The Ethereum Foundation has reported a serious security breach related to its official email system. The breach was discovered thanks to the work of Tim Beiko, a prominent figure in the Ethereum Foundation, who raised the alarm on Platform X.
As it turns out, the “updates@ethereum.org” mailing list was hacked. This means that attackers could send phishing emails that imitate official Foundation communications.
The Ethereum Foundation has issued an urgent warning about fraudulent activities. The message indicated that the mailing list provider the Foundation uses for "updates@ethereum.org" had been compromised. The Foundation has asked subscribers not to click on any links in emails that appear to be sent on behalf of the Foundation.
To help recognize these phishing attempts, Tim Beiko shared an example of a scam email. It offered an innovative staking platform in collaboration with Lido DAO. It was falsely claimed that the platform offered 6.8% APY on staking ETH options such as stETH, wETH or ETH.
The phishing email was created by attackers with the goal of deceiving users and obtaining their personal information. The letter mentioned the joint efforts of the Ethereum Foundation and Lido DAO, known for their staking services. The letter stated that these services are introducing a betting platform that supposedly supports “best-in-class security” and “more than 100 integrations.”
After Beiko posted information about the hack, he updated the community: “I confirm that we were able to send the update. We should have blocked all external access, but we're still confirming." This indicates that the Foundation team has taken steps to regain control of the compromised account and is in the process of reviewing the security measures put in place to prevent further unauthorized access.
The Ethereum Foundation, together with SendPulse, is actively investigating the breach to understand the scope and method of the attack. Initial findings indicate that attackers exploited security vulnerabilities in SendPulse to gain unauthorized access to an email list.
In response to the violation, the Ethereum Foundation published a correction notice via its official blog and email system. The notification stated that “updates@ethereum.org” has been compromised and users should ignore previous phishing emails and avoid using any suspicious links or attachments.
The Ethereum Foundation has advised members of its community to double-check the authenticity of any messages that claim to come from the Foundation. Users are advised to verify messages by contacting the organization directly through its official channels or by monitoring official social media channels and the Foundation's website for updates.
Additionally, the community is strongly encouraged to report any suspicious activity or emails purporting to be from the Foundation. This will help limit the spread of phishing attempts and assist with ongoing investigations.
At the time of publication, ETH was trading at $3,395.
You can also subscribe to the blog. Here we will publish new articles, videos and other materials that will help you earn money.