- The pirates target the company’s CRM accounts to steal broadcast lists
- Emails used to send spam and encourage people to configure cryptographic portfolios compromised
- The goal is to steal money, so be on your guard
Pirates steal distribution lists in large companies and use them to enter people’s cryptocurrency wallets and tear off their funds.
A new report by Cybersecurity Silent Push researchers, which nicknamed the campaign `Poissoeed ‘, explained how criminals have created usurped destination pages for the first time for companies such as Coinbase, Ledger, Mailchimp, Sendgrid, Hubspot and others. They collect the identification information for people, which allow cybercriminals to connect to the diffusion service accounts and to exfiltrate all the diffusion lists.
Then, they would send emails, made the identity of these companies and urged users to configure a new Coinbase portfolio, using the sentence of semen integrated into the email. A seed sentence is a series of 12 to 24 words generated by the portfolio which gives access to the funds inside. It acts as a main key, so anyone who can restore the wallet and control cryptocurrencies inside.
Seed phrase poisoning
“Bulk spam recipients are targeted with a poisoning attack with cryptocurrency seeds,” said Silent Push.
“As part of the attack, Poisoned provides safety seed phrases so that potential victims would copy them and stick them to new cryptocurrency wallets for a future compromise.”
Once users have created new portfolios and compare them with their funds, criminals can simply send money elsewhere, which is a permanent loss for victims.
The researchers believe that the campaign is the work of two threat actors “without freely alignment”, called Sporsed Spider, and Cryptochameleon, which would both be part of a broader cybercrime ecosystem called COM.
Since the cryptocurrency is without permission and decentralized, once the funds are sent from one portfolio to another, the only way to recover them is to have the money returned.
In 2024, the American government seized tens of millions of dollars in crypto, as part of a wider survey on market manipulation, theft, fraud, etc.
Via The Hacker News
