On June 23, the Ethereum Foundation's "update" account was hacked and used in a phishing attack, the foundation's blog reports. 35,794 scam emails were sent, but no one seemed to have lost any cryptocurrency. However, the email addresses of 81 subscribers may have been exposed to the attacker. 📧
The emails falsely claimed that the Ethereum Foundation was partnering with LidoDAO to offer 6.8% returns on Ether (ETH) staking. Users who clicked the "Start Staking" button were redirected to a malicious website.
The Ethereum Foundation blocked the attacker from sending more emails and notified various blacklists, Web3 wallet providers, and Cloudfare so that users could receive warnings if they tried to navigate to a malicious site.