Ethereum

weblog.ethereum.org mailing checklist incident | Ethereum Basis Weblog

kingcryptonews
kingcryptonews
weblog.ethereum.org mailing checklist incident | Ethereum Basis Weblog


On 2024-06-23, 00:19 AM UTC, a phishing electronic mail was despatched out to 35,794 electronic mail addresses by [email protected] with the next content material

Customers who clicked the hyperlink within the electronic mail have been despatched to a malicious web site:

This web site had a crypto drainer operating within the background, and if a person initiated their pockets and signed the transaction requested by their web site their pockets would have been drained.

Our inside safety workforce instantly launched an investigation to assist decide who launched the assault, what the purpose of the assault was, when it occurred, who was affected, and the way it occurred.

Among the intial actions taken have been:

  • Prevented the risk actor from sending extra emails.
  • Despatched out notifications by way of twitter and electronic mail to not click on the hyperlink in query.
  • Closed down the malicious entry path the risk actor had used to acquire entry into the mailing checklist supplier.
  • Submitted the malicious hyperlink to varied blacklists, and it was then blocked by majority of web3 pockets suppliers and cloudflare.

Our investigation into the assault confirmed that:

  • The risk actor imported a big electronic mail checklist of their very own into the mailing checklist platform for use for the phishing marketing campaign.
  • The risk actor exported the weblog mailing checklist electronic mail addresses, which was a complete of 3759 electronic mail addresses.
  • After we in contrast the emails within the electronic mail checklist that the risk actor had imported, we might see that the weblog mailing checklist contained 81 electronic mail addresses that the risk actor didn’t beforehand have information of, and the remaining have been duplicate addresses.
  • Analyzing on-chain transactions made to the risk actor between the time they despatched out the e-mail marketing campaign and the time the malicious area obtained blocked, seem to point out that no victims misplaced funds throughout this particular marketing campaign despatched by the risk actor.

As we proceed engaged on this incident, now we have taken extra measures resembling migrating some mail providers to different suppliers, to additional assist cut back the chance of this taking place once more.

We’re deeply sorry that this incident occurred, and are working diligently with each our inside safety workforce in addition to exterior safety groups to additional assist deal with and examine this incident.

Any questions may be directed to [email protected].

You Might Also Like

Improvement Replace #0 – Ethereum.org

US Bitcoin ETFs now maintain 1 million Bitcoin value $96 billion

Eth2 Interop in Assessment | Ethereum Basis Weblog

Linea Affiliation unveils plan for decentralized governance with LINEA token

Devcon5 Schedule, Sponsors and Audio system are on-line NOW!

Share This Article
Previous Article Bitcoin 0K prediction, spot Ether ETF ‘staking difficulty’— Thomas Fahrer, X Corridor of Flame Bitcoin $500K prediction, spot Ether ETF ‘staking difficulty’— Thomas Fahrer, X Corridor of Flame
Next Article Dollarama renews regular course issuer bid (TSX:DOL:CA) Dollarama renews regular course issuer bid (TSX:DOL:CA)