A hacker broke into the Ethereum Foundation’s email server and sent scam emails to 35,794 people, recording 81 subscriber email addresses in the process.

On June 23, the Ethereum Foundation’s “update” email account was hacked and used to promote a phishing scam, according to a July 2 blog post from the foundation. The foundation has recovered the account, and the malicious emails are no longer being sent out.

According to the post, 35,794 scam emails were sent to the foundation’s subscribers and other individuals using its official [email protected] email address.

The foundation’s investigation concluded that no victims lost cryptocurrency from the attack. However, the attacker may have exposed the email addresses of 81 subscribers.

The emails contained a fake announcement stating that the Ethereum Foundation has partnered with the Lido decentralized autonomous organization (LidoDAO) to offer 6.8% yield on staked Ether (stETH), Wrapped Ether (WETH), or Ether deposits. It told subscribers that staking would be “Protected and Verified by The Ethereum Foundation.”

Users who clicked the “Begin Staking” button in the email were directed to a malicious web app, which advertised itself as a “Staking Launchpad.”

Clicking the “Stake” button from within this app pushed a transaction to the user’s wallet. If the user had approved this transaction “their wallet would have been drained,” the post stated.

When the malicious emails were discovered, the foundation responded by blocking the attacker from sending more emails. It also “closed off the malicious access path the threat actor had used to obtain access into the mailing list provider,” ensuring that the attacker could no longer access the email address. It also sent out notices to various blacklists, Web3 wallet providers, and Cloudfare so that users could receive warnings if they attempted to navigate to the malicious site.

Get to know Godleak

Godleak crypto signal is a  service which provide profitable crypto and forex signals. Godleak tried to provide you signals of best crypto channels in the world.

It means that you don’t need to buy individual crypto signal vip channels that have expensive prices. We bought all for you and provide you the signals with bot on telegram without even a second of delay.

Godleak crypto leak service have multiple advantages in comparision with other services:

•  Providing signal of +160 best crypto vip channels in the world
• Using high tech bot to forward signals
• Without even a second of delay
• Joining in +160 separated channels on telegram
• 1 month, 3 months , 6 months and yearly plans
• Also we have trial to test our services before you pay for anything

For joining Godleak and get more information about us only need to follow godleak bot on telegram and can have access to our free vip channels. click on link bellow and press start button to see all features

Join for Free

☟☟☟☟☟

https://t.me/Godleakbot

Also you can check the list of available vip signal channels in the bot. by pressing Channels button.

After further investigation, the Ethereum Foundation discovered that the attacker had uploaded a database containing new email addresses that were not part of the Ethereum Foundation’s subscriber list, implying that some users who were not on the list may have nevertheless received the scam emails.

In addition, the attacker “exported the blog mailing list email addresses, which was a total of 3,759 email addresses.”

The foundation attempted to determine if the attacker obtained any new email addresses from the exploit. It found that “the blog mailing list contained 81 email addresses that the threat actor did not previously have knowledge of, and the rest were duplicate addresses.”

Luckily, the attacker appears to have gained no crypto loot from the attack. The foundation stated:

“Analyzing on-chain transactions made to the threat actor between the time they sent out the email campaign and the time the malicious domain got blocked, appear to show that no victims lost funds during this specific campaign sent by the threat actor.”

Phishing campaigns are a common way for crypto users to lose their funds. On June 23, a MakerDAO member lost $11 million after making several mistaken token approvals, apparently after interacting with a fake web app. On June 26, a marketing email address for the blockchain network Hadera Hashgraph was also hacked to send out scam emails.