In one of our most recent articles, we talked about the fake email that was sent due to a breach of Coinbase’s email servers. A few hours ago, we received additional information regarding this breach which not only targeted Coinbase but also companies such as Uber, Spotify and Foursquare. However, Coinbase was their intended target, as Bitcoin are becoming high-value targets for individuals with malicious intents.
SendGrid – The Mass Email Service
When it comes to sending out a lot of mails to many different subscribers, a standard mail service just won’t cut it. Major companies are now relying on mass emailing services such as SendGrid to send out newsletters, promotions and special announcements. However, once that service gets breached, a lot of harm can be done in a short amount of time.
According to a statement issued by SendGrid, “an unnamed Bitcoin-related client” was compromised this Wednesday. While SendGrid did not officially confirm the name of this client, Coinbase themselves announced hackers had compromised the company’s SendGrid account. It is important to note, that even though this happened, no bitcoins were stolen as a result of this breach.
SendGrid believed that this attack was an isolated case. However, this does not seem to be the case as there are quite a few similarities between this breach and an attack against a former SendGrid customer in 2014. To make matters even worse, it looks like other Bitcoin-related companies are being targeted through their mass email providers.
A Powerful Tool For Hackers
With Bitcoin-related platforms tightening their own security over the past few months, hackers are forced to look elsewhere for vulnerabilities. One way to achieve that goal is by going after services used by Bitcoin companies, such as a mass emailing service like SendGrid. This allows hackers to send billions of phishing emails to a large group of people in a very short timespan.
And seeing how SendGrid does not only service Coinbase but other Bitcoin-related companies, too, they are becoming a high-value target for people with bad intentions. Instead of infiltrating the Bitcoin platform itself – which is proving to be more and more difficult as security improves – hackers can access the entire customer database by breaching their mail provider. Furthermore, they can send fake emails that appear to come from a legitimate email address associated with the service people actively use.
One of the things that makes these fake emails even more convincing is the fact that the recipient can’t tell the difference between a fake email and one that has been sent by the company itself. This leads to more people being prone to take the bait and, ultimately, losing money, which would cause a PR nightmare for the associated company.
Just last year, another Bitcoin-related customer was affected by a breach of their SendGrid account. ChunkHost, a fast cloud service provider which accepts Bitcoin, and is also a platform used by many Bitcoin-related companies, was targeted by hackers who gained access to the company’s SendGrid account. This was done through social engineering – a SendGrid employee was convinced to change the ChunkHost’s details over the phone.
It is important to note that SendGrid is not the only mass emailing company servicing Bitcoin-related clients. As more and more people become aware of Bitcoin, there will undoubtedly be more hackers attracted to anything related to Bitcoin as well. Unfortunately, there is not much that can be done in this regard, except focus on developing even tighter security.
Source: New York Times
All images courtesy of Shutterstock