The cryptocurrency reward platform Celsius Network has cracked down on security breaches that reveal customer information that led to a phishing attack.
Today, Celsius CEO Alex Mashinsky stated that Celsius' third-party marketing server had been compromised and that threatening agents had gained access to a list of Celsius customers.
After gaining access to the customer list, the threatening agents impersonated Celsius Networks in phishing texts and emails promoting a new Celsius Web Wallet. As an incentive to get people to visit the site, the text stated that Celsius is offering $ 500 in CEL cryptocurrency if they create a wallet and enter a special promo code.
After clicking, users were redirected to the phishing site celsiuswallet [.] Network, which is now down, where visitors were asked to create a Celsius Web Wallet.
In the phase of creating the fake profile, the site asked visitors to link their other online wallets and enter the recovery phrases of these wallets. Once given this general phrase, threatening agents can enter your wallet and steal any cryptocurrency in it.
VirusTotal indicates that the phishing domain celsiuswallet [.] Network originally had a DNS SOA record indicating that it was registered to Njalla.
Source of information: bleepingcomputer.com