Scammers impersonating the Celsius Network convinced users to enter the seed phrase for their crypto wallet on a fake website
Celsius Network, the democratised interest income and crypto-assets lending platform, revealed yesterday that an email server associated with the company had been breached, leading to customers receiving malicious phishing links and many losing funds.
In a notice acknowledging the incident, Celsius stated that the company was informed of some customers receiving SMS and email messages that claimed to be official communication from Celsius and were linked to a fraudulent website impersonating the platform.
The messages directed customers to a link that prompted them to enable a new web wallet from Celsius. It also promised a $500 reward to users who created a wallet using that link. This led recipients to enter sensitive information, the company explained.
The breach occurred as an unauthorised party gained access to a backup third-party email distribution system that had a partial customer email list.
The intent of the phishing attack was to convince recipients that the fraudulent email was from Celsius and convince them to transfer cryptocurrency from their non-Celsius wallet to the wallet they were prompted to create on the fake website. This was done by asking users to enter the seed phrase to the non-Celsius wallet on the fake Celsius website.
The company further reassured that it was investigating the incident and working with its vendors to see if any third-party platforms have been vulnerable to any related incidents. However, it suspects the data was accessed through an unknown external source as many non-Celsius customers also received the email.
While the company continues to assert that the incident was identified quickly and minimal impact had been borne by the users, a Reddit thread reports that over $300,000 worth of crypto has been stolen from Celsius customers. A particular user who goes by the name ‘VaporFye’ claimed that he had lost 20ETH, worth about $50,000, due to the scam.
Alex Mashinksy, the CEO and founder of Celsius, assured the community that the platform remains fully secure and its systems have not suffered a breach.
“Customer funds and sensitive data are safe within our back-end systems, and our security team has done an incredible job to identify the situation and very quickly notify the Celsius community with extreme urgency on the steps and precautions to be followed,” he said.
The incident occurred only a day after Celsuis’ native token CEL was listed for trading on OKEx. However, the price of CEL has continued to rise in the last 24 hours, despite the email breach.
