Ethereum mailing lists stolen by hackers

[Jating]

In any case that you guys are not aware of, Ethereum mailing list of 35,000+ has been breached by hackers and those emails have been stolen,

Our investigation into the attack showed that:

- The threat actor imported a large email list of their own into the mailing list platform to be used for the phishing campaign.
- The threat actor exported the blog mailing list email addresses, which was a total of 3759 email addresses.
- When we compared the emails in the email list that the threat actor had imported, we could see that the blog mailing list contained 81 - email addresses that the threat actor did not previously have knowledge of, and the rest were duplicate addresses.
- Analyzing on-chain transactions made to the threat actor between the time they sent out the email campaign and the time the malicious domain got blocked, appear to show that no victims lost funds during this specific campaign sent by the threat actor.

https://blog.ethereum.org/2024/07/02/blog-incident

So maybe in the next following days, you and me might received a lot of emails from this hackers trying you to click on those malicious links to drain your crypto wallet.

[PX-Z]

Never have subscribed on this site but knowing people's knowledge on past incidents about phishing emails. I hope and guess only for good that no one will get victimize on this since they probably receive another email about this incident.

[MrSpasybo]

Never have subscribed on this site but knowing people's knowledge on past incidents about phishing emails. I hope and guess only for good that no one will get victimize on this since they probably receive another email about this incident.

Yeah, I also hope that investors have become more experienced and can avoid these crude scams. All information should be verified on Twitter or the official website of projects, and crypto holders should be cautious with any requests directly related to their accounts and crypto assets.

What I am more curious about is how the hacker could have access to over 35K email addresses related to Ethereum. Perhaps this list came from a subscribe service where users provide both their ERC-20 and email addresses.

[Doovla]

You should always be careful when it comes to answering and clicking on e-mails of the type where they are from the same project, especially if phrases and private keys are requested. Double check.

[PX-Z]

What I am more curious about is how the hacker could have access to over 35K email addresses related to Ethereum. Perhaps this list came from a subscribe service where users provide both their ERC-20 and email addresses.

The actual email list that was exported from ethereum.org subscriber is only more than 3k, the 35k email list came from the malicious actor who imports those emails to ethereum.org mailing list platform and use the "[email protected]" email to send the spam emails. That's what i understand the article.

[salad daging]

I've never signed up on any Ethereum site, so I'm not subscribed there but it's possible that hackers could send out more email messages this should be a caution anything they offer is a scam.

Thank you for sharing this info, as I just now found out now that the Ethereum mailing list has been hacked.

[hugeblack]

81 - email address is not a large number, and assuming awareness increases, such a scam should not succeed in the future.
The constant hacking of these services also makes it necessary to subscribe to some email providers that allow you to obtain additional addresses (alias), as hundreds of these addresses can be obtained and stopped whenever you hear about a database leak.

[ABCbits]

It's not rare to see mailing list got hacked these days. Although this time it's more important since the website associated with Ethereum Foundation. I didn't subscribe to their email notification, but it's good that there's no victim (at least when that blog is written).

[Kemarit]

It's not rare to see mailing list got hacked these days. Although this time it's more important since the website associated with Ethereum Foundation. I didn't subscribe to their email notification, but it's good that there's no victim (at least when that blog is written).

We can't really say that there are no victims, it's too early to say that. Just like the hack on on the emails of the subscriber of Ledger, it might take some time for the hackers to take advantage of that mailing list.

So just wait, maybe in the couple of months, there will be some who might fall for a phishing link or being scam because their email was exposed to this hacks.

Lucky are those who are not subscribed, but for those, you really need to be very careful.

[Husires]

In any case that you guys are not aware of, Ethereum mailing list of 35,000+ has been breached by hackers and those emails have been stolen,

What updates do they send to subscribers to the Ethereum mailing list? If they are periodic and there are many clicks on them, it will be bad news for many because some may trust ethereum.org and register with the official email.
It may be a good idea to stop trusting emails that come from [email protected] since the service has been hacked.

[Wiwo]

This I a bad one for 3700+ emaild in the hands of scammer means alot of Ethereum email subscribers are going to be receiving scam attempts emails from those spammers, just as said I have this information to the real victims whose email addresses have been compromised in other for them to be guided on any attempt from those hackers,I think we should all threat emails same as call never to trust them with our details always have a recheck before you give out any detail as regards to your accounts and other vital things that involve finance's.

[Stompix]

In any case that you guys are not aware of, Ethereum mailing list of 35,000+ has been breached by hackers and those emails have been stolen,

Our investigation into the attack showed that:

- The threat actor imported a large email list of their own into the mailing list platform to be used for the phishing campaign.
- The threat actor exported the blog mailing list email addresses, which was a total of 3759 email addresses.

It's different, they didn't steal 35,000 emails!

They breached the mail platform and managed to send to their own emails thousands of phishing emails that were coming from a legit source, that was the biggest concern as usual phishing emails come from fake servers, in this one it came from ethereum.org!

What they did manage to steal was only 3 000 emails from the blog database which is basically a nothing burger since most of those addresses were already almost all of them previously leaked, even the attackers already had them!

[bitterguy28]

Lucky that never i joined or  partake any sites about crypto including bitcoin because i only engage in exchange
where i trade and i at some point keep my holding(only very limited amount)..

These hackers are really good at this and only stupid investors that will be falling in their phishing links or emails
because I believe that people in crypto are now more knowledgeable in this kind of tactics and baits.

In any case that you guys are not aware of, Ethereum mailing list of 35,000+ has been breached by hackers and those emails have been stolen,

Our investigation into the attack showed that:

- The threat actor imported a large email list of their own into the mailing list platform to be used for the phishing campaign.
- The threat actor exported the blog mailing list email addresses, which was a total of 3759 email addresses.

It's different, they didn't steal 35,000 emails!

They breached the mail platform and managed to send to their own emails thousands of phishing emails that were coming from a legit source, that was the biggest concern as usual phishing emails come from fake servers, in this one it came from ethereum.org!

What they did manage to steal was only 3 000 emails from the blog database which is basically a nothing burger since most of those addresses were already almost all of them previously leaked, even the attackers already had them!

good that its clear here and they did not stole the email addresses .

[Hamza2424]

Hmm, that's an old case if I'm not mistaken because I've seen such kind of fishing attack news when their official E-mail got hacked and the scammer made many PMs by offering higher rewards on the investments and they got trapped. TBH people should use alternative info while dealing with such services, I always carry many emails for different purposes.

Seems like that's the same case.

[joniboini]

Hmm, that's an old case if I'm not mistaken because I've seen such kind of fishing attack news when their official E-mail got hacked and the scammer made many PMs by offering higher rewards on the investments and they got trapped. TBH people should use alternative info while dealing with such services, I always carry many emails for different purposes.

The blog post mentioned the attack that happened in June this year, so I don't think we can call it old yet. Which past incident are you referring to? If the same incident happened I wonder what measures were taken after the first incident happened then. On the other hand, I have read multiple cases where a mailing list provider got hacked, which shows that no providers are safe nowadays.