The PoisonSeed malware campaign has emerged, targeting both crypto users and content creators by exploiting hacked mailing lists. Cyber intelligence firm Silent Push identified this two-pronged attack, where the campaign first compromises bulk email providers like Mailchimp and SendGrid, sending fake emails to users claiming account restrictions. Victims are lured into providing their login details on counterfeit websites. Once the mailing lists are harvested, subscribers receive phishing emails purporting to be from a cryptocurrency exchange, inviting them to import a 12-word seed phrase into their accounts. This trick could enable attackers to access and drain victims’ crypto wallets. Microsoft regional director Troy Hunt, an affected Mailchimp user, recounted falling prey to the deception due to fatigue but quickly changed his password after realizing the phish. Silent Push distinguishes PoisonSeed from other threats like Scattered Spider and CryptoChameleon, despite the similar phishing tactics. The campaign underscores the need for vigilance among both consumers and content creators against social engineering attacks.

Source 🔗