1. Forum
  2. tqwNet
  3. TQW GENTECH

  • PoisonSeed campaign hijacks business CRM and email accounts to se

    From TechnologyDaily@1337:1/100 to All on Mon Apr 7 15:30:07 2025
    PoisonSeed campaign hijacks business CRM and email accounts to send out huge amounts of spam

    Date:
    Mon, 07 Apr 2025 14:24:00 +0000

    Description:
    Business CRM accounts are being abused to exfiltrate mailing lists, experts warn.

    FULL STORY ======================================================================Hackers are targeting business CRM accounts to steal mailing lists Emails used to
    send spam and trick people into setting up compromised crypto wallets The
    goal is to steal the money, so be on your guard

    Hackers are stealing mailing lists from major companies and using them to break into peoples cryptocurrency wallets and snatch their funds.

    A new report from cybersecurity researchers Silent Push, who dubbed the campaign PoisonSeed, outlined how the criminals first set up spoofed landing pages for companies such as Coinbase, Ledger, Mailchimp, SendGrid, Hubspot, and others. They harvest peoples login credentials, which allow
    cybercriminals to log into mailing service accounts and exfiltrate any
    mailing lists.

    Then they would send emails, impersonating those companies, and urging users to set up a new Coinbase Wallet, using the seed phrase embedded in the email. A seed phrase is a series of 12 to 24 words generated by the wallet that
    gives access to the funds inside. It acts as a master key, so anyone who has it can restore the wallet and control the cryptocurrencies inside.

    Monitor your credit score with TransUnion starting at $29.95/month

    TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnions advanced risk assessment tools.

    Preferred partner ( What does this mean? ) View Deal Seed phrase poisoning attack

    "Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack," Silent Push explained.

    "As part of the attack, PoisonSeed provides security seed phrases to get potential victims to copy and paste them into new cryptocurrency wallets for future compromising."

    Once users set up new wallets, and top them up with their funds, the
    criminals can simply send the money elsewhere, which is a permanent loss for the victims.

    The researchers believe the campaign is the work of two loosely aligned
    threat actors, called Scattered Spider, and CryptoChameleon, both of which
    are reportedly part of a broader cybercrime ecosystem called The Com.

    Since cryptocurrency is permissionless and decentralized, once the funds are sent from one wallet to another, the only way to retrieve them is to have the other side send the money back.

    In 2024, the US government has seized tens of millions of dollars' worth of crypto, as part of a broader investigation into market manipulation, theft, fraud, and more.

    Via The Hacker News You might also like Hundreds of masterminds behind most pump-and-dump crypto coin schemes worldwide collect a staggering $250 million annually We've rounded up the best password managers Take a look at our guide to the best authenticator app



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/poisonseed-campaign-hijacks-business-cr m-and-email-accounts-to-send-out-huge-amounts-of-spam


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)