Bitcoin.com is aware that an unauthorized party recently sent fraudulent emails through our third-party email service. We identified the breach, revoked access, secured our systems, and contacted affected Bitcoin.com users directly. All user funds are safe.
What happened
An attacker illegally gained access to our email service and used it to send phishing emails impersonating Bitcoin.com. These emails falsely claim that Bitcoin.com is merging with companies like Trust Wallet or Gemini and ask recipients to migrate their accounts. They use high-pressure tactics, including fake airdrop offers, to create urgency. These claims are completely false. Bitcoin.com has not merged with any company. No user accounts are being migrated. Bitcoin.com will never ask for seed phrases, private keys, or offer unsolicited airdrops that require account migration.
The attacker is targeting a set of leaked email addresses and we have identified the Bitcoin.com users who were included and notified them.
what are we doing
We have reached out to Bitcoin.com users who were directly affected. We revoked the attacker’s access and secured our email infrastructure. We are working with third-party security companies to investigate the full scope of this incident and prevent future incidents. We will continue to provide updates as our investigation progresses.
User funds are safe
Bitcoin.com is a self-custodial wallet. Users’ private keys are stored locally on each user’s device and were not affected by this incident. No wallet infrastructure was compromised.
What to do if you receive one of these emails
Do not click on any links in emails that claim Bitcoin.com is merging, migrating accounts, or offering airdrops. Do not enter your seed phrase or private keys anywhere, for any reason. Beware of unsolicited crypto emails that use urgent language or airdrop incentives. If you’ve already clicked on a link or shared your recovery phrase, move your funds to a new wallet immediately and contact our support team at support.bitcoin.com.
The attacker will be able to continue contacting people by other means. Please stay tuned.
General security best practices
This is a good reminder to review your personal safety habits. Here are some steps every crypto user should follow:
Protect your recovery phrase. Your 12-word recovery phrase is the master key to your funds. Write it down physically and keep it somewhere safe, never digitally, never in screenshots, and never share it with anyone. More information: Don’t share your 12-word recovery quotes.
Enable app security features. Enable app blocking and spending authentication in your Bitcoin.com wallet settings. This adds a layer of protection even if someone gains physical access to your device. More information: Bitcoin.com Wallet App Security Features
Know how to spot scams. Be skeptical of unsolicited messages, whether via email, social media, or messaging apps, that ask you to send cryptocurrency, click on links, or share personal information. More information: bitcoin scams
Check if your email has been compromised. If your email address has appeared in known data breaches, you may be a target for phishing.
For a complete overview of how to keep your crypto secure, check out our guide: Cryptocurrency security.
Bitcoin.com will never ask users for their private keys or recovery phrases.
He Bitcoin.com Equipment
Unauthorized emails impersonating Bitcoin.com were originally posted on Bitcoin.com on Medium, where people are continuing the conversation by highlighting and responding to this story.
