A breach in Ethereum’s mailing list exposed over 35,000 users to a crypto draining attack. The threat actor sent phishing emails with a link to a malicious site. Ethereum disclosed the incident and assured users that it had no significant impact. The attack took place on June 23, targeting 35,794 addresses. The attacker used their own email list and additional addresses from the platform’s blog mailing list. The phishing email enticed recipients with promises of high investment returns. Clicking on the link led users to a fake website where their wallets would be drained if they connected their wallets and signed a transaction. Ethereum’s security team launched an investigation, blocked the attacker, and warned the community via Twitter. The malicious link was submitted to blocklists, preventing further harm. Thankfully, none of the recipients fell for the scam. Ethereum has implemented additional security measures and is transitioning some email services to other providers to prevent future incidents.
Subscribe
Login
0 Comments