Email service provider MailerLite was the victim of a phishing attack, the company reported, targeting the cryptocurrency market. decryption On Tuesday.
According to an email alert sent by the company, the attack occurred after a support team member clicked on a fraudulent link, entered Google credentials, and verified two-step authentication, which gave the hackers access to Mailerlite’s internal systems.
“After gaining access, the perpetrators further tightened their unauthorized control by issuing password resets for specific users from their admin panels,” Mailerlite said. “This level of access allowed them to impersonate user accounts. “We only focused on cryptocurrency-related accounts.”
Mailerlite added that the perpetrators accessed 117 accounts, a small number of which were used to launch phishing campaigns using available names, email addresses and any personal information uploaded to the service.
According to internet sleuths ZachXBTIncludes affected accounts CointelegraphWallet Connect, Token Terminal and De.Fi. decryption They also received a notification that the account had been accessed, but according to Mailerlite, no emails were sent from the system and no contact lists were exported.
More than $580,000 was stolen because hackers were able to wrap malicious links in Mailerlite customers’ familiar templates, ZachXBT said. That too I shared my address This is where the illegally acquired funds were remitted.
Web3 security company Blockaid estimated the total cost at more than $600,000.
“When MailerLite became aware of the incident, we successfully identified and resolved the issue and terminated the access method the perpetrator used to infiltrate our platform,” MailerLite said. “MailerLite can confirm that the breach has been completely stopped.”
Mailerlite said the company continues to monitor the situation.
“We will also make necessary changes to our internal processes to address employees who do not follow these processes and focus on better security training,” the company said.
Edited by Ryan Ozawa.