Solana Co-Founders' Sensitive Info Leaked After Migos' Instagram Blunder
On May 27, 2025, Raj Gokal, co-founder of Solana and President of Solana Labs, became the target of a severe cyberattack when hackers leaked his sensitive personal information through a hijacked Instagram account belonging to the hip-hop group Migos.
The attackers, believed to have used social engineering tactics, initially gained access to Gokal’s email account. After extracting personal documents, including his passport, driver’s license, home address, phone number, and family images, they attempted to extort him for 40 BTC ($4.4 million). When Gokal refused, the attackers escalated their efforts by seizing control of the Migos’ Instagram account, which has over 13 million followers, and publicly releasing the information.
Once in control of the account, the attackers posted a series of images showing unredacted government IDs and personal contact details. One disturbing image encouraged followers to spam Gokal’s phone number. A caption on one of the posts threatened, “You should’ve paid the 40 BTC,” suggesting the leak was a consequence of failed ransom negotiations.
To increase visibility, the hackers edited the profile bio to say, “CHECK BIO FOR MEMECOIN,” and included links to a Telegram group promoting unreleased music and possibly more illicit material. The offensive content remained online for nearly 90 minutes before being taken down by Instagram.
The attack didn’t happen in isolation. Gokal had previously warned his followers on May 20 via X that he had been the target of persistent attempts to hijack his accounts, including email, Google, Apple, and social media.
“Attackers have been trying to take control of my email, social media, Google, Apple, etc., this past week. If you see anything suspicious (such as a token launch or soliciting funds), that means they have gotten through. Be careful out there.”
- Raj Gokal, X post on May 20
According to blockchain investigator ZachXBT, the attackers likely employed phishing and other social engineering tactics to compromise Gokal's accounts. The breach appears to be coordinated and well-planned, reflecting an increasing sophistication among cybercriminals targeting high-profile figures in the cryptocurrency space.
Critics were quick to call out Meta for the slow response in removing the doxxing posts. According to Andy, co-founder of “The Roll Up,” Migos had been inactive on Instagram since February 15, 2024, making it a prime target for hijacking. He emphasized the growing risk of inactive celebrity accounts lacking proactive security.
“Very unfortunate for Raj. It makes IG policies against doxxing look incredibly weak,” Andy added.
This breach is part of a larger trend in which hackers hijack verified or high-follower social media accounts to push crypto scams or, in this case, blackmail efforts. Earlier incidents involved similar social engineering strategies to exploit influencers and celebrities.
: Tron DAO X Account Hacked: $45K Lost in Crypto Scam, Curve Finance Also Hit
While no digital assets were stolen, this attack reveals the very real personal risks facing leaders in the crypto industry. As the space becomes more lucrative and visible, its top figures are increasingly vulnerable to targeted attacks that exploit social and technical weaknesses.
This incident sends a clear message: crypto leaders and platforms must reinforce digital safety through:
The targeted leak of Raj Gokal’s personal information through the Migos Instagram hack serves as a stark warning. As digital finance scales globally, those leading the innovation are also facing new threats, ones that exploit their visibility and influence. The crypto community must now demand stronger protections, faster platform responses, and a collective effort to prioritize safety across the ecosystem.
