A Coordinated Crypto Hack and Phishing Campaign
A coordinated hack and phishing campaign is currently targeting crypto investors, flooding their inboxes with fake emails promoting token airdrops. Impersonating major Web3 companies such as WalletConnect, Cointelegraph, and Token Terminal, hackers are luring recipients into clicking on malicious links.
An Ongoing Attack
The ongoing attack was brought to light by on-chain investigator ZachXBT, who revealed that phishing emails from multiple sources claiming to be from various platforms have resulted in the theft of around $580,000 so far. The emails enticed recipients with offers of fake airdrops.
Various Fake Offers
The hackers used different reasons to entice victims into participating in the fake airdrops. For example, they claimed the airdrops were in celebration of special occasions or to mark significant milestones within the companies. The email addresses used for the attacks closely resembled the genuine addresses of the impersonated companies, leading many victims to fall for the scam.
Firms Warn Users
Companies impacted by the phishing attacks have issued warnings to their users, urging them not to click on any airdrop links. Firms like WalletConnect, Cointelegraph, and Token Terminal have emphasized that these emails were not sent by them and that the links lead to malicious sites.
Root of the Problem
The root cause of the issue has been identified as a vulnerability in Mailer Lite, an email service provider used by the affected companies. The hacker exploited this vulnerability to impersonate the Web3 firms and send out the phishing emails. To prevent further incidents, companies like De.Fi are moving their databases to a different provider.
Hot Take: Beware of Phishing Attacks on Token Airdrops
Crypto investors need to be cautious of phishing attacks promoting token airdrops. Hackers have been impersonating major Web3 companies and sending out fake emails to steal funds. These emails contain offers of fake airdrops, with scammers using various reasons to entice victims. The phishing emails closely resemble the genuine addresses of the impersonated companies, making it difficult to spot the scam. Impacted companies have warned users not to click on any airdrop links, emphasizing that these emails did not originate from them. Investigations have revealed that the vulnerability in an email service provider called Mailer Lite was exploited by the hackers. It is crucial for investors to exercise caution and verify the authenticity of any email claiming to offer token airdrops.
By
By
By
By