- June 8, 2024
- Posted by: [email protected]
- Category:
Cryptocurrency data aggregator CoinGecko has confirmed a significant data breach involving its third-party email platform, GetResponse. This breach exposed over 23,000 users to phishing emails, coinciding with a new wave of crypto airdrop scams that have been reported to affect CoinGecko users.
On June 7th, CoinGecko announced that GetResponse had suffered a data breach on June 5th, which allowed attackers to export the contact information of over 1.9 million users. The breach was traced back to a compromised employee email account at GetResponse. In a statement, CoinGecko explained, “An attacker had compromised a GetResponse employee’s account, leading to a breach. We received confirmation from the GetResponse team on June 6, 2024, at 11:58 AM UTC, that a data breach had occurred.”
The compromised data includes users’ names, email addresses, IP addresses, and email open locations. Additionally, metadata such as sign-up dates and subscription plans were exposed. Despite these breaches, CoinGecko assured its users that their accounts and passwords remain secure and uncompromised.
Even though CoinGecko’s primary email domain was not compromised, the attackers still managed to send 23,723 phishing emails. These phishing attempts included address poisoning scams, which aim to deceive investors into sending funds to fraudulent addresses that closely resemble legitimate ones they have previously interacted with.
In response to the breach, CoinGecko provided several steps for users to take to protect themselves from potential scams. They advised users to avoid unfamiliar or misleading domains, refrain from clicking on links or downloading attachments from unsolicited sources, and be wary of token airdrop offerings, which are often used as a lure in such scams.
The breach underscores a growing trend in cryptocurrency-related hacks that exploit leaks of private keys and personal data. Attackers are increasingly targeting these vulnerabilities instead of attempting to breach more complex security protocols. According to Merkle Science’s 2024 HackHub report, over 55% of hacked digital assets in 2023 were lost due to private key leaks.
This incident is part of a broader rise in scam tactics leveraging artificial intelligence (AI), heralding a new era of cyber threats. These tactics include deepfake scams, state-sponsored attacks, and other sophisticated illicit activities. Deepfake videos frequently exploit the likeness of influential figures to promote fraudulent investment schemes, falsely implying that the project has legitimate or official backing.
One recent example involved over 35 YouTube channels live-streaming a Space X launch using an AI-generated voice to impersonate Elon Musk. The scheme instructed viewers to send Bitcoin or Ethereum to an address with the promise of receiving double the amount back, falsely claiming, “This is not a fake, this is a real giveaway. I personally guarantee it to you.”
There have also been instances of fake technology being used to impersonate high-level executives during online meetings. This technique exploits the authority of these figures to potentially authorize large transactions, impacting both the corporate and cryptocurrency sectors.
The increasing sophistication of these cyber threats underscores the need for heightened vigilance and robust security measures. As cryptocurrency becomes more integrated into mainstream finance, the potential for such breaches and scams is likely to grow, making proactive defense strategies crucial for both companies and individuals.
