A scam that masqueraded as Lido’s staking program was promoted through the Ethereum Foundation email account.
The following is a list of a recent announcementThe Ethereum Foundation’s official email account, which was used to distribute updates and news on the 23rd of June, had been compromised.
They used the [email protected] Email address used to scam 35 794 addresses
In the email users found an announcement that Ethereum Foundation collaborated. Lido decentralized autonomous organization (LidoDAO). The partnership will include a 6.8% return on Ether, Wrapped Ether or Ether
ETH deposits were being offered.
“The collaboration harnesses the strengths of both organizations to deliver deep liquidity and competitive rewards, enhancing your staking experience with over 100+ integrations,” An excerpt of the announcement reads:
The staking services will be provided by the company. “protected and verified” By the Ethereum Foundation
Below the announcement, there was an “Begin Staking” button. By clicking this, users would be redirected to a site created by attackers.
The Dubbed “Staking Launchpad,” The malicious website was allegedly running a Crypto Drainer in the background. The site was also designed to appear professional.
Anybody clicking on it will be able to see the full text. “Stake” The website will ask the user to click a button and approve the transaction. Upon approval, the entire balance of a user’s wallet would be taken.
No funds lost
As of this writing, it appeared that the foundation had taken control of the compromised email. The foundation has determined that no money was lost as a result of this attack.
“Analyzing on-chain transactions made to the threat actor between the time they sent out the email campaign and the time the malicious domain got blocked appear to show that no victims lost funds during this specific campaign sent by the threat actor,” Note the following foundations:
The Foundation discovered the hacker also uploaded a list of email addresses which were not on the Foundation’s subscriber list. Several users, who were not subscribers to the Foundation’s mailing list, received this scam.
Also, the attacker exported “blog mailing list email addresses” containing 3,759 email addresses. However, only 81 of the 3,759 email addresses were valid. “duplicate addresses.”
The attack was estimated to have compromised email addresses for 81 subscribers.
In addition, Cloudflare and several other DNS, wallet, and blacklist providers have been urged to notify users of any malicious websites that they may be redirected to.
Phishing emails are not new in the crypto industry.
Early June saw the arrival of several important crypto figures warned of a prominent email vendor The scammers are able to trick users into believing that they have received fake airdrops. Before that, there was a email addresses of several prominent crypto-related entities Phishing emails were sent using these methods.
“This article is not financial advice.”
“Always do your own research before making any type of investment.”
“ItsDailyCrypto is not responsible for any activities you perform outside ItsDailyCrypto.”
Source: crypto.news
