Early in the morning of March 27th, hackers impersonated decryption An email was sent to newsletter subscribers announcing a virtual token airdrop. As soon as we heard about the phishing attempt, we sent a follow-up email informing our readers of the scam.
However, we hastened to warn our subscribers, Similar phishing attempts We incorrectly blamed email service provider MailerLite for the January attack. In fact, it appears that the hacker obtained the password key to the service from someone. decryptionSide – There is nothing wrong with MailerLite.
“For security reasons, MailerLite does not store information in API keys, making it impossible to access that information from MailerLite’s admin panel or your regular account,” a MailerLite spokesperson told us today. “The data breach that occurred at MailerLite on January 23, 2024 meant that although Decrypt Media’s accounts were affected, the perpetrators did not have access to API keys that allowed them to send phishing campaigns on March 27, 2024. .”
We are embarrassed for reaching the wrong conclusion and would like to sincerely apologize to MailerLite.
We are investigating what happened and will work with law enforcement. According to MailerLite, “The phishing campaign originated from the IP address “69.4.234.86” and was coordinated through the MailerLite API utilizing the user agent “python-requests/2.31.0”. After gaining access to our email list, the intruder removed all addresses ending in decrypt.co or decryptmedia.com and sent fake emails so that our employees would not be immediately alerted.
Fortunately, the majority of our readers are wary of these types of phishing attempts. Only one person attempted to link their wallet to a fake address.
But that’s too much. As mentioned in a previous email, cryptocurrency scams are widespread in the industry and are becoming increasingly sophisticated. decryptionLike almost all other cryptocurrency companies Impersonate or otherwise use as an attack vector. Hackers even went so far as to create a completely separate website. Fake Discord Server, social media accounts impersonating employees. (We only have two domains: decrypt.co and decryptmedia.com. If anyone links to another domain, watch out!)
So be careful out there.. And so will we. Thank you as always for reading decryption.
