Digital Forensics Dispatch

Digital Forensics Blog
by Sensei Enterprises, Inc.

Email Service Provider MailChimp Breached, Hackers Target Cryptocurrency Customers

April 5, 2022

Bleeping Computer’s Lawrence Abrams reports that the email marketing firm MailChimp disclosed that hackers had hit its systems and gained access to customer support and account management tools. Abrams writes “Sunday morning, Twitter was abuzz with reports from owners of Trezor hardware cryptocurrency wallets who received phishing notifications claiming that the company had suffered a data breach.”

The emails received by the Trezor customers were phishing emails sent by the MailChimp hackers. The email prompted Trezor customers to reset their hardware wallet PINs which downloaded malicious software that allowed for the stored cryptocurrency to be stolen.

MailChimp reported to BleepingComputer that the breach was more significant than just the Trezor account breach. Abrams writes “[according] to MailChimp, some of their employees fell for a social engineering attack that led to the theft of their credentials.”

The credentials harvested through a social engineering attack were used to access over 300 MailChimp accounts and export data, most likely customer mailing lists, from 102 customer accounts. The attackers also gained access to the Application Interface (API) keys, which are access tokens that allow for MailChimp customers to manage their accounts or marketing campaigns from their websites or platforms. The API interfaces have currently been disabled to prevent any use of those features for additional compromise.

MailChimp reports that it has notified all customers of the breach and that the hackers specifically accessed customers within the cryptocurrency and finance sectors.

This attack is a reminder to all companies and individuals that security training for employees is a necessity and to be alert about emails they are receiving. This whole incident would have likely been avoided if the individuals at MailChimp had recognized that they were falling for a social engineering attack.

It’s also important to note that you should always verify in person with the individual asking for account credentials. Ask yourself, why does this person need my credentials? Then find that person in the office and ask them if they need those credentials.

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Sensei Enterprises

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Digital Forensics Dispatch

Email Service Provider MailChimp Breached, Hackers Target Cryptocurrency Customers

Ride the Lightning

Your IT Consultant

Disclaimer