- Decentraland announces that its newsletter subscribers’ email addresses have been leaked.
- Over 300 Mailchimp accounts were viewed by the hackers.
- Similarly, Tezos suffered a recent breach via Mailchimp.
On April 4, Decentraland announced that malicious actors acquired newsletter subscribers’ email addresses due to a Mailchimp data breach. The announcement was made via a blog post revealing that hackers may be impersonating Decentraland and sending emails to subscribers.
According to Mailchimp, the hackers viewed approximately 300 Mailchimp accounts – successfully exporting audience data from 102 of them. The hackers targeted customers in the cryptocurrency and finance sectors specifically. Additionally, the hackers also gained access to API keys for an undisclosed number of customers, which now have been disabled.
Mailchimp Chief Information Security Officer Siobhan Smyth said that Mailchimp notifies account owners whenever they become aware of any unauthorized account access. Smyth added that they immediately take steps to suspend any further access. “We also recommend two-factor authentication and other account security measures for our users as added measures to keep accounts and passwords secure.”
In response to the leak, Decentraland cautioned its subscribers to stay vigilant as they work to fight fraud. The blog post contained cautionary instructions such as making sure not to click suspicious links from emails and checking the correct addresses. Additionally, Decentraland has been actively taking down all phishing sites that it could find.
On March 26, a malicious actor was detected by Mailchimp accessing a tool used by the company’s support team. Following that, the actors used social engineering attacks to gain private information.
We acted swiftly to address the situation by terminating access for the compromised employee accounts and took steps to prevent additional employees from being affected.
The hackers have been targeting cryptocurrency and finance-related companies. Notably, cryptocurrency wallet maker Trezor suffered a breach as a result of the exploit. Hackers sent emails that prompted Trezor users to reset their hardware wallet PINs by downloading malicious software – once installed, hackers could then steal customers’ crypto.
MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.
We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected. 1/
— Trezor (@Trezor) April 3, 2022
These breaches and exploits follow the recent Axie Infinity hack with losses of $625M. Hackers exploited the blockchain and gained access to a huge amount of Ethereum.