Cybercriminals hack Ethereum online forum passwords

The platform immediately launched a thorough investigation to determine the origin, nature, and scope of this incident. Apparently the information that was accessed is a database backup from April 2016 and contained information about 16.5k forum users. The attacker used social engineering to gain access to a mobile phone number that allowed them to gain access to other accounts, one of which had access to an old database backup from the forum.

Furthermore, leaked information includes messages, both public and private, IP-addresses, username and email addresses, profile information and hashed passwords. Forum users whose information may have been compromised by the leak will be receiving an email with additional information. Also, Ethereum has closed the unauthorized access points involved in the leak and is enforcing stricter security guidelines internally such as removing the recovery phone numbers from accounts and using encryption for sensitive data.

Surprisingly, the cybercriminals self-disclosed that they are the same who recently hacked Bo Shen, the founder of venture capital company Fenbushi Capital, who has been hacked and at least USD 300,000 in Augur and Ether cryptocurrency have been stolen.