Hackers reportedly seized control of the Instagram account of American hip-hop group Migos, which boasts 13 million followers, to leak sensitive data. They exposed Solana co-founder Raj Gokal’s passport, ID, and family photos, demanding 40 Bitcoin, roughly $2.7 million.
🚨JUST IN: Hackers compromised rapper Migos’ Instagram account to leak Solana co-founder @rajgokal‘s passport, ID, and family pictures.
The materials appear to be KYC images, raising questions about whether the source may be linked to recent @coinbase data breach.
The caption… pic.twitter.com/wKEVKP1dFi
— SolanaFloor (@SolanaFloor) May 27, 2025
The breach came as a shock to the crypto community, with posts staying live for nearly an hour before Instagram intervened. Gokal had warned days earlier about attempts to compromise his Google, Apple, and social media accounts.
Hacker Sends Taunt and a Demand
Hackers infiltrated Migos’ Instagram, likely exploiting weak account security or stolen credentials, to post Gokal’s private documents. The leaked data, which included KYC images, suggested a possible link to a recent Coinbase breach affecting 69,461 users. The hackers behind this massive data breach moved approximately $42.5 million in Bitcoin to Ethereum via THORChain.
After the transaction, the user sent a mocking on-chain message to blockchain investigator ZachXBT. On-chain messaging embeds text directly into blockchain transactions, allowing users to write notes, warnings, or links permanently recorded on the ledger. Despite its potential for legitimate announcements, this feature has been predominantly used by scammers seeking to contact victims.
The hacker reportedly sent Gokal a taunting message, stating, “you should’ve paid the 40 BTC,” which however indicated a failed extortion attempt. Sources suggest hackers accessed sensitive information through phishing or compromised third-party apps. The breach followed Gokal’s refusal to pay the ransom, prompting the public leak.
Crypto Hacks Surge
Crypto hacks are surging, with $1.48 billion stolen in 2024, per security firm Immunefi’s recent report. Examples of this include a November 2024 hack, where DEXX lost $30 million after a private key leak compromised 8,600 Solana wallets.
Similarly, on April 26, 2025, Loopscale, a Solana-based lending platform that launched a few months earlier, suffered a major security breach. A hacker exploited a flaw in the platform’s collateral pricing system, draining 5.7 million USDC and 1,200 SOL, roughly 12% of Loopscale’s total value. The attack targeted the platform’s USDC and SOL vaults, forcing Loopscale to halt lending markets and freeze vault withdrawals to prevent further losses.
The crypto industry is strengthening its security to combat escalating hacks targeting platforms and individuals. Companies are investing in advanced encryption and multi-factor authentication to protect user data.
