Phishing Emails from Impersonated Crypto Firms Result in 600,000 Dollars Losses

In a recent cybersecurity incident, Mailer Lite, a well-known digital marketing platform, fell victim to a sophisticated phishing attack, resulting in substantial financial losses exceeding $600,000. The disclosure comes from Blockaid, a web3 security and privacy firm, shedding light on the details of the breach.

Phishing Emails from Impersonated Crypto Firms Result in 600,000 Dollars Losses

According to Blockaid’s findings, the attacker exploited a vulnerability within Mailer Lite to execute a targeted phishing campaign. Leveraging the compromised platform, the cybercriminals mimicked web3 firms and initiated a deceptive email campaign. These emails, seemingly originating from reputable organizations, contained links that, unbeknownst to recipients, led to malicious websites designed to drain cryptocurrency wallets.

Blockaid elaborated on the attackers’ methodology, revealing that they capitalized on Mailer Lite’s prior authorization to send emails on behalf of web3 entities. This authorization enabled the malevolent actors to meticulously craft emails that appeared legitimate and trustworthy, as they seemingly originated from the targeted organizations.

The cybercriminals employed a technique known as ‘dangling DNS’ records, which were initially associated with Mailer Lite and previously used by the targeted web3 companies. Even after the closure of these accounts, the lingering DNS records remained active, creating a window of opportunity for the attackers to claim and impersonate these accounts convincingly.

Prominent names in the cryptocurrency space, including CoinTelegraph, WalletConnect, Token Terminal, and De.Fi, were identified as specific targets of this phishing attack, according to insights provided by crypto investigator ZachXBT.