Update June 5, 12:00 pm UTC: This article has been updated to include quotes from Cyvers.
Cryptocurrency users should exercise extreme caution, as a prominent industry leader warns of a potential new wave of crypto airdrop scam emails.
A prominent email list management provider widely used by crypto firms was allegedly compromised in a data breach, according to Paolo Ardoino, the CEO of Tether.
Ardoino warned his 234,000 followers in a June 5 X post:
“We received now 2 independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.”
While Tether’s CEO has not disclosed the name of the breached company, he promised more details after the completion of the investigation:
“Not making names yet until investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24 hours ago.”
Cointelegraph has approached Tether for comment.
To safeguard from phishing emails, users should double-check the authenticity of the email and make sure they have two-factor authentication (2FA) on crypto platforms, according to Hakan Unal, senior blockchain scientist at on-chain security firm Cyvers. He told Cointelegraph:
“The immediate concern is the risk posed to individuals who might receive these compromised emails. To stay safe, users should verify the authenticity of such emails and enable multifactor authentication on all crypto accounts.”
Related: Bitcoin price at $72K is the ‘fuse’ to reach new ATH — Analyst
Supply chain email breach confirmed by CoinGecko co-founder
Minutes after Ardoino’s initial warning, the attack was confirmed by a third company, namely cryptocurrency tracking site CoinGecko.
The breach has affected a crypto email newsletter vendor used by several companies, according to Bobby Ong, the co-founder and chief operating officer of CoinGecko.
Ong warned users that CoinGecko was potentially affected, according to a June 5 X post:
“We at CoinGecko may be potentially affected and are actively working with our vendor to investigate further to determine the extent of this breach. We have seen phishing CoinGecko emails being sent from other client accounts. There is no CoinGecko token being planned so don’t be duped by the phishing emails.”
Ong warned users not to click on any links related to a fraudulent CoinGecko token — which is not being planned — nor any emails promising new token launches.
Related: Roaring Kitty’s $300M GME position sparks market manipulation claims
Crypto scams and hacks remain a major industry concern
Crypto scams and hacks remain one of the most pressing concerns of the cryptocurrency industry.
Over $574 million worth of digital assets were lost across 30 individual crypto hacks during the month of May 2024, according to a June 1 X post by PeckShield.
The $574 million represents an approximate month-over-month increase of 666% from the $385 million lost to crypto hacks in April.
Magazine: Caitlyn Jenner meme coin ‘mastermind’s’ celebrity price list leaked