Hacker breaches Ethereum mailing list to conduct phishing attack against crypto users

Ethereum.org is notifying users of a mailing list incident involving a sophisticated phishing campaign that reached 35,794 emails.

The incident, which occurred June 23, is said to have had no financial impact on users.

What happened

According to a security notice published on the Ethereum Foundation blog this week, a malicious email was sent to over 30,000 users from the address ‘updates@blog[.]ethereum.org’.

The bogus message was sent under the guise of a new collaboration with Lido DAO and aimed to trick users into accessing a malicious website running a crypto drainer.

The email lured recipients from the Ethereum community with an invitation to take advantage of a 6.8% annual percentage yield (APY) on any of their Ethereum deposits.

When accessing the “Begin Staking” button, users are directed to a fake website detailing the promotion to which they can connect their wallets.

“This website had a crypto drainer running in the background, and if a user initiated their wallet and signed the transaction requested by their website their wallet would have been drained,” the security notice reads.

The Ethereum security team said that they immediately started investigating to determine the impact of the attack. Ethereum says that the attack was quickly blocked and that they have closed down “the malicious access path” used by the threat actor “to obtain access into the mailing list provider.”

Additionally, the investigation shows that the threat actor entered his own email list into Ethereum’s mailing list platform and used 3,759 user email addresses from the Ethereum blog.

“When we compared the emails in the email list that the threat actor had imported, we could see that the blog mailing list contained 81 email addresses that the threat actor did not previously have knowledge of, and the rest were duplicate addresses,” the security team further said.

You can read more about crypto scams in this blog post: How to Dodge the Wave of Crypto Scams

How can Bitdefender help you dodge similar attacks and protect your digital assets?

Bitdefender solutions encompass extensive security features to help you thwart phishing attacks and malicious websites and scams, including:

• Real-time detection and protection against sophisticated cyberthreats
• Email protection features that scan all incoming messages to alert you to phishing and scam emails you need to avoid
• Web-filtering technology that blocks all known infected links and harmful websites
• Advanced anti-phishing and anti-fraud protection that block websites masquerading as trustworthy platforms to keep your information and finances safe
• Cryptomining Protection and much more

Use a digital identity protection service to stay on top of data breaches and leaks, and protect your identity. Be proactive about your cybersafety by knowing what kind of personal information has been exposed online (email address, phone number and sensitive data) to immediately secure accounts to prevent damage.

To further enhance your personal scam defenses, use Bitdefender Scamio

Whenever you’re unsure about a link, message or proposal, check it with Scamio on WhatsApp, Facebook Messenger or a web browser for free! Copy/paste a text or link, describe the situation, and upload the image or the QR code you want to verify. Scamio will analyze the data and tell you if anyone is trying to scam you.

You can also help all of your friends and family members stay safe by sharing Scamio with them in France, Germany, Spain, Italy, Romania, Australia and the UK.