The Ethereum Foundation, the entity in charge of providing technological and community support to the Ethereum network, reported that the mailing list held by the entity has been leaked, so they are alerting the community about possible phishing campaigns in progress.
Ethereum Foundation mailing list leaked
The information was confirmed by Tim Beiko, developer and one of the main figures behind the Ethereum Foundation, who announced through a message on his X account, explaining that the issue was caused by SendPulse, the organization’s messaging service provider, with whom they are trying to get in touch to resolve the problem as soon as possible.
Beiko pointed out that the leaked list was managed by “updates@ethereum.com,” and shared in his message an example of the fake emails that the attackers would be sending to potential victims, stressing that they should avoid both opening the links and downloading the files.
Reports indicate that the attackers took advantage of an existing vulnerability in the Ethereum Foundation’s email automation service, and with this they were able to access the list of subscribers.
For now, although the Ethereum Foundation is working on a solution, interested parties are advised to be cautious with messages received from the affected account. Likewise, they are encouraged to be very cautious with proposals that seem lucrative and come from unknown emails, as the attackers will most likely use the mailing list to try to reach victims through other campaigns.
Hackers have attacked crypto email providers before
For years, criminals have been attacking third-party email management services, with efforts recently intensifying.
In the middle of this month, thousands of CoinGecko users fell victim to phishing emails when its email service provider, GetResponse, experienced a data breach. CoinGecko confirmed the breach and warned that hackers had exported the contact information of 1.9 million users.
According to a publication on its website, “The attacker exported 1,916,596 contacts from CoinGecko’s GetResponse account and sent phishing emails to 23,723 emails from another GetResponse customer’s account (alj.associates).”
With this tactic, malicious actors manage to easily send emails with phishing links to hundreds of thousands of people. Depending on the type of phishing applied, people who click on the link may provide sensitive data to the scammers or be duped into sending funds to fraudulent addresses that are mistaken for real ones through address spoofing. In turn, users who click on the phishing link unknowingly authorize the scammers to conduct transactions on their behalf.
