Casa > cibernético Notícias > MailChimp Abused to Deliver GootKit Banking Malware for 4 meses

MailChimp abusado para entregar o GootKit Banking Malware para 4 meses

Pelo visto, MailChimp email service has been frequently abused to deliver spam messages carrying malware infections. Security researchers have been frustrated because this problem has been happening for quite some time.

MailChimp Abused in Spam Campaigns Distributing Malware

The issue needs to be resolved as soon as possible as MailChimp is a widely-used service that delivers newsletters, bulletins, and even invoices and order confirmations to users and customers. Infected spam messages that are sent through MailChimp’s network are quite alarming as they tend to pass authentication checks.

Story relacionado: Necurs e Gamut Botnets Cumprindo 97% de todo o spam para sua caixa de entrada

Not to mention that email providers typically whitelist MailChimp due to the essence of the service. All of this simply means that suspicious, potentially infectious messages distributed via MailChimp are highly likely to be received and opened by the recipients.

What exactly has been happening? Attackers have been hacking into MailChimp’s network and have been sending fake invoices and emails ridden with malware. This became evident by a post written by security blogger known as My Online Security:

A lot of mail providers actually whitelist Mailchimp by default, because it has become almost the default service for sending newsletters, information bulletins and in many cases Company Invoices and Order Confirmations. Mailchimp use so many different sending email servers that it is almost impossible to keep, up with them. The main ones we see frequently are * | *mcsv,líquido | *

Em um caso particular, A conta MailChimp da Red Bull Records foi comprometida e abusada para distribuir um email de phishing com tema da Apple.

It is unclear how spammers managed to gain access to MailChimp’s systems; possibilities range from a vulnerable third-party plug-in that integrates into MailChimp, to a vulnerability in MailChimp itself, or customer credentials being stolen through a phishing attack,” Martijn Grooten‏, editor of industry journal Virus Bulletin explicado em um post de blog.

Pelo visto, according to security researcher Kevin Beaumont, the network has been abused to distribute GootKit banking malware for four whole months.

Story relacionado: Ursnif v3 Banking Trojan on the Loose Com a segmentação sofisticada

What Is MailChimp Doing to Address the Issue?

Curiosamente, the popular IT website The Register has contacted MailChimp, and MailChimp seems to have acknowledged the issue:

We are taking it very seriously that our platform is being used in this way. While we can’t comment on specific security initiatives, we can tell you that a team is working full time to investigate and address the issue as quickly as possible.

We are also working to educate impacted users around two-factor authentication and other account security measures. We expect to see an improvement soon.

Para agora, users are advised to lock down their MailChimp accounts by applying two-factor authentication.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar