Ethereum Foundation's Tim Beiko has confirmed that the company's official email was hacked and multiple messages were sent to mailing list subscribers. According to WuBlockchain, hackers got access via SendPulse. For now, users should avoid clicking any kind of links they consider suspicious in the future.
Several suspicious emails sent from the official updates@ethereum.org address led to the discovery of the hack. These emails were found to be fraudulent and to have malicious links that could harm recipients if they clicked on them.
Tim Beiko alerted the public on X, warning them to exercise caution and not to click on any links or open any attachments from the compromised email. The Ethereum Foundation uses SendPulse as their email service provider, which is how the hackers gained access.
The attackers apparently took advantage of SendPulse's security flaws to obtain unauthorized access to the Ethereum Foundation mailing list and distribute phishing emails. Working with SendPulse to fix the problem and secure email correspondence is the Ethereum Foundation's current focus.
To stop it from happening again, they are also looking into the nature of the breach. Beiko posted a sample email to assist users in spotting phishing scams. Although these emails may appear authentic, they contain links that take users to malicious websites that are meant to infect computers with malware or steal personal and financial data.
Always verify the message's content and the sender's email address twice. Before taking any action, get in touch with the organization directly through official channels if something seems off. To receive the most recent information on the breach and security warnings, follow the Ethereum Foundation on social media and on their official website. Email service providers and the Ethereum Foundation should be notified if you receive any suspicious emails. This can aid in stopping the phishing attempts from spreading further.