Several bitcoin businesses are warning that there is an ongoing “supply chain email breach attack” that exploits newsletter mailing lists to distribute dangerous phishing links to consumers.
The intrusion targeted an unknown vendor that administers email lists for crypto firms. Bitfinex CTO Paolo Ardoino and CoinGecko founder Bobby Ong have verified that a breach has taken place.
“There is an ongoing supply chain email breach attack happening with an email newsletter vendor right now,” Ong stated. “Several crypto companies may be affected via email blasts of fake token launches. Be careful with email newsletters in the coming days.”
“We have got two separate confirmations that a prominent vendor employed by crypto firms to maintain mailing lists might have been compromised. “Please cautious of any emails suggesting crypto-airdrops received more than 24 hours ago,” Ardoino. said.
Phishing is a tactic used by hackers to entice a victim into clicking on a malicious link. That link will either drain that user’s personal information, like login data, or it can link directly to an online crypto wallet, giving the attacker access to the user’s wallet.
The amount, if any, that has been stolen from phishing links in conjunction with this attack is yet unclear.