430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hackers compromised Ethereum mailing list and launched a crypto draining attack

Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address ‘updates@blog.ethereum.org’ and included a link to a […]

Ethereum phishing

Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds.

Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address ‘updates@blog.ethereum.org’ and included a link to a malicious site running a crypto drainer.

“This website had a crypto drainer running in the background, and if a user initiated their wallet and signed the transaction requested by their website their wallet would have been drained.” reads the incident notice published by Ethereum.

The message was crafted to trick the recipient into visiting a malicious website by announcing a collaboration with Lido DAO and offering a 6.8% annual percentage yield (APY) on staked Ethereum.

Ethereum phishing

The internal security team quickly launched an investigation into the security breach. The team is notifying users via X and email and secured the infrastructure to prevent similar attacks in the future.

The security group also submitted the malicious link to blacklists, resulting in it being blocked by most web3 wallet providers and Cloudflare.

The threat actors sent phishing messages to addresses included in a large email list and 3,759 email addresses exported from the blog mailing list. Among these, 81 were new to the attacker. On-chain transaction analysis indicated that no funds were lost during this specific campaign.

“As we continue working on this incident, we have taken additional measures such as migrating some mail services to other providers, to further help reduce the risk of this happening again.” concludes the notice.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, phishing)