Phishing Attack on Mailer Lite Leads to Loss Over $600,000

Mailer Lite falls victim to a hack:

An individual managed to exploit a vulnerability on the Mailer Lite platform.
Targeted companies include CoinTelegraph, WalletConnect, Token Terminal, and De.Fi, with a total loss exceeding $600,000.
The attack used previously associated ‘suspended’ DNS records from Mailer Lite.

Details of a Hack Over $600,000

A hacker recently exploited a vulnerability within the Mailer Lite platform, allowing for the creation of marketing campaigns for businesses, resulting in a financial loss of several hundred thousand dollars.

Today, Blockaid researchers discovered a phishing attack where an attacker was able to leverage a vulnerability in email service provider Mailer Lite to impersonate web3 companies, draining $600k+. Blockaid instantly protected millions of users and was able to safeguard $2.7M. pic.twitter.com/SvGMdB4vNZ

— Blockaid (@blockaid_) January 23, 2024

Pretending to be legitimate cryptocurrency companies, the attacker sent emails that appeared authentic and trustworthy, but actually contained links to fraudulent websites. This phishing method targeted notable companies such as CoinTelegraph, WalletConnect, Token Terminal, and De.Fi.

The Ingenious Method of Attackers

The perpetrator employed a technique known as ‘dangling DNS records,’ which involved exploiting inactive DNS records of the targeted companies that were still associated with Mailer Lite. These records were previously used by the targeted companies, enabling the attacker to impersonate these companies and create convincing emails that appeared to come from them.

After the closure of their accounts, these DNS records remain active, giving attackers the opportunity to claim and impersonate these accounts.

stated analysts at Blockaid

This tactic not only deceived recipients but also bypassed standard security measures, making the attack particularly insidious.

The impact of this phishing attack goes beyond the immediate financial loss of over $600,000. Furthermore, this attack raises major concerns about the security of digital communications in the cryptocurrency ecosystem. Businesses and individual users must be extremely vigilant against such tactics, always verifying the authenticity of received communications.

Additionally, this attack serves as a reminder to users of the importance of never clicking on unverified links, even if they appear to come from trusted sources.

Phishing Attack on Mailer Lite Leads to Loss Over $600,000

Details of a Hack Over $600,000

The Ingenious Method of Attackers

Related Posts

Billions of Dollars of Crypto at Risk

Blockstream Prepares to Launch Blockstream ASIC Series 2

Arizona Evaluates Adding Bitcoin ETFs to State Retirement Funds

Goldman Sachs in Talks to Play Key Role in Bitcoin ETFs Introduction