Hackers Used Sendgrid API Keys to Fake Emails on Namecheap

Started by Domaining News, Feb 16, 2023, 02:55 AM

Previous topic - Next topic

Domaining NewsTopic starter

Phishing emails sent to Metamask account holders through Namecheap seemed legitimate, but they were not actually originating from Namecheap.

The hаckers used API keys linked to Sendgrid, a third-party mailing application, to fake the emails in a convincing way. This allowed them to bypass filters set by email providers and applications.

Despite this, Namecheap confirmed that their systems had not been breached and that customers' personal information and accounts remained secure. Nevertheless, they advised customers to ignore any such emails and refrain from clicking on any links.

They immediately stopped all emails, including those for Auth codes delivery, Trusted Devices' verification, and Password Reset emails. Additionally, they contacted their upstream provider to resolve the issue and began an internal investigation into the matter.

A similar incident had occurred recently with dotDB.com, where hаckers used Sendgrid to mass-email the customer base of dotDB with fake news about the company shutting down. The company later revealed that a former employee was involved in the incident, although no further details were provided.

It is important for users to remain vigilant and cautious when receiving unsolicited emails, as they may be fraudulent attempts to steal personal information or credentials. It is also advisable to use strong and unique passwords for different accounts to minimize the risk of unauthorised access.