Security News > 2024 > July > Ethereum mailing list breach exposes 35,000 to crypto draining attack
A threat actor compromised Ethereum's mailing list provider and sent to over 35,000 addresses a phishing email with a link to a malicious site running a crypto drainer.
Ethereum disclosed the incident in a blog post this week and said that it had no material impact on users.
Ethereum says that the threat actor used a combination of their own email address list and an additional 3,759 exported from the platform's blog mailing list.
The message lured recipients to the malicious website with an announcement of a collaboration with Lido DAO and invited them to take advantage of a 6.8% annual percentage yield on staked Ethereum.
The attacker was quickly blocked from sending more emails and Ethereum took to Twitter to notify the community about the malicious emails, warning everyone not to click the link.
Brothers arrested for $25 million theft in Ethereum blockchain attack.
News URL
Related news
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- Henry Schein discloses data breach a year after ransomware attack (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Canadian Suspect Arrested Over Snowflake Customer Breach and Extortion Attacks (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)