In the weeks prior, mysterious reports of users receiving personalised phishing emails started to appear on the official r/Gemini subreddit. Redditor u/DaveJonesBones said in a thread from November that he had received a targeted phishing email from an address that was only registered on Gemini:
This is being reported to our security staff. We appreciate you telling us.
Gemini is hacked. In another post with the same subject. From two weeks previously, u/Exit 127 reported they received a phishing email from a MetaMask imposter about the need to “sync my wallet owing to the merge.” Gemini user data is being exploited for sophisticated phishing attempts. Additionally, the user asserted, “I use email aliases so that each online account is associated with a certain email. The email address used by and solely for my Gemini account was targeted by this phishing effort.
“It utilised Opensea branding to promote a Cyberbroker NFT dump. I believe I received one last month as well, but I didn’t read it. I overcame today because I expressly chose not to receive any more marketing emails from Gemini.
A Gemini representative then answered:
Gemini was allegedly previously aware of the hack, according to a thread by user u/Opfu from the previous week. According to u/Opfu:
“The same thing also occurred to me. Undoubtedly a phishing effort, the email. I couldn’t understand how Exodus obtained my Gemini email address either, so I was aware that something must have been corrupted at some point.
I recently received an email stating that a user from Bermuda has linked my Exodus wallet to the Binance exchange (phishing of course). At Gemini, I just use that specific email address. Gemini acknowledged a vulnerability at a third-party vendor after I questioned them. Customer phone numbers and emails. They expressed gratitude for the feedback when I enquired as to whether they intended to educate users.
A different user commented:
All cash and customer accounts are secure, according to Gemini, which stated in a statement that “no Gemini account information or systems were touched as a result of this third-party incident.” As a result of the third-party breach, it also issued a warning about “increasing phishing campaigns.” The date of the security incident was not mentioned in the blog article. Cointelegraph contacted a Gemini spokesperson before the article was published, but they would not respond.
- Crypto users assert Much sooner than initially stated, Gemini emails leaked
- Check all news and articles from the latest Business news updates.