The CoinGecko attacker has already sent phishing emails to nearly 24k users in less than 24 hours since the incident.
CoinGecko, a top-tier cryptocurrency data aggregator, has announced that it experienced a major data breach on June 5, 2024. According to the company, the recent data breach happened through its third-party email platform GetResponse.
Reportedly, the attacker gained access to CoinGecko’s customer’s data by compromising a GetResponse employee’s account. However, CoinGecko only got notified of the data breach nearly 24 hours later, thus resulting in unprecedented damage.
With the CoinGecko attacker having exported 1,916,596 customer contacts from GetResponse, already 23,723 emails have received phishing attacks.
“Personal information that was unfortunately compromised in this incident included users’ name (if provided during sign-up), email address, IP address and location of email opens as well as other metadata, such as account sign-up date and subscription plan. CoinGecko user accounts remain secure, and no passwords were compromised,” the announcement noted.
Meanwhile, CoinGecko has notified all impacted users of the data breach and to stay vigilant of any phishing activity. The company indicated that the attacker targeted several web3 firms thus cautioning its customers of possible increased phishing emails.
“Any email claiming to offer token airdrops by CoinGecko or GeckoTerminal are unauthorized emails sent by the attacker. We do NOT have any officially issued coins or tokens,” the company added.
Market Impact of CoinGecko Data Breach
The CoinGecko attack is a stern reminder of the risks that the Web3 industry is constantly faced with daily. With the re-emergence of macro-crypto bullish sentiments, sophisticated Web3 attacks will heighten in the coming years. Moreover, well-organized attackers get to compromise poorly designed smart contracts and siphon users’ cash via crypto mixers.
The fact that Web3 attackers can easily compromise CoinGecko, a reputable firm that has been in the industry for years, is a stern reminder that no one is immune. Already, Web3 attackers have been identified to be working closely with insiders to enable the attacks seamlessly.
Amid the ongoing crypto bull run, it is prudent for every web3 investor to thoroughly conduct due diligence, especially on smart contracts. In addition to legacy attacks that steal users’ data, web3 users are also prone to rug pulls, which are exit scams.
The CoinGecko attack was initially reported by Tether CEO Paolo Ardoino, who cautioned crypto investors of any emails suggesting airdrops.
We received now 2 independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.
Not making names yet until investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24h…
— Paolo Ardoino 🤖🍐 (@paoloardoino) June 5, 2024
Bigger Picture
The fact that the crypto industry is regulated differently in every global jurisdiction has given attackers gaps to exploit in the recent past. For instance, crypto mixers such as Tornado Cash are still operational in most jurisdictions apart from the United States and a few other countries.
The lack of proper encryption infrastructure in most web3 projects has enabled sophisticated attackers to easily siphon users’ funds.
next