FTX Users Potentially Targeted in Possible Phishing Attack as Bankruptcy Claims Deadline Nears
FTX users have until Sept. 29 to file their bankruptcy claims.
Several users of bankrupt crypto exchange FTX are being targeted by a potential phishing attack after being sent a "reset password" request from the exchange's official customer support email.
The email, which has been reviewed and verified by CoinDesk, was sent by support@ftx.com - the official email address before the exchange collapsed in November.
The password reset link routes to the FTX claims portal that allows users to submit bankruptcy claims for assets they held on the platform before its demise.
Mossab Hussein, co-founder of cybersecurity firm Spidersilk, said the surprising emails can be attributed to one of two options: "It's either FTX itself sending those emails [to notify them of the claims portal] and giving people a scare. Or, someone has "a list" of emails and is bruteforce resetting their credentials via the portal."
If a hacker gained access to user's personal email addresses, they could feasibly gain access to a claimant's account and divert funds to their personal wallet.
FTX spokespersons didn't respond to request for comment immediately.
On Monday, many FTX users received an email from Kroll, the restructuring administrators of FTX, explaining that the deadline for claims is set for September 29, 2023.
FTX owes roughly $8.1 billion to customers after it imploded in a pool of leverage and illiquid tokens last November in an event that ravaged the wider crypto market.
Oliver Knight
Oliver Knight joined CoinDesk as a news reporter in April 2022. Before joining CoinDesk, Knight was the Chief Reporter at Coin Rivet for three years. Having graduated with a journalism degree from Birmingham City University, Knight went on to work at various sports publications before diving into the world of Bitcoin in 2014. He does not have any crypto holdings.