Tether CEO Alerts: Email Newsletter Provider for Crypto Companies Might Be Compromised

Paolo Ardoino, CEO of Tether, has issued a warning about a possible security breach involving a prominent email vendor frequently used by cryptocurrency companies.

CoinGecko’s co-founder and COO, Bobby Ong, supported the caution, noting that the cryptocurrency data platform’s newsletter service might also be affected.

Email Vendor Compromise

In a post on X, Ardoino stated that they had received two independent confirmations indicating that a prominent vendor commonly used by crypto companies to manage mailing lists might have been compromised.

We received now 2 independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.

Not making names yet until investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24h…

— Paolo Ardoino 🤖🍐 (@paoloardoino) June 5, 2024

He added that they are not disclosing the vendor’s name until the investigation is complete, but advised caution regarding any emails suggesting crypto-airdrops received in the past 24 hours.

CoinGecko’s co-founder and COO, Bobby Ong, corroborated the warning in a public service announcement on X. He alerted the community to an ongoing supply chain email breach attack, indicating a potential impact on CoinGecko’s newsletter service. Ong emphasized the broader implications, noting that various crypto companies could be affected by email blasts promoting fraudulent token launches.

PSA: There is an ongoing supply chain email breach attack happening with an email newsletter vendor right now. Several crypto companies may be affected via email blasts of fake token launches. Be careful with email newsletters in the coming days.

We at CoinGecko may be…

— Bobby Ong (@bobbyong) June 5, 2024

Email Phishing Threats

Email-related security breaches are not new to the crypto industry. Last year, blockchain-based metaverse company The Sandbox reported a similar incident where a security breach led to an email phishing campaign. The breach allowed unauthorized access to email addresses, which were then targeted with phishing messages falsely claiming to be from the project itself.

The Sandbox claimed that an unauthorized third party gained access to an employee’s computer and used the obtained information to send the fake emails. Other prominent crypto firms, including Nansen, Celsius, OpenSea, and Ledger, have also experienced similar exploits in recent years.

Phishing is a technique used by hackers to lure a victim into clicking on a malicious link sent via emails or messages that appear to be from trusted companies. The goal is to trick individuals into disclosing personal information, like passwords and credit card numbers.

As investigations continue, both Tether and CoinGecko have advised users to exercise heightened caution with email communications, especially those promising crypto-airdrops or new token launches.