Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Benzinga
Benzinga
Business
Adrian Zmudzinski

Crypto Users Are Under Attack: Here's How To Prevent A Loss Of Funds

Major cryptocurrency hardware wallet producer Trezor warned that all the users that are registered to its newsletter should expect to be targeted by phishing attacks — but not only Trezor customers are affected.

What Happened: Trezor warned in a Sunday tweet that it was investigating "a potential data breach of an opt-in newsletter hosted on Mailchimp" and that users should avoid opening emails from "noreply@trezor.us."

The company explained that its marketing and automation email management software Mailchimp was compromised by an insider who was targeting cryptocurrency companies. Trezor took down the phishing domain and recommended that users ensure they "are using anonymous email addresses for bitcoin-related activity."

According to a Monday TechCrunch report, Mailchimp confirmed a data breach after hackers compromised an internal tool to access customer accounts, which goes to show that not only Trezor and its users are affected by the breach. The company's chief information security officer Siobhan Smyth said that the company became aware of the breach on March 26, after identifying a malicious actor that was able to use a tool meant for internal company use to access customer accounts.

Attackers gained access to the systems through social engineering, meaning that instead of compromising software, they were able to mislead people involved in the company in ways that allowed them to access Mailchimp's internal tool. The firm claims that it "acted swiftly to address the situation by terminating access for the compromised employee accounts and took steps to prevent additional employees from being affected."

Also Read: Is This Dogecoin Star A Scammer? DOGE's Co-Creator Thinks So

Despite this, hackers were able to view about 300 Mailchimp accounts and exported the audience data from 102 of those — targeting customers in the cryptocurrency and finance sectors. Furthermore, the attackers also gained access to application programming interface (API) keys for an unspecified number of customers, which allows them to potentially send emails that appear as if the customer sent them.

What Users Should Expect: Fortunately, those API keys have now been disabled, but cryptocurrency users should anticipate receiving phishing emails carrying malware or attempting to extract credentials such as emails, passwords, or even private keys or recovery words for wallets containing cryptocurrencies such as Bitcoin (CRYPTO: BTC). These emails could have been potentially sent by addresses owned by companies that the users trust through Mailchimp's APIs.

Furthermore, since the APIs were deactivated, the hackers have no easy way to continue using the official email addresses of the compromised crypto and financial firms. Still, attackers have the email addresses of hundreds of users involved with those companies so phishing emails coming from different email addresses — presumably often impersonating trusted companies that users are familiar with — should be expected.

Photo: Courtesy of Christoph Scholz on Flickr

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.