Mailchimp hack, extensive orchestrated phishing campaign. In particular, the owners of Trezor wallets were affected.
According to The Verge, the hackers used Mailchimp’s internal tools to database email addresses for a total of 102 users, including a Trezor hardware crypto wallet. Trezor wallet owners received emails claiming their account had been compromised due to a security breach. The emails contained a purported link to an updated version of the Trezor Suite, as well as instructions on how to set up a new pin. In fact, it was a phishing site aimed at stealing the contents of wallets.
Mailchimp Hack, Massive Organized Phishing Campaign
In a tweet posted on Sunday, Trezor confirmed that the emails were part of a large, sophisticated phishing campaign by an attacker targeting the Mailchimp newsletter database. “The Mailchimp security team has announced that an attacker has gained access to an internal tool used by customer teams to maintain and administer accounts,” Trezor explains in a blog post. “This person gained access to this tool through social engineering by several Mailchimp employees.”
In particular, the owners of Trezor wallets were affected.
In other words, the hackers managed to trick the Mailchimp customer service staff into getting their credentials. They then used the company’s own internal tools to send their emails. According to the company, the attack on Trezor had a “high level of detail.” In any case, for the attack to be successful, Trezor users would need to download a fake app and provide their wallet credentials. It is unlikely that many users have gone as far as Trezor explains in his post, since most operating systems will likely identify that a user has attempted to download software from an unknown source.
Mailchimp became aware of the hack on March 26, according to a statement by its CIO Siobhan Smith to The Verge. The hackers were able to obtain data from 102 different Mailchimp clients. In other words, Trezor is far from the only company to suffer. Decentraland, an in-browser metaverse platform, for example, has confirmed that its newsletter has been hacked in a similar fashion.
There is no doubt that other companies affected by this hack will soon make themselves known in the coming days. Mailchimp, for its part, has already informed its affected customers.