Hackers used internal tools from Mailchimp to target customers from a total of 102 users, including hardware crypto wallet Trezor, report The Verge. Trezor users over the weekend received email complaints that their accounts had been compromised in a data breach. The email included a purported link to an updated version of the Trezor Suite, along with instructions for setting up a new pin – even though it was, in fact, a phishing site aimed at obtaining the contents of a digital wallet. their.
In one tweet on Sunday, Trezor confirmed that the emails were part of a sophisticated phishing campaign by a malicious actor targeting MailChimp’s newsletter database. “The Mailchimp security team has revealed that a malicious actor gained access to an internal tool used by customer-facing teams for customer support and account administration,” Trezor wrote in a statement. blog post. “The bad guy gained access to this tool as a result of a successful social engineering attack on Mailchimp employees.”
In other words, the hackers managed to trick employees on MailChimp’s customer support team into handing over their credentials, then used the company’s own internal tools to send emails. The Trezor attack was specifically planned with a “high level of detail,” according to the company’s blog post. However, for the attack to succeed, Trezor users must download the fake app and submit their wallet credentials. Trezor pointed out in his post that not many people have done that, as most operating systems will notify users that they are downloading software from an unknown source.
MailChimp first learned of the breach on March 26, according to a statement chief information officer Siobhan Smith gave to The Verge. The hackers were able to get audience data from 102 different MailChimp clients, meaning Trezor isn’t the only company that may have been affected. Decentraland, the in-browser metaverse platform, confirmed on Twitter that its newsletter was among those arrested in the hack.
Note: The email addresses of our newsletter subscribers were leaked in a Mailchimp data breach.
Be wary because bad guys can use your email address to try and text you impersonating the Decentraland Foundation.
Find out more details:https://t.co/UujMMZ1HXt
– Decentraland (@decentraland) April 4, 2022
We will likely find out what other companies were involved in the MailChimp hack in the coming days. The company has informed all its customers concerned.
All products recommended by Engadget are handpicked by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
