More than 100 high-value Mailchimp customers in the cryptocurrency and finance industries had their data exfiltrated as a result of a breach on one of the email marketing firm's internal tools, The Register reports.
Hardware cryptocurrency wallet vendor Trezor issued a warning on Sunday regarding a phishing campaign that has been spreading malware in an effort to harvest information from cryptocurrency wallet owners and later said that scam-related domain addresses have been disabled as Mailchimp said that an insider has compromised its service. Attackers have been suspected of targeted Mailchimp to exfiltrate email addresses of those who are part of Trezor's Mailchimp-managed mailing list, with 319 Mailchimp accounts being accessed and 102 having their "audience data" stolen. "The incident was propagated by an external actor who conducted a successful social engineering attack on Mailchimp employees, resulting in employee credentials being compromised," said Mailchimp Chief Information Security Officer Siobhan Smyth. Mailchimp has already disabled API keys and set necessary protections in place while notifying impacted users.
Sixty thousand emails from U.S. State Department accounts were noted by a staffer working for Sen. Eric Schmitt, R-Mo., to have been exfiltrated by Chinese threat actors during the widespread compromise of Microsoft email accounts that commenced in May, according to Reuters.
Threat actors have leveraged the ZeroFont phishing attack technique, which initially involved the insertion of hidden characters or words in emails to evade security detection systems, to modify message previews as shown on Microsoft Outlook and other email clients, BleepingComputer reports.
BleepingComputer reports that individuals who have filed claims against bankrupt cryptocurrency lender Celsius have been subjected to phishing attacks involving the impersonation of the lender's claims agent, Stretto.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news