The ethereum Foundation has confirmed a major security breach involving its official email system managed through third-party service provider, SendPulse. Tim Beiko, a leading figure at the ethereum Foundation, x.com/WuBlockchain/status/1805417869980975520″ target=”_blank” rel=”noopener nofollow”>increase alarm on social media platform x, revealing that the “updates@ethereum.org” mailing list had been compromised. This breach has exposed subscribers to phishing attempts designed to mimic official Foundation communications.
ethereum Foundation issues urgent warning about scams
The breach was initially revealed by Tim Beiko, who posted a warning message on He immediately advised against clicking on any links in emails supposedly sent by the Foundation. To help recognize these phishing attempts, Beiko shared an example of a fraudulent email promising an innovative staking platform in collaboration with Lido DAO, falsely offering a 6.8% APY on staked eth variants such as stETH, wETH or eth.
The phishing email crafted by the attackers was sophisticated in approach and presented as a tempting investment opportunity. He mentioned a collaborative effort between the ethereum Foundation and Lido DAO, known for its staking services, to introduce a staking platform backed by “best-in-class security” and “100+ integrations” aimed at improving the staking experience. . By offering high returns and leveraging the reputable names of ethereum and Lido DAO, the email aimed to trick users into clicking on malicious links that could lead to data theft or installation of malware.
After this, Beiko x.com/TimBeiko/status/1804693090944553186″ target=”_blank” rel=”noopener nofollow”>updated the community: “Confirming that we managed to send an update. We should have blocked all external access, but we still confirmed it.” This indicates that the Foundation's IT team had taken steps to regain control of the compromised account and was in the process of validating the security measures implemented to prevent further unauthorized access.
The ethereum Foundation, together with SendPulse, is actively investigating the breach to understand the scope and method of the attack. Initial findings suggest that attackers exploited vulnerabilities within SendPulse's security framework to gain unauthorized access to the email list. This incident highlights potential security flaws in the integration of third-party service providers with critical communication systems.
In response to the breach, the ethereum Foundation issued a rectification notice through its official blog and email system, instructing users to ignore previous phishing emails and avoid interacting with suspicious links or attachments. The rectification email said: “IMPORTANT: updates@ethereum.org compromised. Please ignore previous emails,” clearly instructing the community on how to avoid potential security risks associated with the breach.
The ethereum Foundation has advised members of its community to double-check the authenticity of any communication claiming to be from the Foundation. Users are encouraged to verify messages by contacting the organization directly through its official channels or by following updates on the Foundation's official social media and website.
Additionally, the community is urged to report any suspicious activity or emails that mimic Foundation communications, as this will help reduce the spread of phishing attempts and assist in the ongoing investigation.
At press time, eth was trading at $3,372.
Featured image created with DALL·E, chart from TradingView.com
