Hackers Are Using MailChimp to Spread Malware – Is Your Account Secure?

9409307080_087cc9d1b8_hToday we had a graphic lesson in why one should always use a complex password with online services.

MailChimp is one of the more popular mailing list services. I use it when building author websites, and so does just about everyone who doesn't use Aweber.

And apparently hackers like it just as much as I do, only not for the same reason.

Motherboard reports that a number of MailChimp accounts were hacked and used to send out emails with malware as ZIP file attachments:

Companies and websites sometimes outsource their newsletter distribution to another company, to handle the infrastructure and headaches of firing out tens or hundreds of thousands of emails at a time. In this case, that was MailChimp, according to another apparent email from Business News Australia.

“This morning our MailChimp subscriber database was hacked and a fake invoice (Inoice 00317) [sic] was sent to our list,” the email reads, according to a screenshot tweeted by Hunt.

“Please disregard and delete this email. You have not been charged,” it adds. Camilla Jansen, managing editor of Business News Australia, told Motherboard in an email “We’re waiting to find out more.”

But it seems other companies have been affected too. One Twitter user uploaded an apparent screenshot of a near identical email sent to subscribers of the Sit Down Comedy Club in Brisbane's mailing list.

Motherboard sent an email to The Sit Down Comedy Club, asking for comment, and immediately received the following, perhaps automated, reply.

“IF YOU RECEIVE AN EMAIL WITH THE TITLE - Inoice 00317 from Sit Down Comedy Club Pty Ltd - PLEASE DELETE the email you received, we do not use Quickbooks. It is SPAM and do not open it,” the email reads.

“We are trying to get to the bottom of this at the moment,” it adds.

Another Twitter user uploaded a screenshot of an apparent email from Jim's Building Inspections, also an Australia-based company. The firm blamed the issue, without any evidence, on a “known cyber terrorist.”

It's not clear how the accounts were compromised, but given that they are all located in Australia the most likely option is that they ued the same marketing firm, and that the firm's computers were compromised in a hack.

The next most likely option is that the companies all had weak passwords on their MailChimp accounts, which is possible.

But either way, someone is targeting MailChimp accounts.

Is your account secure? Have you enabled two-factor authentication?

image by tomoswyn

About Nate Hoffelder (11581 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader:"I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

Leave a comment

Your email address will not be published.


*