A “supply chain email breach attack” is currently impacting users through compromised newsletter mailing lists. Several cryptocurrency companies have been affected by this breach, which involves a vendor responsible for managing mailing lists for multiple crypto businesses. The identity of this vendor remains undisclosed.
Confirmations from Industry Leaders
Bitfinex CTO Paolo Ardoino and CoinGecko founder Bobby Ong have confirmed the breach. Ardoino stated, “We have received two independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised. Please beware of any emails suggesting crypto-airdrops received more than 24 hours ago.”
We received now 2 independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.
— Paolo Ardoino 🤖🍐 (@paoloardoino) June 5, 2024
Not making names yet until investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24h…
Phishing Attacks and Their Risks
Phishing attacks are a common tactic used by cybercriminals to deceive individuals into clicking on malicious links. These links can steal personal information, such as login credentials, or provide direct access to an individual’s online crypto wallet, potentially allowing the attacker to drain its contents.
Unclear Extent of the Damage
The extent of the damage caused by this specific phishing campaign remains unclear. It is not yet known whether any funds have been stolen.
