"If you trust emails, you'll get caught"... Former Ripple CTO warns of Robinhood phishing

▲ Hacking. Cryptocurrency transaction/ChatGPT generated image

As Ripple's former CTO warns of a sophisticated email phishing attack targeting Robinhood users, security risks for Robinhood are coming to the forefront ahead of its Q1 earnings announcement.

According to cryptocurrency media outlet Coingape on April 27 (local time), David Schwartz, former Chief Technology Officer (CTO) of Ripple, stated that a phishing email attack targeting Robinhood users is underway. He urged users to be careful, as emails appearing to be from Robinhood might seem to have been sent through Robinhood's actual email system.

The example disclosed by Schwartz included an email in the form of a login notification. This email presented information such as time, device details, and incident number, indicating unrecognized activity on the account. It then placed a button encouraging the user to verify the activity. Although it appeared to be a normal security alert, the button was analyzed to lead to a phishing process.

What makes this attack particularly dangerous is that the email authentication indicators appeared normal. In the disclosed screenshot, SPF, DKIM, and DMARC, used for sender authentication, all showed as passed. General users are highly likely to mistake this for a legitimate email. Schwartz explained that while the exact mechanism is not confirmed, it appears the attacker injected messages within Robinhood's actual email infrastructure.

Regarding the attack method, there is a possibility that Robinhood account creation processes and device name input values were exploited. A security expert analyzed that hackers created a Robinhood account using Gmail's dot insertion method, then inserted a malicious HTML payload into the device name. Robinhood's email system failed to properly sanitize this, causing the malicious elements to be displayed within legitimate system emails.

This warning comes ahead of Robinhood's Q1 earnings announcement. Robinhood is scheduled to announce its earnings on April 28, and the market expects Q1 revenue of approximately $1.15 billion and earnings per share of $0.40. The news of the phishing attack, coupled with a lawsuit in Wisconsin related to prediction markets, has put downward pressure on Robinhood's stock price.

Robinhood's stock price had previously risen after announcing a $75 million deal with OpenAI. However, with security concerns surfacing at a sensitive time before the earnings announcement, investors are torn between growth expectations and risk factors.

*Disclaimer: This article is for investment reference only, and we are not responsible for any investment losses based on it. The content should be interpreted for informational purposes only.*