Tether CEO Paolo Ardoino warned that an undisclosed but prominent email newsletter vendor used by crypto companies may be compromised.
“We received now two independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised,” Ardoino posted to X, suggesting it was a likely supply chain attack toward the crypto industry. “Not making names yet until investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24h ago.”
CoinGecko co-founder and COO Bobby Ong appeared to confirm the warning minutes later, claiming several crypto firms may be affected by email blasts of fake token launches via their accounts, urging the community to be careful in interacting with crypto newsletters in the coming days.
“We at CoinGecko may be potentially affected and are actively working with our vendor to investigate further to determine the extent of this breach,” Ong said. “We have seen phishing CoinGecko emails being sent from other client accounts. There is no CoinGecko token being planned so don't be duped by the phishing emails.”
Email-related breaches are not new to the crypto industry, with blockchain-based metaverse company The Sandbox warning users of a security breach used for an email phishing campaign last year. Nansen, Celsius, OpenSea and Ledger are also among crypto firms hit by similar exploits in recent years.