Mailchimp was hacked in order to phish cryptocurrency wallets.
Hackers breached Mailchimp to target crypto holders
Hackers breached Mailchimp to target crypto holders, The Verge stated that hackers utilized internal Mailchimp tools to target
consumers from a total of 102 users, including Trezor, a hardware bitcoin wallet.
Trezor users got emails over the weekend saying that their accounts had been compromised due to a data breach.
The email contained a phishing site that claimed to be a link to an updated version of Trezor Suite, as well as instructions on how to set up
a new pin — but it was actually a phishing site designed to steal the contents of their digital wallets.
Trezor acknowledged the emails were part of a sophisticated phishing attempt by a hostile actor targeting MailChimp’s mailing database in a tweet on Sunday.
In a blog post, Trezor noted, “The Mailchimp security team discovered that a hostile actor accessed an internal tool used by client-
facing teams for customer assistance and account administration.”
“A successful social engineering attack against Mailchimp workers gave the bad actor access to this technology.”
In other words, the hackers conned MailChimp’s customer care crew into handing up their log-in credentials, then sent the emails using the company’s own internal tools.
According to the company’s blog post, the Trezor attack was designed with a “high level of precision.” Despite this,
Trezor users were required to download the fake software and input their wallet credentials in order for the attack to be effective.
As Trezor notes in its post, it’s doubtful that many people got that far because most operating systems would have warned them
that they were downloading software from an unknown source.
- Top 3 Benefits of Buying iPhones Wholesale from Hong Kong
- What is conversational commerce?
- How to send a Google Docs document directly as an email
- Contribution to Sustainability: Buying Refurbished iPhones Wholesale
- Nigerian Navy Batch 34 Recruitment Exercise
- Dell is working on reverse wireless charging on laptops
According to a statement provided to The Verge by MailChimp’s chief information officer Siobhan Smith, the company initially
learned of the incident on March 26th.
The hackers gained access to audience data from 102 distinct MailChimp clients, implying that Trezor is far from the only
The in-browser metaverse platform Decentraland announced on Twitter that its newsletter was among those hacked.