Email server breach sees Celsians targeted by phishing attacks

Published at: April 16, 2021

Crypto asset lending platform, Celsius Network, has revealed an email server breach that resulted in malicious phishing links being sent to customers.

An April 15 announcement notes that some of Celsius’ customers have been receiving emails and SMS messages directing them to a malicious website impersonating the Celsius platform. The messages claim the link would direct them to a new web wallet from Celsius, purporting to offer $500 to users who create a wallet using the link.

Celsius asserts the phishing links were sent after “an unauthorized party managed to gain access to a back-up third-party email distribution system which had connections to a partial customer email list” — allowing the malicious actors to target users with the phishing attempt.

If accessed, the fraudulent link prompts users to provide the seed phrase to their personal wallet, enablinge hackers to drain their funds.

While the team asserts it was able to react quickly and minimize the impacts to its users, a thread on Reddit suggests at least $300,000 worth of crypto has been stolen from Celsius’ customers, with one forum-goer, “VaporFye,” claiming to has lost 20 Ether ($50,000) to the scammer.

Celsius CEO and founder, Alex Mashinksy, sought to assure the community that “Celsius remains fully secure” and its systems “have not been breached in any way.”

“Customer funds and sensitive data are safe within our back-end systems, and our security team has done an incredible job to identify the situation and very quickly notify the Celsius community with extreme urgency on the steps and precautions to be followed.”

The announcement notes that Celsius’ team is still actively investigating how the unauthorized actor was able to access its third-party email system.

“We know that customers who had not registered an email or phone number with Celsius also received fraudulent messages to these contact details, thus we believe the data was collected from external data sources,” the post added.

The email breach occurred the day after Celsius’ native CEL token was listed for trading on major exchange OKEx.

Despite the incident, the price of CEL is up nearly 1% in the past 24 hours and has gained 50% in the past fortnight. Cel last changed hands for $7.03, according to CoinGecko.

Tags
Altcoin
Phishing
Security
Related Posts
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
CipherTrace warns of surge in funds lost to MetaMask phishers
Cyber Security firm CipherTrace has issued a warning after noting a surge in reports over the past 24 hours of user funds being stolen by a malicious Chrome browser extension posing as popular crypto wallet MetaMask. The warning was issued under the headline, “ALERT: Malicious Crypto Browser Extension — Masked MetaMask” and reported the company had seen “an uptick of alerts and comments within the online cryptocurrency community of users’ funds being stolen.” In response to online criticism that MetaMask is not doing enough to steer its users away from potentially harmful websites and downloads, MetaMask’s chief product officer Jacob …
Ethereum / Dec. 3, 2020
Government Sites in India Among Prime Targets for Cryptojacking, Research Shows
Official government websites have become a prime target for cryptojacking in India, The Economic Times (ET) reports today, September 17. Cryptojacking is the practice of infecting a target with malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. New research from cybersecurity analysts reportedly reveals that widely trusted government websites – including those of the director of the municipal administration of Andhra Pradesh, Tirupati Municipal Corporation and Macherla municipality – have become the latest to be exploited by the practice. Security Researcher Indrajeet Bhuyan told ET that: “Hackers target government websites for …
Altcoin / Sept. 17, 2018
Crypto Wallets Security: Explained
My wallet has been hacked. Help! Since it’s already happened there is not much you can do. Imagine that you’re entering your wallet and seeing no coins and several transactions to unfamiliar addresses. That likely means you’ve been hacked. Due to the anonymous nature of cryptocurrency ‘ownership’ is determined by whoever holds the codes for it. So if it’s gone - in majority cases - it’s gone. You may track the address of the last wallet but it will give you nothing. Notify the company - it's possible you are not the only one - and review your wallet and …
Blockchain / July 15, 2018
Coinhive Code Found On 300+ Websites Worldwide In Recent Cryptojacking Campaign
The Coinhive crypto mining code has been recently detected on more than 300 government and university websites worldwide, cyber security researcher Troy Mursch reported Saturday, May 5. According to the report, all the affected websites are using a vulnerable version of the Drupal content management system. As the researcher posted on Twitter May 4, he was alerted to this particular campaign via the attack on the websites of the San Diego Zoo, and the government of Chihuahua, Mexico. Both websites reportedly had Coinhive injected into their Javascript libraries in the same way. Coinhive is a JavaScript program created to mine …
United States / May 8, 2018