Gemini crypto exchange recently made an announcement this week that its customers have been victimized in a phishing campaign after a group of malicious actors collected their personal credentials by breaching a third-party vendor.
The notification of the attack came to light after multiple posts on hacker forums observed by BleepingComputer offered to sell a database reportedly from the Gemini crypto exchange containing email addresses and phone numbers of 5.7 million customers.
“Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor. This incident led to the collection of Gemini customer email addresses and partial phone numbers...,” reads the advisory published by the crypto exchange. “…No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure.”
The Gemini security team released a short notice in which it described the attack but did not disclose the name of a third-party vendor who suffered an "incident" that allowed unauthorized access to malicious actors.
Because of the breach, customers of the company received phishing emails.
However, as per the analysis of the attack, it has been observed that the mission of the threat actors is unknown. In the short report, the company wrote that the account information and its systems are safe from the attack and that fund and customer accounts "remain secure."
After the attack, the company came back online after seven hours due to scheduled maintenance. "The Gemini Spaceship will undergo scheduled Exchange maintenance on Thursday, December 15th from approximately 10:00 p.m. until Friday, December 16th at 12:30 a.m. ET, and all user interfaces and trading will be unavailable during that time”, a notice on the exchange's status page read.
Gemini advised its customers to use strong authentication methods and two-factor authentication (2FA) and/ or the hardware security keys to protect their networks and systems.