The cryptocurrency world was shaken when the official email account of the Ethereum Foundation, which is behind the altcoin ETH, was compromised by hackers. This incident occurred with a type of cyber attack known as a phishing attack, which aims to steal users’ identity and financial information. The attackers tried to trap the foundation’s subscribers by sending them fake emails. This news once again reveals how much importance cryptocurrency users should give to digital security. The value of using strong passwords, being wary of emails, and contacting relevant authorities in questionable situations is greater than ever.
Hack panic for largest altcoin
Ethereum Foundation, one of the leading names in the cryptocurrency world, was subjected to a cyber attack. Hackers who gained access to the foundation’s official e-mail account tried to steal identity and financial information by sending fake e-mails to subscribers. Tim Beiko, one of the Ethereum developers, confirmed the situation in his statement dated X and warned users. The raid was carried out by exploiting the security vulnerability of SendPulse, the Ethereum Foundation’s email sending service provider. Sending suspicious e-mails from the foundation’s official “[email protected]” address led to the problem being noticed.
Tim Beiko said that the Ethereum Foundation's mailing list has been leaked. The vulnerability seems to have occurred on SendPulse, an email automation service used by the foundation. The attacker sent a phishing email from [email protected] to subscribers. The foundation has…
— Wu Blockchain (@WuBlockchain) June 25, 2024
These e-mails contained malicious links that, when clicked, aimed to infect computers with malicious software or steal personal information. In his statement, Tim Beiko warned users to be careful about suspicious e-mails and not to click on contacts or open attachments from these e-mails. Attackers carried out a phishing attack by sending emails that appeared to be trustworthy to subscribers. When clicked, these emails redirected users to invalid websites intended to empty cryptocurrency wallets or access other sensitive information.
PSA: it seems like the mailing list provider the EF uses for "[email protected]" has been compromised. We are currently trying to reach @SendPulseCom to resolve the issue. Please don't click any links sent from that email. Here's a sample fake email that was received: pic.twitter.com/eRIANSPYyT
— timbeiko.eth (@TimBeiko) June 23, 2024
What does the Ethereum Foundation do now?
The Ethereum Foundation is currently focused on working with SendPulse to resolve the issue and secure the email connection. They are investigating the source of the vulnerability to prevent the attack from recurring. Beiko shared a sample email landscape to help users detect phishing attacks. Some valuable suggestions on what users should pay attention to in order to avoid being attacked are as follows:
- Double-check the content of the incoming email and the sender’s email address.
- If something seems suspicious, contact the organization directly through official channels before taking any action.
- Follow the Ethereum Foundation’s social media accounts and official website for the latest security alerts and attack information.
- If you receive a suspicious email, report it to the Ethereum Foundation and your email service provider. This can help stop the spread of phishing attempts.
Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
USDC 
XRP 
Lido Staked Ether 
Dogecoin 
TRON 
Toncoin 
Cardano 
Wrapped stETH 
Avalanche 
Wrapped Bitcoin 
Shiba Inu 
WETH 
Chainlink 
Bitcoin Cash 
Polkadot 
Dai 
LEO Token 
Uniswap 
Litecoin 
NEAR Protocol 
Wrapped eETH 
Kaspa 
Internet Computer 
Monero 
Pepe 
Aptos 
Artificial Superintelligence Alliance 
Ethena USDe 
Stellar 
Ethereum Classic 
First Digital USD 
Sui 
OKB 
POL (ex-MATIC) 
Stacks 
Cronos 
Filecoin 
Immutable 
Aave 
Render 
Hedera 
Mantle 
Bittensor 
Arbitrum 
Polygon