Security News > 2024 > July > Ethereum mailing list breach exposes 35,000 to crypto draining attack
A threat actor compromised Ethereum's mailing list provider and sent to over 35,000 addresses a phishing email with a link to a malicious site running a crypto drainer.
Ethereum disclosed the incident in a blog post this week and said that it had no material impact on users.
Ethereum says that the threat actor used a combination of their own email address list and an additional 3,759 exported from the platform's blog mailing list.
The message lured recipients to the malicious website with an announcement of a collaboration with Lido DAO and invited them to take advantage of a 6.8% annual percentage yield on staked Ethereum.
The attacker was quickly blocked from sending more emails and Ethereum took to Twitter to notify the community about the malicious emails, warning everyone not to click the link.
Brothers arrested for $25 million theft in Ethereum blockchain attack.
News URL
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Canadian Suspect Arrested Over Snowflake Customer Breach and Extortion Attacks (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- Crypto companies are losing ground to deepfake attacks (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)