Decrypt Email Phishing Attack Apology and Warning

0 0
Read Time:2 Minute

Phishing Attempt on Decrypt Media

In the early hours of March 27, hackers posed as Decrypt and sent out an email to our newsletter subscribers, falsely announcing a token airdrop. Once we became aware of this phishing scheme, we promptly issued a warning to our readers regarding the deception.

Regrettably, in our urgency to caution our subscribers and due to a prior phishing incident in January, we wrongly attributed the attack to our email service provider, MailerLite. Upon investigation, it was revealed that the hackers had gained access to our password key through an individual affiliated with Decrypt, absolving MailerLite of any responsibility for the breach.

“Due to security protocols, MailerLite does not retain API keys in their system, rendering it impossible to access them through the admin panel or any user account,” stated a MailerLite representative today. “Although Decrypt Media’s account was impacted during MailerLite’s data breach on January 23, 2024, the culprits were unable to obtain API keys necessary for initiating phishing campaigns on March 27, 2024.”

We extend our sincere apologies to MailerLite for incorrectly implicating them in this incident and acknowledge our error in judgment.

Investigation and Collaborative Measures

Following this breach, we have launched a thorough examination of the events and are collaborating with law enforcement authorities. According to MailerLite’s findings, the phishing campaigns were orchestrated via the MailerLite API, emanating from IP address “69.4.234.86” and utilizing user agent “python-requests/2.31.0”. The perpetrators, after obtaining access to our email list, selectively removed addresses ending in decrypt.co or decryptmedia.com to evade immediate detection by our team, proceeding to disseminate the fraudulent email.

Fortunately, the majority of our readers displayed caution in response to this phishing attempt, with only one individual attempting to link their wallet to the counterfeit address. Nonetheless, even a single instance of such deceitful activity is one too many.

Cryptocurrency scams are distressingly prevalent within our industry, evolving in complexity over time. Decrypt, like numerous other entities in the crypto sphere, has been exploited or misrepresented as a tool for cyber attacks. Perpetrators have even gone to the extent of establishing fraudulent websites, fake Discord servers, and counterfeit social media accounts impersonating our team. It should be noted that Decrypt solely operates through two domains: decrypt.co and decryptmedia.com. Any redirection to alternative domains should be viewed with suspicion.

In light of this incident, we urge vigilance and caution in navigating the digital landscape. Your safety and security are of paramount importance to us, and we remain committed to upholding the integrity of our platform. We appreciate your continued readership and support of Decrypt.

Image/Photo credit: source url

About Post Author

Chris Jones

Hey there! 👋 I'm Chris, 34 yo from Toronto (CA), I'm a journalist with a PhD in journalism and mass communication. For 5 years, I worked for some local publications as an envoy and reporter. Today, I work as 'content publisher' for InformOverload. 📰🌐 Passionate about global news, I cover a wide range of topics including technology, business, healthcare, sports, finance, and more. If you want to know more or interact with me, visit my social channels, or send me a message.
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %