Crypto Con: PoisonSeed Phishing Scam Drains $46M from Coinbase Users
The PoisonSeed phishing campaign is targeting cryptocurrency owners by distributing crypto seed phrases to steal assets. By exploiting CRM and bulk email providers like Mailchimp and SendGrid, attackers trick users into transferring funds. These phishing emails, disguised as Coinbase alerts, have already caused significant financial losses.
Hot Take:
**_Well, it looks like the crypto world just got a new villain—PoisonSeed. Who knew seed phrases could be as treacherous as poison ivy? This campaign is giving new meaning to “growing your assets,” but unfortunately, it’s the scammers who are reaping the harvest. Remember, folks, if someone offers you free seed phrases, it’s not a gift—it’s a trap!_**
Key Points:
– PoisonSeed is a phishing campaign targeting CRM and bulk email providers to reach cryptocurrency owners.
– The campaign uses security seed phrases to access victims’ wallets and steal cryptocurrency.
– Attackers have primarily targeted Coinbase and Ledger users, resulting in $46 million in losses.
– PoisonSeed has connections to existing phishing operations but is considered a unique threat.
– The campaign involves compromised accounts and phishing kits like CryptoChameleon.