Connect with us

Hi, what are you looking for?

Economy

MailerLite Confirms Breach: $3.3M Lost in Crypto Phishing Attacks

MailerLite has confirmed reports of the hackers gaining access to customers’ accounts that led to a calculated crypto phishing exploit targeted at popular web3 firms.

On Jan 23, the email marketing company released a detailed explanation of the events leading up to the hack and subsequent phishing attacks on web3 firms. The attack led to approximately $3.3 million in crypto assets drained from users.

“Today on January 23rd, 2024, at 7:52 am UTC time MailerLite, providing email marketing services to you became aware of a cyber security incident that happened on January 23rd, 2024 at 00:11 AM UTC time that affected several accounts in the cryptocurrency sphere.” 

Source: MailerLite

The firm mentioned that upon notice of the incident, it blocked the bad actor’s method of entry, resolving all issues, and can confirm that the breach was “fully stopped.” 

Hackers Target 177 Accounts


According to the firm’s internal investigation, a customer support team staff member was the point of access by hackers after the team member responding to an inquiry clicked on an image.

Linked to a fraudulent Google sign-in page, the user authenticated the process through a mistaken phone confirmation leading to the broader breach in the admin panel.

Per the report, the hackers took it further by executing a password reset in the admin panel of the impersonator user email accounts. What’s more, only cryptocurrency-related accounts were targeted.

The incident that rocked crypto spaces saw a total of 177 MailerLite accounts impacted, although the phishing campaign targeted a small number of companies.

“This breach underscored the need for heightened vigilance and robust security protocol, especially in handling seemingly routine support interactions,” the company added. 

Blockchain security firm Blockaid revealed earlier that MailerLite was compromised. 

Today, Blockaid researchers discovered a phishing attack where an attacker was able to leverage a vulnerability in email service provider Mailer Lite to impersonate web3 companies, draining $600k+. Blockaid instantly protected millions of users and was able to safeguard $2.7M. pic.twitter.com/SvGMdB4vNZ

— Blockaid (@blockaid_) January 23, 2024

$3.3 Million Drained in Crypto Phishing Attacks


On Jan 23, cryptocurrency hack investigator ZackXBT posted on X (formerly Twitter) about an ongoing phishing campaign targeted at web3 firms including WalletConnect, De.Fi, Token Terminal, Cointelegraph, etc.

Community Alert: Phishing emails are currently being sent out that appear to be from CoinTelegraph, Wallet Connect, Token Terminal and DeFi team emails.

~$580K has been stolen so far
0xe7D13137923142A0424771E1778865b88752B3c7 pic.twitter.com/XoN65HxOYh

— ZachXBT (@zachxbt) January 23, 2024

Initially, the bad actors stole $580,000 in digital assets by sending malicious links through emails claiming to have rolled out community airdrops to reward users.

Platforms immediately sent out disclaimers warning the community not to interact with the links promising to resolve issues after carrying out investigations.

The incident sparked a wider conversation about the safety of cryptocurrencies and the use of airdrops to target users on social media spaces as phishing numbers surge.

The flagged wallet address contained about 280 ETH and the total amount drained from users is now estimated at $3.3 million.

An analysis conducted by crypto users and analytics firm Nansen shows $3.3 million inflows to the wallet but revealed that $2.6 million is held up in XBanking tokens leaving the rest at $700,000.

The post MailerLite Confirms Breach: $3.3M Lost in Crypto Phishing Attacks appeared first on Cryptonews.

Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

Latest

Economy

With Bitcoin’s (BTC) price quickly re-approaching its all-time high, almost all holders of the digital currency are back in the black. Blockchain market intelligence...

Economy

Circle, USDC’s issuer, has struck a partnership deal with Coincheck, one of Japan’s biggest crypto exchanges – with a view to securing the stablecoin’s...

Economy

In wake of the Pepe Coin (PEPE)’s 40% price pump on Tuesday, profit-taking Pepe holders are shifting funds to a new crypto token for...

News

President Biden said Israel has agreed to a cease-fire in the Gaza Strip during the Islamic holy month of Ramadan, but Hamas is not...

News

Sen. Josh Hawley, R-Mo., is urging global consulting firm McKinsey & Company to hand over ‘comprehensive documentation’ showcasing its past or present contracts with the...

News

House Foreign Affairs Committee Chairman Michael McCaul, R-Texas, is threatening to hold Secretary of State Antony Blinken in contempt of Congress, accusing him of...

You May Also Like

Financial Advisors

[#item_full_content]

Financial Advisors

[#item_full_content]

Financial Advisors

The humongous outbreak of the dreaded coronavirus has brought about a groundbreaking change in what the world perceived as ‘normal’. With an estimated 280,391,189...

Disclaimer: Respect Investment.com, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2024 Respect Investment. All Rights Reserved.