Hackers exploit Namecheap email system in phishing campaign

Share post:

Hackers gained access to the Namecheap email system and used it to send MetaMask and DHL phishing emails aimed at customers’ personal and crypto wallet information.

Namecheap confirmed its upstream email system had been hacked in a status update and warned customers of an ongoing phishing campaign. Because they were sent from Namecheap’s account, the emails appeared to be legitimate.

The domain registrar, which has been praised for recent security improvements, stated that its own systems were not compromised and that no products, accounts, or personal information were affected.

After receiving complaints on Twitter, Namecheap CEO Richard Kirkendall confirmed that the account had been compromised and that email through SendGrid had been disabled while they investigated the problem. Kirkendall also stated that they believe the breach is related to a December CloudSek report about Mailgun, MailChimp, and SendGrid API keys being exposed in mobile apps.

This campaign’s phishing emails impersonate either DHL or MetaMask. The DHL phishing email appears to be a bill for a delivery fee required to complete a package delivery. The embedded links take the target to a phishing page that attempts to steal the target’s information.

While The MetaMask phishing emails included a link (https://links.namecheap.com/) that redirected the victims to a phishing page requesting the victims’ “Secret Recovery Phrase” or “Private key” that hackers could use to take over their wallets. They also impersonated MetaMask, a self-hosted wallet provider, and asked victims to complete the KYC (Know Your Customer) verification process in order to keep access to their crypto wallets.

The sources for this piece include an article in CPOMAGAZINE.

SUBSCRIBE NOW

Related articles

FBI’s Operation Level Up Ends Cyber Scams and Saves Millions of Dollars and Lives

We should send a love note out to The Federal Bureau of Investigation (FBI) who launched Operation Level...

DOGE’s Teen Hacker Stirs Concern Over Musk Team’s Access to Federal Databases

A 19-year-old named Edward “Big Balls” Coristine has raised red flags after Wired revealed he holds a key...

Deep Seek and Open Source AI – Without the Hype: Discussion with Robert Falzon, Head of Engineering, Check Point

DeepSeek AI is shaking up the cybersecurity world—are we prepared for the risks? Join host Jim Love and...

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways