Namecheap’s email account was breached on Sunday evening to be used for sending phishing emails to Namecheap customers – in an attempt to steal sensitive information.
The unknown threat actor used DHL and MetaMask themes for stealing the data – of customers’ cryptocurrency wallet keys and other important information. Namecheap disabled their compromised email account and said to be investigating the incident.
Exploiting Namecheap’s Email Account
Since yesterday, several Namecheap users have been complaining about receiving suspicious emails from the service asking for sensitive details – which was later confirmed to be a hacking incident – as Namecheap CEO Richard Kirkendall said in a tweet.
People noted the suspicious emails being sent through the SendGrid network – an email delivery service often used by Namecheap for sending transactional and marketing emails to its customers. Hackers who breached Namecheap’s email account used this to send phishing emails to its customers – asking for sensitive data.
Beware of phishing emails coming out of @Namecheap ’s @SendGrid account. DHL, MetaMask, digitally signed with DKIM. Looks like low level hackers were able to get into their systems. PII looks to be exposed. pic.twitter.com/IuLE8mo2w6 — Kathy Zant (@kathyzant) February 12, 2023
