Connect with us

Hi, what are you looking for?

Editor's Pick

MailerLite Confirms Breach: $3.3M Lost in Crypto Phishing Attacks

MailerLite has confirmed reports of the hackers gaining access to customers’ accounts that led to a calculated crypto phishing exploit targeted at popular web3 firms.

On Jan 23, the email marketing company released a detailed explanation of the events leading up to the hack and subsequent phishing attacks on web3 firms. The attack led to approximately $3.3 million in crypto assets drained from users.

“Today on January 23rd, 2024, at 7:52 am UTC time MailerLite, providing email marketing services to you became aware of a cyber security incident that happened on January 23rd, 2024 at 00:11 AM UTC time that affected several accounts in the cryptocurrency sphere.”

Source: MailerLite

The firm mentioned that upon notice of the incident, it blocked the bad actor’s method of entry, resolving all issues, and can confirm that the breach was “fully stopped.”

Hackers Target 177 Accounts

According to the firm’s internal investigation, a customer support team staff member was the point of access by hackers after the team member responding to an inquiry clicked on an image.

Linked to a fraudulent Google sign-in page, the user authenticated the process through a mistaken phone confirmation leading to the broader breach in the admin panel.

Per the report, the hackers took it further by executing a password reset in the admin panel of the impersonator user email accounts. What’s more, only cryptocurrency-related accounts were targeted.

The incident that rocked crypto spaces saw a total of 177 MailerLite accounts impacted, although the phishing campaign targeted a small number of companies.

“This breach underscored the need for heightened vigilance and robust security protocol, especially in handling seemingly routine support interactions,” the company added.

Blockchain security firm Blockaid revealed earlier that MailerLite was compromised.

Today, Blockaid researchers discovered a phishing attack where an attacker was able to leverage a vulnerability in email service provider Mailer Lite to impersonate web3 companies, draining $600k+. Blockaid instantly protected millions of users and was able to safeguard $2.7M. pic.twitter.com/SvGMdB4vNZ

— Blockaid (@blockaid_) January 23, 2024

$3.3 Million Drained in Crypto Phishing Attacks

On Jan 23, cryptocurrency hack investigator ZackXBT posted on X (formerly Twitter) about an ongoing phishing campaign targeted at web3 firms including WalletConnect, De.Fi, Token Terminal, Cointelegraph, etc.

Community Alert: Phishing emails are currently being sent out that appear to be from CoinTelegraph, Wallet Connect, Token Terminal and DeFi team emails.

~$580K has been stolen so far0xe7D13137923142A0424771E1778865b88752B3c7 pic.twitter.com/XoN65HxOYh

— ZachXBT (@zachxbt) January 23, 2024

Initially, the bad actors stole $580,000 in digital assets by sending malicious links through emails claiming to have rolled out community airdrops to reward users.

Platforms immediately sent out disclaimers warning the community not to interact with the links promising to resolve issues after carrying out investigations.

The incident sparked a wider conversation about the safety of cryptocurrencies and the use of airdrops to target users on social media spaces as phishing numbers surge.

The flagged wallet address contained about 280 ETH and the total amount drained from users is now estimated at $3.3 million.

An analysis conducted by crypto users and analytics firm Nansen shows $3.3 million inflows to the wallet but revealed that $2.6 million is held up in XBanking tokens leaving the rest at $700,000.

The post MailerLite Confirms Breach: $3.3M Lost in Crypto Phishing Attacks appeared first on Cryptonews.

You May Also Like

Economy

How can Forex crash? Forex market crash history Fact that the Forex is one of the most volatile and most profitable markets in the...

Editor's Pick

As decentralized naming systems gain traction, Ethereum Name Service has seen ENS price double, leaving some FOMO investors asking is it too late to...

Editor's Pick

Colorado-based pastor Eligio “Eli” Regalado and his wife, Kaitlyn, are facing legal action after allegedly defrauding investors of millions of dollars through the sale...

Stock

Enthusiasm is needed to drive an uptrend, but sometimes enthusiasm can go too far. That is why technical analysts like to use various sentiment...

Disclaimer: happyretirementstories.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.


Copyright © 2024 happyretirementstories.com