An alarming report from Tether’s CEO, Paolo Ardoino, confirmed that a major vendor managing mailing lists for various crypto companies had been compromised. This breach has potentially exposed sensitive information, leading to fraudulent emails suggesting crypto-airdrops.
As multiple thought leaders have claimed, this breach poses a significant threat to security and trust within the crypto industry. Malicious actors may exploit the compromised data to deceive users and propagate scams.
Tether CEO Confirmed Compromise of Crypto Companies Mailing List
We received now 2 independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.
Not making names yet until investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24h…
— Paolo Ardoino 🤖🍐 (@paoloardoino) June 5, 2024
Paolo Ardoino, Tether’s CEO, has stressed the matter, confirming that they have received two independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.
Ardoino tweeted,
“We received now 2 independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.”
He emphasized the importance of scrutinizing unsolicited emails, especially about crypto airdrops, and also advised against clicking links or downloading attachments from unfamiliar sources, especially suspected sources.
“Not making names yet until investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24h ago.”
PSA: There is an ongoing supply chain email breach attack happening with an email newsletter vendor right now. Several crypto companies may be affected via email blasts of fake token launches. Be careful with email newsletters in the coming days.
We at CoinGecko may be…
— Bobby Ong (@bobbyong) June 5, 2024
Further updates on the matter by Bobby Ong, co-founder of CoinGecko, revealed that there is indeed an ongoing supply chain email breach attack affecting an email newsletter vendor.
“We at CoinGecko may be potentially affected and are actively working with our vendor to investigate further to determine the extent of this breach. We have seen phishing CoinGecko emails being sent from other client accounts. There is no CoinGecko token being planned, so don’t be duped by the phishing emails.”
The cryptocurrency tracking site, CoinGecko, one of the potentially affected entities, is actively collaborating with its vendor to investigate the extent of the breach. Ardoino has also raised awareness of the likelihood of it being a targeted supply chain attack against crypto.
“Likely a supply chain attack towards crypto industry.”
The Rise Of Targeted Massive Crypto Attack
According to a recent report, fraudsters in South Korea are targeting Ethereum holders with a new scam. They are sending alarming text messages claiming that recipients’ ETH coins will be “burned” on May 22 if they do not act quickly.
These messages, purportedly from a fake global exchange named Bit-Finance, prompt users to click on phishing links to prevent their funds from being lost. The scam has gained attention within the crypto community, with users warning each other online and sharing screenshots of the fraudulent messages.
South Korean police and regulators have noted a rise in cybercrimes related to virtual assets, with crypto-themed phishing scams becoming more common. The National Police Agency reported 167,688 cyber fraud cases last year, a 7.68% increase from 2022, with virtual asset-related crimes accounting for 38.3%.
Spotlighting the rise, the Canadian Anti-Fraud Centre (CAFC) has also recently warned about the rise in cryptocurrency scams targeting Canadian citizens, particularly pig butchering, romance, and investment scams.
These scams often involve prolonged online communication, where fraudsters pose as friends, romantic partners, or legitimate investment advisers. Victims are enticed into fake crypto investment schemes promising unrealistic returns.
The CAFC, in collaboration with the Canadian Investment Regulatory Organization (CIRO), urges citizens to report fraud incidents to help authorities track and combat these scams effectively.
In 2023 alone, Canadians lost $309.4 million to investment frauds, with social media-related frauds accounting for $172 million. To address this, Canada plans to adopt the international Crypto-Asset Reporting Framework (CARF) by 2026, introducing new reporting requirements for crypto-asset service providers.