Blogs
CoinGecko’s Account Compromised in Phishing Attack
Phishing compromised the CoinGecko account on January 10, revealing the escalating cybersecurity risks in the cryptocurrency industry.
CoinGecko, an cryptocurrency data aggregator, experienced a security lapse on January 10 due to a phishing attack that compromised their account. This occurrence highlights the escalating cybersecurity risks faced by the digital finance sector.
Users were misled during the assault by a fraudulent link that claimed to offer an airdrop of CoinGecko tokens. The organization promptly responded by removing the post and notifying users to refrain from interaction with any dubious material.
Our Twitter accounts @CoinGecko and @GeckoTerminal have been compromised. We're taking immediate steps to investigate the situation and secure our accounts.
— CoinGecko (@coingecko) January 10, 2024
Please DO NOT click on any links or engage with suspicious content. Your security is our top priority.
We'll keep you…
Strategies Employed in a Recent SEC Account Breach
Furthermore, this intrusion reflects an analogous occurrence that transpired the day prior involving the account of the U.S. Securities and Exchange Commission (SEC).
Scammers, taking advantage of the absence of two-factor authentication (2FA), disseminated inaccurate information regarding SEC Chair Gary Gensler's approval of Bitcoin spot exchange-traded funds (ETFs), according to investigations into the compromised SEC account. At press time, the SEC had approved the Spot Bitcoin ETF.
Despite being swiftly removed, these misleading articles underscore the intricate methods employed by cybercriminals to manipulate data within the financial industry.
Swap-Card SIM-Intrusions
The cybersecurity community has expressed concern regarding the escalating prevalence of SIM-swap attacks. By assuming the target's identity and obtaining their phone number, imposters can access multiple linked accounts.
Such strategies were apparent in the recent compromise of the account of Vitalik Buterin, co-founder of Ethereum. These incidents underscore the necessity for corporate entities to implement heightened security measures, such as two-factor authentication, in addition to individuals.