{"id":14635,"date":"2024-06-24T16:19:09","date_gmt":"2024-06-24T13:19:09","guid":{"rendered":"https:\/\/forklog.com\/en\/ethereum-foundation-alerts-to-email-phishing-attack\/"},"modified":"2024-06-24T16:19:09","modified_gmt":"2024-06-24T13:19:09","slug":"ethereum-foundation-alerts-to-email-phishing-attack","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/ethereum-foundation-alerts-to-email-phishing-attack\/","title":{"rendered":"Ethereum Foundation Alerts to Email Phishing Attack"},"content":{"rendered":"<p>The Ethereum Foundation has reported a breach of its account on the SendPulse mailing service, which allowed hackers to initiate targeted phishing emails. The announcement was made by blockchain developer Tim Beiko.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Confirming we managed to send out an update. We should have locked down all external access, but still confirming. <a href=\"https:\/\/t.co\/QJJPSW2fuY\">https:\/\/t.co\/QJJPSW2fuY<\/a> <a href=\"https:\/\/t.co\/sqmL4EmJbc\">pic.twitter.com\/sqmL4EmJbc<\/a><\/p>\n<p>\u2014 timbeiko.eth (@TimBeiko) <a href=\"https:\/\/twitter.com\/TimBeiko\/status\/1804721462407725441?ref_src=twsrc%5Etfw\">June 23, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cAbout an hour ago, you received an email titled \u2018Now Available: Ethereum Foundation Staking Platform\u2019. We are not the senders; the account we use for mailings was compromised. We believe the issue is now resolved. Please delete the previous email and do not click any links in it,\u201d the warning stated.<\/p>\n<\/blockquote>\n<p>The attackers attempted to lure users with a purported \u201ccollaboration\u201d between the Ethereum Foundation and Lido, offering to lock assets in the service at an annual rate of 6.8%.<\/p>\n<p>No further details about the incident have been provided by the parties involved. The last entry in the SendPulse account dates back to September 2023.<\/p>\n<div class=\"wp-block-text-wrappers-update-2 article_update\"><time class=\"gtb_text-wrappers_update_time\">June 25, 2024 | 18:02<\/time><span class=\"gtb_text-wrappers_update_head\">Update: <\/span><\/p>\n<p>In a comment to ForkLog, SendPulse representatives shared the results of their investigation into the incident. According to the company, the Ethereum Foundation account was breached using a Google Workspace account.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThere is no reason to believe that SendPulse infrastructure or other users&#8217; accounts were compromised. We always strongly recommend that clients use two-factor authentication and restrict account access by IP addresses for additional protection,\u201d the firm noted.<\/p>\n<\/blockquote>\n<\/div>\n<p>One user commented under Beiko&#8217;s post, stating that he received a fake email at the address he used for registering with Nansen. For security reasons, he changed all credentials on the platforms he uses.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">I got one to the email address I used for Nansen. (I create different email addresses for every service I use.) This email address should have been exposed nowhere else but within Nansen.<\/p>\n<p>\u2014 Cyrus Adkisson (@fivedogit) <a href=\"https:\/\/twitter.com\/fivedogit\/status\/1804694756435407236?ref_src=twsrc%5Etfw\">June 23, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Recently, mailing services have become a popular tool for cybercriminals. Earlier in June, a leak occurred on the side of the provider GetResponse, used by CoinGecko and Tether.<\/p>\n<p>The perpetrator exported 1,916,596 contacts from the account and sent phishing emails to 23,723 addresses.<\/p>\n<p>Back in January, the email marketing service provider Mailer Lite fell victim to a phishing attack, resulting in damages exceeding <a href=\"https:\/\/forklog.com\/en\/news\/phishing-attack-via-compromised-email-service-nets-hackers-600000\">$600,000<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Ethereum Foundation has reported a breach of its account on the SendPulse mailing service, which allowed hackers to initiate targeted phishing emails. The announcement was made by blockchain developer Tim Beiko. Confirming we managed to send out an update. We should have locked down all external access, but still confirming. https:\/\/t.co\/QJJPSW2fuY pic.twitter.com\/sqmL4EmJbc \u2014 timbeiko.eth [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14634,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,46],"class_list":["post-14635","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-ethereum"],"aioseo_notices":[],"amp_enabled":true,"views":"11","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/14635","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=14635"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/14635\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/14634"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=14635"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=14635"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=14635"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}