Mailer Lite hackers stole $600,000 through phishing emails pretending to be cryptocurrency companies.

Digital marketing platform Mailer Lite suffered a phishing attack, losing more than $600,000, according to web3 security and privacy company Blockaid.

Blockaid explained on social media that attackers took advantage of a vulnerability in Mailer Lite to make it appear as if web3 companies were sending seemingly legitimate emails that actually contained malicious links to wallet-snapping sites. line “The attackers were able to craft emails that appeared to come from these organizations by taking advantage of the fact that Mailer Lite had previously been authorized to send emails on behalf of this site’s domain,” it added on Tuesday.

“Specifically, they used ‘dangling DNS’ records created and associated with Mailer Lite (previously used by these companies),” he continued. “Even after an account is closed, these DNS records remain active, providing an opportunity for attackers to claim and impersonate these accounts.”

According to cryptocurrency detective ZachXBT, among the platforms targeted in phishing attacks were CoinTelegraph, WalletConnect, Token Terminal, and De.Fi.

Disclaimer: The Block is an independent media outlet delivering news, research and data. As of November 2023, Foresight Ventures is a majority investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, impactful and timely information about the cryptocurrency industry. Below are our current financial disclosures.

© 2023 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be used as legal, tax, investment, financial or other advice.