Comments

Fake SagePay Subscription emails via MailChimp mailing list systems delivering Gootkit Banking trojan — 1 Comment

  1. >I am not sure how these mailing lists got the email address these were sent to. To the best of my knowledge the recipient’s email address was never signed up to any of the organisations or companies that have been misused in this malware campaign. The criminals must just be using a set of randomly chosen email addresses that they have obtained elsewhere. It is very unlikely that the recipient’s email addresses are genuinely on these mailing lists or have subscribed to them.

    My Mailchimp account got breached, no mallware on any pc used to access the service, no login sharing, altough Two-Factor wasn’t setup (It is since the breach). I knew of the breach because my main admin got a notification email from Mailchimp at 2AM saying a 250k subscriber list was successfully imported (my normal list is of about 6k), so the attackers just import their own list into the breached account and sent it thorough there, and then just delete the sent campaign.

Leave a Reply

Your email address will not be published. Required fields are marked *