Skip to main content

Hackers Are Using MailChimp to Spread Malware – Is Your Account Secure?

9409307080_087cc9d1b8_hToday we had a graphic lesson in why one should always use a complex password with online services.

MailChimp is one of the more popular mailing list services. I use it when building author websites, and so does just about everyone who doesn’t use Aweber.

And apparently hackers like it just as much as I do, only not for the same reason.

Motherboard reports that a number of MailChimp accounts were hacked and used to send out emails with malware as ZIP file attachments:

Companies and websites sometimes outsource their newsletter distribution to another company, to handle the infrastructure and headaches of firing out tens or hundreds of thousands of emails at a time. In this case, that was MailChimp, according to another apparent email from Business News Australia.

“This morning our MailChimp subscriber database was hacked and a fake invoice (Inoice 00317) [sic] was sent to our list,” the email reads, according to a screenshot tweeted by Hunt.

“Please disregard and delete this email. You have not been charged,” it adds. Camilla Jansen, managing editor of Business News Australia, told Motherboard in an email “We’re waiting to find out more.”

But it seems other companies have been affected too. One Twitter user uploaded an apparent screenshot of a near identical email sent to subscribers of the Sit Down Comedy Club in Brisbane’s mailing list.

Motherboard sent an email to The Sit Down Comedy Club, asking for comment, and immediately received the following, perhaps automated, reply.

“IF YOU RECEIVE AN EMAIL WITH THE TITLE – Inoice 00317 from Sit Down Comedy Club Pty Ltd – PLEASE DELETE the email you received, we do not use Quickbooks. It is SPAM and do not open it,” the email reads.

“We are trying to get to the bottom of this at the moment,” it adds.

Another Twitter user uploaded a screenshot of an apparent email from Jim’s Building Inspections, also an Australia-based company. The firm blamed the issue, without any evidence, on a “known cyber terrorist.”

It’s not clear how the accounts were compromised, but given that they are all located in Australia the most likely option is that they ued the same marketing firm, and that the firm’s computers were compromised in a hack.

The next most likely option is that the companies all had weak passwords on their MailChimp accounts, which is possible.

But either way, someone is targeting MailChimp accounts.

Is your account secure? Have you enabled two-factor authentication?

image by tomoswyn

Similar Articles

No Comments

Write a Comment