Newsletter Breach Hits Crypto Firms

Reading Time: 2 minutes
  • Several crypto firms have reported a breach at an email newsletter provider
  • Coingecko and Bitfinex heads have warned recipients about potential phishing emails
  • The hack has seemingly targeted the crypto industry, similar to the Trezor-Mailchimp breach

Several crypto firms have reported that a breach at an email newsletter provider may result in an increase in scamming attempts aimed at registrants. The heads of Coingecko and Bitfinex are among those who have warned newsletter recipients to be on the lookout for an increase in phishing emails, with the hack seemingly targeted at the crypto industry. The warning comes two years after Trezor’s newsletter provider, Mailchimp, was compromised for the same ends.

Warning Over Emails

Coingecko’s co-founder and COO Bobby Ong took to X to warn of an “ongoing supply chain email breach attack” which could result in “email blasts of fake token launches”, noting that Coingecko was one of several affected:

Bitfinex and Tether boss Paolo Ardiono added that Bitfinex was also among the victims, confirming that his companies had received multiple independent confirmations that a “prominent vendor used by crypto companies to manage mailing lists might have been compromised”:

Anyone signed up to such mailing lists should therefore treat any coming over the next few weeks with extreme caution and not believe any airdrops of offers of free tokens.

Reminiscent of Trezor Breach

The situation is reminiscent of what happened with Trezor in 2022 when its newsletter was compromised. This was another occasion where hackers deliberately targeted the crypto community in the hope of stealing funds from users.

There were no confirmed reports of anyone losing funds to the attack, which was put down to “an insider targeting crypto companies” who worked for Mailchimp, and it is impossible to rule out something similar at this stage.

Share