A "supply chain email breach attack" that is currently targeting users via compromised newsletter mailing lists has hit several cryptocurrency companies. This breach involves a vendor responsible for managing mailing lists for multiple crypto businesses, although the vendor's identity remains undisclosed.
Bitfinex CTO Paolo Ardoino and CoinGecko founder Bobby Ong have both confirmed the breach. Ardoino warned, "We have received two independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised. Please beware of any emails suggesting crypto-airdrops received more than 24 hours ago."
Phishing attacks, which are designed to trick individuals into clicking on malicious links, are a common tactic used by cybercriminals. These links can steal personal information, such as login credentials, or provide direct access to an individual's online crypto wallet, potentially allowing the attacker to drain its contents.
The extent of the damage caused by this specific phishing campaign remains unclear, including whether any funds have been stolen.