-: FOLLOW US :- @theinsaneapp
Namecheap's email account was hacked on Sunday night.
-: FOLLOW US :- @theinsaneapp
The hack allowed cybercriminals to send phishing emails with the aim of stealing personal information and cryptocurrency wallets.
-: FOLLOW US :- @theinsaneapp
The phishing emails originated from SendGrid, an email platform used by Namecheap.
-: FOLLOW US :- @theinsaneapp
The phishing emails pretended to come from DHL and Metamask.
-: FOLLOW US :- @theinsaneapp
The DHL email claims the recipient must pay a delivery fee, but clicking on a button leads to a fake DHL page that steals sensitive information.
-: FOLLOW US :- @theinsaneapp
The Metamask email says the recipient's account has been suspended and they need to complete a KYC verification process.
-: FOLLOW US :- @theinsaneapp
The email also contains a marketing link that redirects the user to a fake Metamask page.
-: FOLLOW US :- @theinsaneapp
If the user provides their Secret Recovery Phrase or private key, the threat actors can import the Metamask wallet and drain its funds.
-: FOLLOW US :- @theinsaneapp
Complaints from recipients led Namecheap CEO Richard Kirkendall to confirm the email account hack.
-: FOLLOW US :- @theinsaneapp
Namecheap published a statement on its website acknowledging the hack.