close
close

Crypto companies on alert after Tether CEO Paolo Ardoino warns of email list breach

Paolo Ardoino, CEO of stablecoin issuer Tether, warned on June 5 of a possible security breach at an unnamed crypto mailing list provider.

In a post on social media platform X (formerly Twitter), Ardoino said his company had received two independent confirmations suggesting that a well-known vendor responsible for managing mailing lists for crypto companies may have been compromised.

Although Ardoino did not provide specific details about the breach, he hinted that it could be a supply chain attack targeting the crypto industry. A supply chain attack is a type of cyberattack that exploits third-party services or tools that the attacked entity or individual relies on and serves as an indirect means of infiltration.

Ardoino warned users to be cautious of emails promising crypto airdrops within the last 24 hours as they could be part of the attack.

Following Ardoino’s warning, several crypto companies immediately warned their users about the potential danger of phishing links that could be contained in the emails.

Coingecko warns community

Bobby Ong, co-founder and COO of CoinGecko, confirmed the ongoing supply chain email attack involving an email newsletter provider and stated that several crypto companies may have been affected by mass emails promoting the launch of fake tokens.

Ong advised users not to click on any links related to a fraudulent CoinGecko token as the platform has no plans for such a launch. He added:

“We at CoinGecko may have been impacted and are actively working with our vendor to further investigate the extent of this breach. We have seen phishing emails sent from CoinGecko from other customer accounts. There is no CoinGecko token planned, so do not be fooled by the phishing emails.”

CoinGecko has also posted an official warning on its social media account, clarifying that it is a neutral entity with no officially issued coins or tokens, and advising users to be cautious of phishing links claiming to offer a “CGL token airdrop.”

Mentioned in this article