Fright among Trezor users, some of whom have been targeted by very elaborate phishing attempts following a Mailchimp hack.
A hundred customers of Mailchimp, a well-known emailing platform, saw their data stolen by hackers who exploited a flaw in the company’s internal tools. An attack reported by Mailchimp, which is discovered to be linked to the alert issued over the weekend by the cryptocurrency wallet Trezor about very sophisticated phishing campaigns reported by its users.
The Verge, which echoes this story, says Mailchimp noticed the flaw on March 26, identifying unauthorized access to its customer service tools and account manager. Mailchimp immediately blocked the hacked employee account, but the hackers reportedly had time to examine around 300 user accounts and obtain data from 102 of them.
“We sincerely apologize to our users for this incident and are aware that it causes inconvenience and raises questions. […] We are confident in the robust security measures and processes we have in place to protect our users’ data and prevent future incidents”says Mailchimp’s chief security officer.
A very realistic app clone
Bleeping Computer takes over by indicating that this data was very quickly used by hackers to try to scam users of Trezor, a cryptocurrency management platform. The emails in question, spoofing official communications from Trezor, alerted users to data theft and urged them to download a new version of the Trezor Suite desktop application.
In reality, a fake application sought to obtain the information necessary to take control of the wallets users in order to steal the associated cryptocurrencies. Trezor speaks of a particularly pernicious and realistic attack, with a very high degree of detail. At first glance, it was visibly impossible to realize that the installed Trezor app was fake.
Mailchimp and Trezor invite their users to be particularly attentive to this kind of scam, especially since data concerning them is now in the possession of hackers eager for their cryptoassets.