TechFlow reports that email service provider MailerLite informed Decrypt on Tuesday it was the victim of a phishing attack targeting the cryptocurrency market.
Decrypt also received notification that its account had been accessed, but according to MailerLite, no emails were sent from the system and its subscriber list was not exported.
Details of the incident: A member of the MailerLite team clicked on a phishing link, entered their Google credentials, and completed secondary authentication, allowing hackers to gain access to MailerLite's internal systems. After gaining access, the attackers performed password resets for specific users via the admin panel, further solidifying their unauthorized control. The attackers impersonated user accounts, focusing entirely on those associated with cryptocurrency. A total of 117 accounts were accessed, and a small number were used to launch phishing campaigns leveraging personal information.
Earlier report: According to on-chain investigator ZachXBT, hackers are distributing phishing links through emails, which so far have appeared to come from CoinTelegraph, Wallet Connect, Token Terminal, and De.Fi teams, resulting in approximately $580,000 stolen to date.




