If you use Trezor's cryptocurrency wallet, watch out: Hackers are exploiting a data breach at email marketing provider Mailchimp to send phishing emails to Trezor users.
Trezor today sounded the alarm about the phishing messages, which tell recipients that Trezor experienced a "security incident" and ask them to download a new Trezor Suite app. But in reality, the app is a malicious program designed to loot the cryptocurrency funds of users, Trezor parent company SatoshiLabs warned in a blog post.
"This attack is exceptional in its sophistication and was clearly planned to a high level of detail. The phishing application is a cloned version of Trezor Suite with very realistic functionality, and also included a web version of the app,” the company added.
According to SatoshiLabs, the hackers behind the phishing attacks obtained user emails by compromising a “newsletter database” at Mailchimp.
Mailchimp today confirmed that a breach occurred on March 26. Using social engineering tactics, the attackers tricked Mailchimp customer support employees into handing over their login credentials.
“Based on our investigation, we believe that about 300 Mailchimp accounts were viewed and audience data was exported from 102 of those accounts,” Mailchimp CIO Siobhan Smyth told PCMag in a statement. “Our findings show that this was a targeted incident focused on users in industries related to cryptocurrency and finance, all of whom have been notified.”
Smyth didn't say how many email addresses in total were exposed. But it might be considerable, given that Mailchimp’s whole business involves helping brands send out effective marketing emails to internet users.
Mailchimp added the hack may have exposed a vulnerability in API keys for
Read more on pcmag.com