It was recently announced that MailChimp was hacked last month, with the criminals absconding information from more than 100 users, using that data to phish owners of Trezor cryptocurrency wallets. Staff of the popular email marketing company were apprised of the breach on March 26, and learned that the hacker used internal tools for account administration.
 

“Hackers are getting more creative,” said Richard Gardner, CEO of Modulus, a US-based developer of ultra-high-performance trading and surveillance technology that powers global equities, derivatives, and digital asset exchanges. “Especially with the looming Russo-Ukrainian war, which has included heightened cyberwarfare techniques, exchanges and other institutions are taking security more seriously. Now, hackers are looking for new ways to obtain ill-gotten gains.”

Siobhan Smyth, Mailchimp CISO, offered the following statement to Gizmodo:

The incident was propagated by an external actor who conducted a successful social engineering attack on Mailchimp employees, resulting in employee credentials being compromised,” said Smyth. The hacker or hackers then used its access to the company to get its hands on subscriber data. “Based on our investigation, we believe that about 300 Mailchimp accounts were viewed and audience data was exported from 102 of those accounts.
 

“It looks like the hacker zeroed in on those who were in the cryptocurrency and financial sectors, including a Trezor newsletter mailing list. This was a sophisticated attack, which even included a lookalike Trezor app, prompting users for their seed. This was much more complex than many of your more run-of-the-mill phishing campaigns,” Gardner said.

Modulus is known throughout the financial technology segment as a leader in the development of ultra-high frequency trading systems and blockchain technologies. Modulus has provided its exchange solution to some of the industry’s most profitable digital asset exchanges, including a well-known multi-billion-dollar cryptocurrency exchange. Over the past twenty years, the company has built technology for the world’s most notable institutions, with a client list which includes NASA, NASDAQ, Goldman Sachs, Merrill Lynch, JP Morgan Chase, Bank of America, Barclays, Siemens, Shell, Yahoo!, Microsoft, Cornell University, and the University of Chicago.

According to Gizmodo, the phishing note read, in part:

Trezor has experienced a security incident involving data belonging to 106.856 of our customers, […] If you’re receiving this e-mail, it’s because you’ve been affected by the breach. In order to protect your assets, please download the latest version of Trezor Suite and follow the instructions to set up a new PIN for your wallet.
 

“The most effective way to overcome these attacks is: due diligence, due diligence, due diligence. As hackers get more and more sophisticated, their attacks will look more and more like official communication. Whenever you get an email that appears to be fraudulent or otherwise out of the ordinary, verify it with support from the institution of record. Don’t click on any links. Independently find the method of contact for support, and message them directly,” offered Gardner.