Blockchain-based metaverse company The Sandbox has warned its users about phishing attacks leading to malware infections following a security breach.

The Sandbox is an open-world online multiplayer game, where players compete to earn non-fungible tokens (NFTs).

The company explained in a blog post that an unauthorized third party had compromised a computer of one of its employees and used information it found to send an email falsely claiming to be from The Sandbox.

The message titled “The Sandbox Game (PURELAND) Access” included a link to malware capable of remotely installing malware on a user’s computer granting it control over the machine and access to the user’s personal information.

“The third party’s access was limited to a single employee’s computer, accessed through a malware application. To the best of our knowledge, the third party was unable to access any other services or accounts of The Sandbox,” the company noted.

The game publisher said it blocked the employee’s accounts and access to The Sandbox, reformatted the employee’s laptop, and reset all related passwords including requiring two-factor authentication.