"If you trust emails, you'll get caught"... Former Ripple CTO warns of Robinhood phishing

▲ Hacking. Cryptocurrency transaction/ChatGPT generated image

As the former CTO of Ripple warns of a sophisticated email phishing attack targeting Robinhood users, security risks are coming to the forefront for Robinhood ahead of its first-quarter earnings announcement.

According to crypto-specialized media outlet Coingape on April 27 (local time), David Schwartz, former Chief Technology Officer (CTO) of Ripple, stated that a phishing email attack targeting Robinhood users is underway. He urged users to be careful, explaining that emails appearing to be sent from Robinhood might actually seem to have been sent through Robinhood's real email system.

The examples disclosed by Schwartz included emails in the form of login notifications. These emails presented information such as time, device details, and incident numbers, indicating unrecognized activity on the account. They then included a button to prompt users to confirm the activity. Although it appeared to be a normal security alert, the button was analyzed to lead to a phishing process.

This attack is particularly dangerous because the email authentication indicators appeared normal. In the disclosed screenshots, SPF, DKIM, and DMARC, used for sender authentication, all showed as passed. General users are highly likely to mistake this for a legitimate email. Schwartz explained that while the exact mechanism has not been confirmed, it appears the attacker injected messages within Robinhood's actual email infrastructure.

Regarding the attack method, it was suggested that Robinhood's account creation process and device name input values might have been exploited. A security expert analyzed that hackers created a Robinhood account using Gmail's dot insertion method, then inserted a malicious HTML payload into the device name, and Robinhood's email system failed to properly sanitize it, causing malicious elements to be displayed within legitimate system emails.

This warning comes ahead of Robinhood's first-quarter earnings announcement. Robinhood is set to release its earnings on April 28, with the market expecting approximately $1.15 billion in first-quarter revenue and $0.40 in earnings per share. The news of the phishing attack, coupled with issues related to the Wisconsin lawsuit concerning prediction markets, has acted as a burden on Robinhood's stock price.

Robinhood's stock price had previously risen after announcing a $75 million contract with OpenAI. However, with security concerns emerging at a sensitive time just before the earnings announcement, investors' views are divided between growth expectations and risk factors.

*Disclaimer: This article is for investment reference only, and we are not responsible for any investment losses based on it. The content should be interpreted for informational purposes only.*