MailChimp, a service that millions of people around the world use to send out email newsletters, is being abused by hackers to spam out malware.
A typical attack involves hackers either compromising an existing MailChimp account, or setting up a fraudulent account, from which they then spam out scams or links to malicious content.
Why do they do this? Well, many mail providers trust MailChimp because it is so widely used, and are loathe to block newsletters and order confirmations sent via MailChimp for fear of upsetting users and the brands behind the messages.
And this means that it is very attractive to an online criminal to have access to a hijacked MailChimp account, as it makes it less likely that their attack will be blocked by email security products.
Just last week we saw Red Bull Records
apologise after hackers broke into its MailChimp account spam out phishing messages claiming to come from Apple.
Separately other cybercrime campaigns conducted via MailChimp have been designed to deliver malware to unsuspecting inbox owners – including the
Gootkit banking malware.
.......
.......
.......
