MailChimp customers targeted in malware scam but company denies breach

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
A well-known email marketing provider, MailChimp, appears to have been caught up in a malware scam targeting clients of Australian firms, including gardening and home services provider Jim's Group.

A division of Jim's Group, the parent company of Jim's Mowing, sent emails to customers yesterday demanding payment for an invoice, which when opened downloaded a potentially dangerous file onto the victim's computer.

The file, which uses Javascript, could be used to steal banking information or scramble a computer's system and demand payment to fix it.

Jim's Mowing founder Jim Penman said MailChimp was not secure and had been hacked.

"We are giving strict instructions MailChimp must not be used again," he said.

"Our own systems are far more secure.

"Because [the email came from] only one division only a fraction of our client base was affected and all clients affected have been warned.

He said it was a timely reminder virus software should be kept up to date.

"We apologise to anyone concerned," he said.

"To our knowledge no one has lost money and we would make sure they were compensated if they did."

It appears only customers of the Jim's division relating to building and home maintenance inspections were affected.

The company yesterday emailed customers, saying "a known cyber terrorist" had spammed their clients.

'No breach', MailChimp says
In a statement, MailChimp said a small number of individual accounts sending the fake invoices had been identified and disabled.

Read more: MailChimp customers targeted in malware scam but company denies breach
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top