Yesterday, the popular Web3 game The Sandbox warned its users about the security incident that the team detected on February 26. In its blog post, The Sandbox reported that an unauthorized third party accessed The Sandbox users' email addresses via a compromised computer that belongs to one of the company's employees. Controlled by a malware application, the machine sent emails containing malware links.
The Sandbox has found that emails titled "The Sandbox Game (PURELAND) Access" contain potentially dangerous hyperlinks. Clicking on one of these links installs malware that collects personal information from the infected device. The team has not found any traces of the attacker accessing other accounts or services of The Sandbox.
Although the breach had been discovered several days before this post, The Sandbox immediately notified the known recipients of the malicious email campaign.
"We have blocked the employee’s accounts and access to The Sandbox, reformatted the employee’s laptop, and reset all related passwords including requiring two-factor authentication. We have not identified any further impacts. However, we are working with our team to monitor the situation and enhance our related security policies and practices," The Sandbox stated in the post.
The team recommends users to ensure that their passwords are strong and the two-factor authentication is enabled. The Sandbox also advises using an antivirus program for prompt identification and removal of malware.
More on The Sandbox security
The Sandbox is a successful Ethereum-powered gaming ecosystem and metaverse evolved from a mobile game released in 2011. The gamers' community often views it as a Web3 competitor to Minecraft and Roblox.
"The Sandbox, which literally takes place in a sandbox, is a unique game based entirely on the four classical elements and the laws of physics. The player takes the role of "Deity apprentice" and sets about creating his or her own universe through the exploration of resources such as lightning, lava, sand, glass, and many others," Pixowl, the developer company behind The Sandbox, described the game on its website.
One of the core features of The Sandbox is the ability to convert users' creations into NFTs and monetize them. Since this feature can potentially make the game attractive to attackers, Sandbox's team thoroughly monitors the software for vulnerabilities. One of the most dangerous vulnerabilities discovered recently led to the migration to a more secure type of smart contracts.
The vulnerability concerned the public state of the _burn function. According to the February 9 blog post by the blockchain cybersecurity company SlowMist, the vulnerability "could result in anyone burning other players’ NFTs at will." Cybersecurity specialists conducted an investigation, which revealed that someone had indeed managed to burn assets belonging to other users. As there were no large-scale attacks, SlowMist assumed that it was just a "white-hat test."
"The previous smart contract contained a vulnerability that was first reported on December 25, 2021. The vulnerability has been fixed and the fix audited. It has not been exploited by any malicious user and has now been secured," The Sandbox team stated in January 28 blog post.