CoinGecko attackers had already sent phishing emails to approximately 24,000 users within 24 hours of the incident.
CoinGecko, a leading cryptocurrency data aggregator, announced that a massive data breach occurred on June 5, 2024. According to the company, the latest data breach occurred through GetResponse, a third-party email platform.
According to reports, attackers were able to access CoinGecko customers’ data by compromising the accounts of GetResponse employees. However, CoinGecko was notified of the data breach almost 24 hours later, causing unprecedented damage.
CoinGecko attackers exported 1,916,596 customer contacts from GetResponse, resulting in 23,723 emails already being phished.
“Unfortunately, the personal information compromised in this incident included username (if provided during sign-up), email address, IP address, email opening location, as well as other metadata such as account sign-up date and subscription plan. “CoinGecko user accounts remain secure and passwords have not been compromised,” the release said.
Meanwhile, CoinGecko has notified all affected users of the data breach and warned them to be on the lookout for phishing activity. The company said attackers were targeting several web3 companies, warning customers of a possible increase in phishing emails.
“Any emails claiming to offer token airdrops from CoinGecko or GeckoTerminal are unauthorized emails from attackers. “There are no officially issued coins or tokens,” the company added.
CoinGecko Data Breach Impact on Markets
The CoinGecko attack is a stark reminder of the risks the Web3 industry continues to face every day. The resurgence of bullish macro cryptocurrency sentiment will likely lead to an increase in sophisticated Web3 attacks in the coming years. Moreover, well-organized attackers compromise poorly designed smart contracts and siphon off users’ cash through crypto mixers.
The fact that Web3 attackers were able to easily compromise CoinGecko, a reputable company that has been in the industry for years, is a stark reminder that no one is immune. Web3 attackers have already been confirmed to be working closely with insiders to facilitate their attacks.
Amid the ongoing cryptocurrency bull run, it would be wise for all web3 investors to conduct thorough due diligence, especially when it comes to smart contracts. In addition to legacy attacks that steal users’ data, web3 users are vulnerable to Rug Pulls, an exit scam.
The CoinGecko attack was initially reported by Tether CEO Paolo Ardoino, who alerted cryptocurrency investors to an email offering an airdrop.
We now have two independent confirmations that a popular vendor used by cryptocurrency companies to manage their mailing lists may have been compromised.
They are not yet naming names until the investigation is complete, but watch out for emails offering cryptocurrency airdrops received after 24 hours.
— Paolo Ardoino 🤖🍐 (@paoloardoino) June 5, 2024
bigger picture
The fact that the cryptocurrency industry is regulated differently in every jurisdiction around the world has recently created gaps that attackers can exploit. For example, crypto mixers like Tornado Cash still operate in most jurisdictions except the United States and a few other countries.
Most web3 projects lacked proper encryption infrastructure, making it easy for sophisticated attackers to steal users’ funds.
next