Search
Close this search box.

Phishing Attack on MailerLite Leads to $3.3 Million Theft from Web3 Firms

Table of Contents

You can also read this news on BH NEWS: Phishing Attack on MailerLite Leads to $3.3 bitcoin Million Theft from Web3 Firms
MailerLite, a Web3 email service provider, confirmed a phishing scam that resulted in hackers accessing accounts of major Web3 companies and stealing an estimated $3.3 million from subscribers. The attack on January 23 targeted several Web3 firms, including WalletConnect, Token Terminal, and DeFi, whose official accounts sent emails containing malicious links with wallet-draining software.
Hours after the emails were sent to subscribers, MailerLite disclosed details of the breach, which occurred through a social engineering attack on a customer support employee. The employee inadvertently clicked on an image linked to a deceptive Google login page, compromising their access credentials.
This breach allowed the attackers to gain further control by resetting a specific user’s password through MailerLite’s internal admin panel. They were able to impersonate user accounts, focusing solely on those related to cryptocurrencies.
MailerLite revealed that the hackers accessed 117 accounts but only used a fraction to initiate phishing campaigns. The service provider warned that customer and subscriber data, including full names, email addresses, and personal information uploaded to MailerLite, were compromised.
While MailerLite’s support team has not provided additional information about the phishing email scam, blockchain data analytics platform Nansen helped estimate the value of the stolen funds. Nansen’s team pointed out that while the main phishing wallet saw $3.3 million in total inflows, $2.6 million appeared to be from Xbanking tokens traded on Latoken exchange. Excluding Xbanking assets, Nansen reduced the estimate of easily convertible stolen funds to $700,000. Both Nansen and an anonymous Reddit user highlighted the use of the Railgun privacy protocol by the attackers to obscure the transfer of stolen tokens.
The post first appeared on BH NEWS: Phishing Attack on MailerLite Leads to $3.3 Million Theft from Web3 Firms

Leave a Comment

Your email address will not be published. Required fields are marked *

Most Popular

Get The Latest Updates

Subscribe To Our Weekly Newsletter

No spam, notifications only about new products, updates.

Related Posts

Posts is empty. Skip to content