Mailchimp, the email marketing platform, has confirmed that hackers have stolen data from more than 100 of its clients and used the data to mount phishing attacks on the users of crypto services. Trezor hardware wallet users and Decentraland metaverse platform were also affected.
Hackers used internal tools from Mailchimp to target customers from a total of 102 users, including hardware cryptocurrency wallet Trezor, reported The Verge.
Trezor users over the weekend received emails claiming that their accounts were compromised in a data breach. The email included a purported link to an updated version of Trezor Suite, along with instructions to set up a new pin – though in actuality it was a phishing site meant to capture the contents of their digital wallets.
Trezor confirmed in a Sunday tweet that the emails were a part of a sophisticated phishing campaign by a malicious actor that targeted MailChimp’s newsletter database.
“The Mailchimp security team disclosed that a malicious actor accessed an internal tool used by customer-facing teams for customer support and account administration,” Trezor said in a blog post. “The bad actor gained access to this tool as a result of a successful social engineering attack on Mailchimp employees.”
Basically, the hackers managed to trick employees in MailChimp’s customer support team into handing over their log-in credentials, then used the company’s own internal tools to send the emails. The Trezor attack specifically was planned to a “high level of detail,” the company’s blog post said. However, in order for the attack to be successful, Trezor users had to download the fake app and submit their wallet credentials. It’s unlikely many made it that far, as Trezor points out in its post, considering that most operating systems would have notified the user that they were downloading software from an unknown source.
MailChimp chief information officer Siobhan Smith stated that the breach was spotted on March 26th.
The hackers obtained data from 102 MailChimp clients, meaning that Trezor is far from the only company likely impacted. Decentraland, the in-browser metaverse platform, confirmed on Twitter that its newsletter was among those caught up in the hack.
Just last week, Ronin Network, an Ethereum-based sidechain created to support the popular NFT-based game Axie Infinity, was exploited by an unknown hacker and lost roughly $625 million worth of crypto, which may be the largest exploit in DeFi history.