Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,177
- Points
- 113
The tempting offer concealed an insidious trap for investors.
The Ethereum platform recently experienced a phishing email incident that affected more than 35,000 users. Hackers gained access to a mass mailing service provider and sent emails containing a malicious URL that led to a site that uses a cryptographic miner to steal funds.
The attack occurred on the night of June 23, when from the address " updates@blog[.]ethereum.org " 35,794 emails were sent. The attackers used their own list of addresses and added 3759 addresses exported from the platform's blog to it. However, only 81 addresses were previously unknown to attackers.
The phishing email contained a message about cooperation with the Lido DAO and promised a 6.8% annual interest rate on the pledged Ethereum. Recipients were invited to go to the site and start staking by clicking the "Begin staking" button.
Clicking on the link led to a fake website styled like a promo action. If users connected their wallets and signed a transaction, the cryptographic miner emptied their wallets, sending all funds to the attackers.
In response to the attack, the Ethereum security team launched an investigation to identify the hacker, understand the targets of the attack, and identify those affected. The attacker was quickly blocked, preventing further mailings.
The platform promptly notified the community on social networks, warning them about malicious emails and urging them not to click on the link. Representatives of Ethereum also added a malicious link to various block lists, which made it possible to block it for most users.
Transaction analysis showed that none of the recipients of the fraudulent email were victims of the attack. As a precautionary measure, Ethereum is taking additional measures and plans to migrate some email services to other providers.
This incident underscores the importance of constant vigilance in the world of cryptocurrencies and blockchain. Despite the technological advancement and decentralization of platforms, the human factor remains a key element of security. The quick response of the Ethereum team and the caution of users prevented potential losses, demonstrating that education and timely informing the community are powerful weapons against cybercrime.
Source
The Ethereum platform recently experienced a phishing email incident that affected more than 35,000 users. Hackers gained access to a mass mailing service provider and sent emails containing a malicious URL that led to a site that uses a cryptographic miner to steal funds.
The attack occurred on the night of June 23, when from the address " updates@blog[.]ethereum.org " 35,794 emails were sent. The attackers used their own list of addresses and added 3759 addresses exported from the platform's blog to it. However, only 81 addresses were previously unknown to attackers.
The phishing email contained a message about cooperation with the Lido DAO and promised a 6.8% annual interest rate on the pledged Ethereum. Recipients were invited to go to the site and start staking by clicking the "Begin staking" button.
Clicking on the link led to a fake website styled like a promo action. If users connected their wallets and signed a transaction, the cryptographic miner emptied their wallets, sending all funds to the attackers.
In response to the attack, the Ethereum security team launched an investigation to identify the hacker, understand the targets of the attack, and identify those affected. The attacker was quickly blocked, preventing further mailings.
The platform promptly notified the community on social networks, warning them about malicious emails and urging them not to click on the link. Representatives of Ethereum also added a malicious link to various block lists, which made it possible to block it for most users.
Transaction analysis showed that none of the recipients of the fraudulent email were victims of the attack. As a precautionary measure, Ethereum is taking additional measures and plans to migrate some email services to other providers.
This incident underscores the importance of constant vigilance in the world of cryptocurrencies and blockchain. Despite the technological advancement and decentralization of platforms, the human factor remains a key element of security. The quick response of the Ethereum team and the caution of users prevented potential losses, demonstrating that education and timely informing the community are powerful weapons against cybercrime.
Source
