Hackers Are Using MailChimp to Spread Malware – Is Your Account Secure?

Hackers Are Using MailChimp to Spread Malware - Is Your Account Secure? Security & Privacy Today we had a graphic lesson in why one should always use a complex password with online services.

MailChimp is one of the more popular mailing list services. I use it when building author websites, and so does just about everyone who doesn't use Aweber.

And apparently hackers like it just as much as I do, only not for the same reason.

Motherboard reports that a number of MailChimp accounts were hacked and used to send out emails with malware as ZIP file attachments:

Companies and websites sometimes outsource their newsletter distribution to another company, to handle the infrastructure and headaches of firing out tens or hundreds of thousands of emails at a time. In this case, that was MailChimp, according to another apparent email from Business News Australia.

“This morning our MailChimp subscriber database was hacked and a fake invoice (Inoice 00317) [sic] was sent to our list,” the email reads, according to a screenshot tweeted by Hunt.

“Please disregard and delete this email. You have not been charged,” it adds. Camilla Jansen, managing editor of Business News Australia, told Motherboard in an email “We’re waiting to find out more.”

But it seems other companies have been affected too. One Twitter user uploaded an apparent screenshot of a near identical email sent to subscribers of the Sit Down Comedy Club in Brisbane's mailing list.

Motherboard sent an email to The Sit Down Comedy Club, asking for comment, and immediately received the following, perhaps automated, reply.

“IF YOU RECEIVE AN EMAIL WITH THE TITLE - Inoice 00317 from Sit Down Comedy Club Pty Ltd - PLEASE DELETE the email you received, we do not use Quickbooks. It is SPAM and do not open it,” the email reads.

“We are trying to get to the bottom of this at the moment,” it adds.

Another Twitter user uploaded a screenshot of an apparent email from Jim's Building Inspections, also an Australia-based company. The firm blamed the issue, without any evidence, on a “known cyber terrorist.”

It's not clear how the accounts were compromised, but given that they are all located in Australia the most likely option is that they ued the same marketing firm, and that the firm's computers were compromised in a hack.

The next most likely option is that the companies all had weak passwords on their MailChimp accounts, which is possible.

But either way, someone is targeting MailChimp accounts.

Is your account secure? Have you enabled two-factor authentication?

image by tomoswyn

Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader: He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top