Mailer Lite hacker impersonates crypto firms, draining $600,000 with phishing emails
Quick Take An exploiter abused a vulnerability in a digital marketing platform to mimic seemingly legitimate emails that actually included links to wallet drainer sites, Blockaid found. The attack targeted CoinTelegraph, WalletConnect, Token Terminal and De.Fi, according to crypto sleuth ZachXBT.
Digital marketing platform Mailer Lite was the victim of a phishing attack that resulted in the loss of over $600,000, according to the web3 security and privacy firm Blockaid.
The exploiter used a vulnerability in Mailer Lite to mimic web3 firms sending seemingly legit emails that actually contained malicious links to wallet drainer sites, Blockaid explained in a social media thread Tuesday, adding that "attackers took advantage of the fact that Mailer Lite had previously been given permission to send email on behalf of these site’s domains, enabling them to craft emails that seemed to be coming from these organizations."
"Specifically, they used 'dangling dns' records which were created and associated with Mailer Lite (previously used by these companies)," it continued. "After closing their accounts these DNS records remain active, giving attackers the opportunity to claim and impersonate these accounts."
CoinTelegraph, WalletConnect, Token Terminal and De.Fi were among the platforms targeted by the phishing attack, according to the crypto sleuth ZachXBT .
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Why is Solana (SOL) price up today?
Wintermute Secures Approval to Share Ethena’s Revenue with ENA Stakers