of-the-mill identity documents; they were the types of materials that a financial institution might expect a customer to produce in order to open an account. JUST IN: Hackers compromised rapper Migos’ Instagram account to leak Solana co-founder @rajgokal 's passport, ID, and family pictures. The materials appear to be KYC images, raising questions about whether the source may be linked to recent @coinbase data breach. The caption… pic.twitter.com/wKEVKP1dFi — SolanaFloor (@SolanaFloor) May 27, 2025 The post indicated quite strongly, with the caption “you should’ve paid the 40 btc,” that the breach was part of an extortion campaign. The demand—equal to about $2.7 million USD at today’s market rates—was said to have been turned down by Gokal, with the attackers then going public with the materials in order to up their pressure game. The posts were taken down not long after they had been put up, but they had been seen too widely by then to be effective. The choice of a celebrity account to hack into, likely for its huge audience and user engagement, signals that these guys wanted their act to be taken seriously and to make as big a splash as possible. Suspicions Point Toward Larger Data Breach, Possibly Tied to Coinbase The kind of documents—especially the seeming KYC materials—has raised queries concerning how the assailants acquired such delicate data. Some analysts are now speculating that the documents’ source could be tied to a recent data breach at Coinbase, although no formal link has been established. Identity verification for compliance reasons is mandatory for regulated exchanges and platforms, which also happen to be the very places where KYC information is stored. If a breach comes from any of these entities, then Gokal’s case is one of many—and it raises an important question about the safety of crypto wallet information. Adding to the worry, Gokal had tweeted only a few days prior to the Instagram incident that he had been the target of a series of hacking attempts. He reported that nefarious individuals had been trying to gain access to his accounts—Apple, Google, and social media ones, for instance—through a concerted and refined effort at social engineering. Attacks based on social engineering usually involve impersonation, phishing, or other forms of trickery aimed at fooling security systems. Instead of attacking a network or a computer, these hackers attack the people who work there, using methods that, by and large, have worked for con artists throughout history. And yes, after you hear about a few of these methods, you will feel a little paranoid. And you should! Industry Response and Broader Implications for Crypto Security The blockchain community has taken notice of the attack on Raj Gokal, and for good reason. It isn’t just a couple of hackers throwing a couple of code errors around, and it definitely isn’t a few angry crypto investors. This attack tells us that anyone can be threatened, including the founders of major crypto platforms. And if these folks can be threatened so easily, what does that say about the storage and protection of our digital assets in the era of Web3? Many security specialists have insisted that cryptocurrency founders and prominent figures in the space adopt far more rigorous security protocols. Among these experts’ suggestions are the following: 1. Use hardware authentication devices. 2. Create air-gapped backups. 3. Implement multi-layered access controls. For Solana, a blockchain famed for its speed and its expanding developer ecosystem, the incident is probably not going to have any direct technical fallout. But the event does cast in stark relief the fragile security of crypto’s most public personalities, and it raises some uncomfortable questions about the lengths to which they—and we—might have to go in order to keep our real and virtual selves safe. While the investigations rattle on, the eyes of the crypto community are on the situation. Will this breach prove to be an element of a larger compromise? Or is it an isolated attack? Whatever the outcome, it is clear that the cybercriminals have upped the ante. This is a reminder that digital sovereignty must come with not just digital responsibility, but also robust defenses. Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services. Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news ! Image(s): Shutterstock.com
