Several cryptocurrency companies are reporting an ongoing attack involving an "email supply chain breach". Hackers are using mailing lists to send malicious phishing links to users. The breach targeted an unnamed provider that manages mailing lists for these companies.
Paolo Ardoino, CTO of Bitfinex, and Bobby Ong, founder of CoinGecko, confirmed the incident. "There is an email supply chain breach attack in progress with a newsletter provider," said Ong. "Several cryptocurrency companies could be affected by fake token launch mailings. Please be cautious with email newsletters in the coming days."
Ardoino added: "We have received two independent confirmations that a prominent provider used by crypto-currency companies to manage mailing lists may have been compromised. Be careful of any emails suggesting crypto-airdrops received more than 24 hours ago."
Phishing is a technique used by hackers to trick victims into clicking on a malicious link. This link can either steal the user's personal information, such as login details, or provide access to an online crypto wallet.
For the moment, it is unclear how much, if any, has been stolen via these phishing links. Businesses and users should remain vigilant in the face of these threats.
