HomesecurityThe breach in Celsius led to a phishing attack

The breach in Celsius led to a phishing attack

The cryptocurrency reward platform Celsius Network has cracked down on security breaches that reveal customer information that led to a phishing attack.


Today, Celsius CEO Alex Mashinsky stated that Celsius' third-party marketing server had been compromised and that threatening agents had gained access to a list of Celsius customers.

See also: MacKenzie Scott Foundation: Phishing campaign reaches thousands of inboxes

After gaining access to the customer list, the threatening agents impersonated Celsius Networks in phishing texts and emails promoting a new Celsius Web Wallet. As an incentive to get people to visit the site, the text stated that Celsius is offering $ 500 in CEL cryptocurrency if they create a wallet and enter a special promo code.

After clicking, users were redirected to the phishing site celsiuswallet [.] Network, which is now down, where visitors were asked to create a Celsius Web Wallet.

See also: Phishing attacks use fake COVID-19 vaccine searches to steal personal information

In the phase of creating the fake profile, the site asked visitors to link their other online wallets and enter the recovery phrases of these wallets. Once given this general phrase, threatening agents can enter your wallet and steal any cryptocurrency in it.

VirusTotal indicates that the phishing domain celsiuswallet [.] Network originally had a DNS SOA record indicating that it was registered to Njalla.

See also: Brazil: First in phishing attacks. Which countries follow?

Njalla is a registrar based in Sweden and is the favorite of some well known hacking groups like Fancy Bear and Cozy Bear.

Source of information:


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.