Fraudulent Lido staking scam promoted through Ethereum Foundations compromised email

The email account of the Ethereum Foundation was hacked, resulting in a scam disguised as a Lido staking scheme being promoted. On June 23, the Foundation announced that its official email account had been compromised. The hackers used the email address [email protected] to send scam emails to 35,794 recipients. The fraudulent email claimed that the Ethereum Foundation had partnered with LidoDAO and was offering a 6.8% yield on staked Ether, Wrapped Ether, or Ether ETH deposits. It also stated that the staking service would be protected and verified by the Ethereum Foundation. The email included a “Begin Staking” button that redirected users to a fake website created by the attackers. This website, called “Staking Launchpad,” had a crypto drainer running in the background and appeared to be professionally designed. If users clicked on the “Stake” button and approved the transaction in their wallet, all their funds would be drained. However, the Ethereum Foundation regained control of the compromised email address and confirmed that no funds were lost during the attack. The hacker also uploaded a database containing email addresses that were not part of the Foundation’s subscriber list, resulting in several non-subscribers receiving the scam email. The Foundation estimated that the attack compromised the email addresses of 81 subscribers. The Foundation has reached out to wallet providers, blacklists, and DNS provider Cloudflare to warn users about the malicious website. This incident is another example of phishing schemes targeting the cryptocurrency industry through email.