{"id":165254,"date":"2024-07-05T07:31:26","date_gmt":"2024-07-05T07:31:26","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=165254"},"modified":"2024-07-05T07:31:28","modified_gmt":"2024-07-05T07:31:28","slug":"hackers-compromised-ethereum-mailing","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/165254\/hacking\/hackers-compromised-ethereum-mailing.html","title":{"rendered":"Hackers compromised Ethereum mailing list and launched a crypto draining attack"},"content":{"rendered":"

<\/div>\n

Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds.<\/h2>\n\n\n\n
Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address \[email protected]’ and included a link to a malicious site running a crypto drainer.<\/p>\n\n\n\n
“This website had a crypto drainer running in the background, and if a user initiated their wallet and signed the transaction requested by their website their wallet would have been drained.” reads the incident notice<\/strong><\/a> published by Ethereum.<\/em><\/p>\n\n\n\n
The message was crafted to trick the recipient into visiting a malicious website by announcing a collaboration with Lido DAO and offering a 6.8% annual percentage yield (APY) on staked Ethereum.<\/gwmw><\/gwmw><\/p>\n\n\n\n
$\"Ethereum$ <\/a><\/figure>\n\n\n\n
The internal security team quickly launched an investigation into the security breach. The team is notifying users via X and email and secured the infrastructure to prevent similar attacks in the future. <\/p>\n\n\n\n
\n
Confirming we managed to send out an update. We should have locked down all external access, but still confirming. https:\/\/t.co\/QJJPSW2fuY<\/a> pic.twitter.com\/sqmL4EmJbc<\/a><\/p>— timbeiko.eth (@TimBeiko) June 23, 2024<\/a><\/blockquote>