Ethereum Foundation Suffers Phishing Attack, No Funds Lost

In a recent security incident, the Ethereum Foundation confirmed a phishing attack on its blog mailing list that affected over 35,000 email addresses. On June 23rd, 2024, a malicious email containing a link to a crypto-draining website was sent from the Foundation’s official email address.

Fortunately, due to swift action by the Ethereum internal security team and collaboration with external partners, it appears no funds were lost during this campaign.

Image: Ethereum

The investigation revealed that the attacker had imported a large email list and exported the blog mailing list containing 3,759 email addresses. However, only 81 of these addresses were new to the attacker, the rest being duplicates. Analysis of on-chain transactions suggests that no victims lost funds due to the swift response and mitigation efforts.

Image: Ethereum

“This website had a crypto drainer running in the background, and if a user initiated their wallet and signed the transaction requested by their website their wallet would have been drained,” reads the security incident notice.

As a proactive measure, the Ethereum Foundation is migrating some mail services to different providers to further reduce the risk of future incidents.

The Ethereum Foundation expressed deep regret for the incident and assured the community that they are working diligently with internal and external security teams to investigate and address the matter comprehensively. This incident serves as a stark reminder of the ever-present threat of phishing attacks, even for well-established organizations like the Ethereum Foundation. Users are reminded to exercise caution with unsolicited emails and links, even if they appear to come from trusted sources.