BlockFi users targeted in ‘racist and vulgar’ email attack


This week’s temporary closure of registrations for the crypto lending and borrowing application BlockFi has been because of an attack by a “malicious actor” according to Forbes.

According to company employees, a single attacker initiated the process of registering more than 1,000 fake accounts on March 7, using email addresses belonging to real users.

The attacker entered “vulgar and racist” terms as the first and last name for the fake accounts, which resulted in around 500 emails containing offensive language being automatically sent before BlockFi detected the issue and does not completely interrupt registrations.

“I am the furthest thing from a crypto investor”, tweeted Philadelphia-based reporter Sara Sheridan in all caps on March 8. “I never even heard of BlockFi until I got an email addressed to me as a racial insult.”

Zac Prince, CEO of BlockFi, initially described the attack as a “technical issue with the new account enrollment workflow” before exposing the full significance of what happened in today’s Forbes article.

A similar attack was reported by the FTX crypto derivatives exchange last month. The attackers managed to trick the flow of Blockfolio’s Signal app, a product acquired by FTX in August 2020, by displaying racist messages. FTX CEO Sam Bankman-Fried believes the attack was carried out by a competitor.

Some BlockFi customers reported not be able to access the company’s website as a result of a maintenance period that ended earlier today, March 7, but the case may not be related to the attack.

BlockFi visitors website are currently receiving a message that even though registration remains closed, pre-existing BlockFi customers continue to have full access to the platform.

The Attack BlockFi’s troubles come at a critical time for the three-year-old company as it is currently trying to close a funding round that will take its valuation to approx. $ 3 billion. The crypto asset lender has so far attracted more than $ 100 million in venture capital, including contributions from Coinbase Ventures and Winklevoss Capital.

As of May 2020, BlockFi suffered a data breach in which the full names, addresses and dates of birth of customers have been compromised.

Leave A Reply

Your email address will not be published.