Email security, Networking, Network Security

Over 35K exposed to crypto draining scheme after Ethereum mailing list hack


Decentralized blockchain Ethereum had 35,794 users exposed to a cryptocurrency draining scheme following the compromise of its mailing list provider last week, BleepingComputer reports.

Attackers leveraging a combination of their email address list and 3,759 additional addresses from the mailing list, only 81 of which were new, sent phishing emails via '[email protected]' promoting a partnership with Lido DAO that included a link, which when clicked redirected to a legitimate-looking site that proceeded to drain cryptocurrency within connected wallets, according to Ethereum. Investigation into the incident, which has not compromised any of the recipients, is still underway but Ethereum has already moved to block further phishing email delivery and avert potential compromise of other Web3 wallet providers through link submissions to blocklists. Aside from alerting users regarding the phishing scheme, Ethereum also disclosed performing selective email service migration and other measures to curb similar attacks in the future.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.