Users of the now-defunct crypto exchange FTX are being targeted by a potential phishing attack after receiving a reset password request from the exchange’s official customer support email address. According to CoinDesk, the password reset link routes to the FTX claims portal, which allows users to submit bankruptcy claims for assets they held on the platform before its collapse.
Mossab Hussein, co-founder of cybersecurity firm Spidersilk, suggested that the emails could be coming from either FTX itself or a hacker with access to user’s personal email addresses. If the latter is true, the hacker could gain access to a claimant’s account and divert funds to their personal wallet.
On Monday, many FTX users received an email from Kroll, the restructuring administrators of FTX, informing them that the deadline for claims is September 29, 2023. FTX owes roughly $8.1 billion to customers after its implosion last November.
Quotes: It’s either FTX itself sending those emails [to notify them of the claims portal] and giving people a scare. Or, someone has a list of emails and is bruteforce resetting their credentials via the portal.