A huge number of Ether (ETH) investors were targeted in a phishing campaign directing users to a crypto-draining site, the cryptocurrency issuing company Ethereum said in a blog post.
The threat actor used an email address list of their own, combined with one exported from the company’s blog mailing list, to send fabricated offers to users.
“On 2024-06-23, 00:19 AM UTC, a phishing email was sent out to 35,794 email addresses by updates@blog.ethereum.org,” Ethereum said. “The threat actor exported the blog mailing list email addresses, which was a total of 3759 email addresses.”