MailChimp hacked, crypto wallets phished with stolen data

Image for article titled Hackers Hijacked Crypto Wallets Using Stolen MailChimp Data

photo: Rafael Henrique/SOPA Images/Light Rocket (Getty Images)

MailChimp, the well-known email marketing company, was hacked. Sometime in the last month, cybercriminals infiltrated the company’s systems and stole information from over 100 users. The criminals then reused the stolen data to phish users of the popular crypto wallet Trezor hardware.

The attack, which MailChimp employees became aware of on March 26, involved an unknown attacker hijacking internal tools used by the company’s account managers for account management. When Gizmodo was reached for comment, a MailChimp representative issued a statement from Mailchimp’s Chief Information Security Officer, Siobhan Smyth, detailing the breach.

“The incident was propagated by an outside actor who conducted a successful social engineering attack on Mailchimp employees, resulting in employee credentials being compromised,” Smyth said. The hacker or hackers then used their access to the company to get their hands on subscriber data. “Based on our research, we believe that approximately 300 Mailchimp accounts were viewed and audience data was exported from 102 of those accounts,” Smyth said.

“As a result of the security incident, we have received reports of the malicious actor using the information it obtained from user accounts to send phishing campaigns to its contacts,” he said. The attack appears to have been designed to steal information about people in the crypto and financial industries, Smyth added.

Trezor hardware targeted via MailChimp

After the MailChimp hack, users of the Trezor crypto wallet, a piece of hardware that allows users to store their cryptocurrency offline, started using it Reporting on Twitter that they had received strange emails about a security incident at the company. As it turned out, those notifications were actually phishing emails. The hackers had typed a TRezor newsletter mailing list via MailChimp and then used the information to select targets. Trezor was quick to address the situation, explaining in a series of tweets on Sunday that some user information was compromised through the MailChimp hack and used in the phishing campaign.

“MailChimp has [sic] confirms their service was compromised by an insider targeting crypto companies,” the company revealed. “We will not communicate via newsletter until the situation is clarified. Until further notice, do not open emails that appear to be from Trezor.”

On Monday, the company checked with users, publish a blog in which they provided much more information about the phishing campaign. The scheme used sophisticated tactics, including a fake Trezor lookalike app that prompted users for their input seed– the string of randomly generated words that serve as the master key of the crypto wallet. Targets of the phishing campaign received an email telling them that Trezor was affected by a “security incident” and that if they receive the email, they should download an updated version of the Trezor Suite app. The phishing note read in part:

“Trezor experienced a security incident involving data from 106,856 of our customers, […] If you receive this email, you are affected by the data breach. To protect your wealth, please download the latest version of the Trezor Suite and follow the instructions to set up a new PIN for your wallet.”

The user is then prompted to click a link to download the lookalike app and “connect your wallet and enter your seed”. If the user fell for that message and entered their seed into the fake app, hackers would likely have stolen the contents of their wallet, Trezor said.

It’s unclear how much data was stolen during the MailChimp hack, or whether crypto companies other than Trezor were (or will be) targeted by phishing attempts.

“We’re currently investigating how many customers could be impacted following an insider compromise of a newsletter database hosted on Mailchimp,” Trezor said on her blog.

https://gizmodo.com/mailchimp-hacked-crypto-wallets-phished-with-stolen-da-1848745731 MailChimp hacked, crypto wallets phished with stolen data

Adam Bradshaw

TheHitc is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@thehitc.com. The content will be deleted within 24 hours.

Related Articles

Back to top button