Bitcoin Cash Tips Stolen as Hacker Targets Reddit Users
It was not a good way to star the year as a number of Reddit users have recently been hit with a cyberattack.
The Reddit moderator u/gooeyblob confirms the Mailgun security incident January 5, 2018, stating that several Reddit users received password reset emails, even without requesting for it in the first place.
In the said post, the moderator stressed out that the hacker used the third-party software provider, Mailgun, to nab funds.
An excerpt of the message reads:
“We have been working to investigate the issue and coordinating with Mailgun, a third-party vendor we’ve been using to send some of our account emails including password reset emails.
A malicious actor targeted Mailgun and gained access to Reddit’s password reset emails. The nature of the exploit meant that an unauthorized person was able to access the contents of the reset email. This individual did not have access to either Reddit’s system or to a Redditor’s email account.”
Mailgun also did not waste any time and aired their side of the story. In a blog post on January 5, the company informed its users that they had been notified about incidents involving customers’ API keys getting compromised.
To ease the frustrations and worries of its users, Mailgun reassured them that the problem has been resolved.
Josh Odom, CTO of Mailgun and the author of the post also stated that they have successfully closed the point of access. He also added that additional technical safeguards have been put in place to protect the sensitive data of the application.
Part of the statement reads:
“Mailgun has now completed its diagnostic of accounts that were affected and has notified each of the affected users. At this time, we believe less than 1% of our customer base was potentially affected.
If you were not directly notified by Mailgun regarding this incident, then your account was not affected. We are engaging with a third-party security team to complete an additional audit of this incident to validate our findings.
Finally, we’d like to assure our customers and partners that we take security at Mailgun very seriously. We are using this as an opportunity to further evaluate the security of our platform to better serve and protect our customers. We will provide an update upon the completion of our investigation.”
With the growing popularity and skyrocketing price of cryptocurrencies, it is expected that more hacking and crypto-jacking incidents will take place.