Hackers took over Migos’ Instagram to leak Solana co-founder Raj Gokal’s sensitive info, including passports and driver’s license.
Sensitive data and credentials of Solana’s SOL $150.7 24h volatility: 2.6% Market cap: $78.04 B Vol. 24h: $3.80 B co-founder Raj Gokal have been leaked and shared via a compromised Instagram account of the popular hip-hop group Migos. The leaked content has images of Gokal and his wife, with images sharing credentials like passports and driver’s licenses.
Hackers posted at least seven images on Migos’ account, shared with its 13 million followers. While targeting high-profile accounts to promote meme coins or execute rug pulls is a frequent occurrence, this case was notable for an apparent failed extortion attempt.
The hackers demanded 40 Bitcoin BTC $96 611 24h volatility: 2.1% Market cap: $1.92 T Vol. 24h: $29.09 B from Gokal, as indicated by a caption accompanying one of the posts.
“You should’ve paid the 40 BTC,” the caption read. Similarly, another image had Gokal holding his passport, and posted with the caption “It was only 40 BTC.. should’ve paid.”
Some of the posts included sensitive personal information, such as phone numbers and email addresses. In one instance, the hackers revealed Gokal’s personal number, urging followers to spam him. Another post featured a photo of someone identified as “Arvind.”
The compromised posts were live for approximately 90 minutes before Meta intervened, restoring control of the account and removing the content. Alongside the leaked images, the hackers had also modified Migos’ Instagram bio to promote a meme coin.
Here’s How Solana Founder’s Account Was Hacked
Blockchain investigator ZachXBT commented on the incident, speculating that Gokal’s personal accounts were likely compromised using social engineering techniques over the past week. He noted:
“They tried to extort him for funds with the PII obtained. Guess he didn’t pay so they started trolling and posted it after they compromised Migos’ Instagram account today”.
Thanks for actually blurring the personal info unlike every other account on CT.
Think Raj’s personal accounts got social engineered and they tried to extort him for funds with the PII obtained. Guess he didn’t pay so they started trolling and posted it after they compromised… pic.twitter.com/Cj2a2yAFa6
— ZachXBT (@zachxbt) May 27, 2025
Solana’s co-founder Gokal had previously warned that he was a target for hackers, who have been trying to break into his accounts. “Attackers have been trying to take control of my email, social media, Google, Apple, etc. this past week. If you see anything suspect (token launch, soliciting funds, etc) that means they got through. Be careful out there,” he said.
Attackers have been trying to take control of my email, social media, Google, Apple, etc. this past week. If you see anything suspect (token launch, soliciting funds, etc) that means they got through.
be careful out there
— raj 🖤 (@rajgokal) May 20, 2025
The leaked images appeared to resemble Know Your Customer (KYC) verification files, raising concerns about a potential connection to the recent Coinbase data breach. However, there’s no concrete evidence that proves the potential links between the two incidents.
next