An unauthorized individual gained access to the official email server of the Ethereum Foundation and used it to distribute a false narrative to 35,794 contacts. The deceitful communication was masked as an announcement claiming a partnership between the Ethereum Foundation and the Lido decentralized autonomous organization (LidoDAO), ostensibly offering a 6.8% return on a variety of Ethereum-based investments.
A recent blog post by the Ethereum Foundations disclosed the facts behind the situation, shedding light on the phishing scam. They also confirmed that no individuals lost any cryptocurrencies and that they have since regained control of the hijacked email account.
In a elaborated explanation, it was reported that an embedded “Begin Staking” command in the phishing emails led to a malevolent web application termed the “Staking Launchpad”. Here, the execution of the “Stake” button initiated unauthorized transactions. If approved, cryptocurrencies in the user’s wallet would have been transferred to the con artist.
On unearthing this cyber attack, the Ethereum Foundation promptly blocked the criminal from circulating further deceptive emails, and sealed their access to the mailing list. Alerts were also forwarded to a number of relevant organizations to caution users who might try to access the unsafe website.
Further investigations revealed the addition of new email addresses to the foundation’s database, implying that even non-subscribers may have received the fraudulent messages. Moreover, the cybercriminal exported the mailing list of the blog, thereby collecting 3,759 new contacts, 81 of which had been previously unknown to them.
Despite the extensive cyber-attack, no loss of cryptocurrency assets was flagged. The Ethereum Foundation emphasized their astute vigilance, stating that they noticed no suspicious transactions made to or from the attacker’s account. Despite this positive outcome, it’s a reminder of the troubling reality of phishing scams in the cryptocurrency industry.