Phishing Attack via Compromised Email Service Nets Hackers $600,000

Email marketing service provider Mailer Lite fell victim to a phishing attack, resulting in losses exceeding $600,000, according to Blockaid.

Today, Blockaid researchers discovered a phishing attack where an attacker was able to leverage a vulnerability in email service provider Mailer Lite to impersonate web3 companies, draining $600k+. Blockaid instantly protected millions of users and was able to safeguard $2.7M. pic.twitter.com/SvGMdB4vNZ

— Blockaid (@blockaid_) January 23, 2024

In comments to Decrypt, Mailer Lite representatives explained that the attackers compromised the platform by initially targeting an employee. After the employee clicked on a fraudulent link, the hackers gained access to internal services.

This level of control allowed them to impersonate account owners. In total, they accessed 117 accounts. A “small” number of these were used for a phishing campaign targeting users associated with the Web3 industry, Mailer Lite clarified.

On-chain researcher ZachXBT confirmed that among the affected clients were Cointelegraph, Wallet Connect, Token Terminal, and several DeFi projects.

Community Alert: Phishing emails are currently being sent out that appear to be from CoinTelegraph, Wallet Connect, Token Terminal and DeFi team emails.

~$580K has been stolen so far
0xe7D13137923142A0424771E1778865b88752B3c7 pic.twitter.com/XoN65HxOYh

— ZachXBT (@zachxbt) January 23, 2024

He estimated the damage from the attack at approximately $580,000.

Users in comments reported receiving phishing emails from Trust Wallet and OpenSea as well.

yup, and phishing KYC verification emails from @TrustWallet too pic.twitter.com/cqvLLoamVm

— Harpie (@harpieio) January 23, 2024

Experts from Blockaid noted that the hackers used the infrastructure of Angel Drainer Group, known for an attack on Ledger Connect Kit, to empty wallets. According to specialists, the number of malicious decentralized applications launched on the portal surged on January 16 and remains high.

Blockaid claimed that the hackers’ haul could have been larger, but the company’s solutions protected user assets worth $2.7 million.

In 2023, the crypto industry lost $1.8 billion due to hacking and fraud. Although the total amount halved, the number of incidents increased by 90%, noted Immunefi.