Crypto Lender Celsius suffers a security breach exposing customer data that led to malicious phishing links being sent to customers.
Crypto Lender Celsius suffers a security breach exposing customer data that led to malicious phishing links being sent to customers.
“An unauthorized party managed to gain access to a backup third-party email distribution system which had connections to a partial customer email list, ” reports a Celsius advisory.
According to the announcement on April 15, Celsius customers have received emails and SMS messages directing them to a malicious website impersonating the company's platform.
The message claims the link would direct them to a new web wallet from Celsius offering $500 to users who create a wallet using the link and enter a special promo code.
The fraudsters then impersonated official company communications, asking users to provide their seed phrase. Once this seed phrase is given, the threat actors can import their wallet and steal any cryptocurrency within it.
The company is conducting a full internal investigation on how hackers gained access to the clients' phone numbers, considering the breach occurred with an email management system.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?