MailChimp Malware

“Hey…Did you send out that email campaign to a whole new list of people using MailChimp?” Your Marketing associate asked you over at lunch today.

question mark

Bewildered, you logged in to MailChimp, found an unknown list of new clients, and that you sent out a campaign blast to them.

Did you do this in your sleep? Was it part of the automation tool that you setup for the company recently?

The answer is no. Your MailChimp account was compromised.

In this recent uptrend, MailChimp accounts were assessed and used to send out emails to lists of people that are known (your list), and unknown (the cyber criminal’s list).

What happens when it happens?

Since MailChimp is a trusted sender to almost everyone on that list of yours, these emails will simply stroll past your email provider’s spam filters, and directly into your list’s inbox.

As we previously educated our subscribers in our blog post, a malware is short for malicious software, and is a blanket description of viruses, trojans, etc.

The malware has it easy once it gains access to your MailChimp account. The malware strain is Gootkit, a banking trojan that has a long, long life, and great success at stealing passwords, credentials, and other sensitive information.

It doesn’t just stop at blasting the emails, once the users click on the attachments of the cleverly disguised invoice-type emails, the malware gets to spread some more from that user’s contact list.

This malware is traveling the world, with beginnings in Australia in November 2016, and making its way to US, and UK in February and March 2018.

But this malware was earlier spotted by security researcher Troy Hunt as early as November 2016, as tweeeted.

curious dog

How can you be more vigilant against this threat?

If you received a suspicious email:

Have a look at the sender’s email, if it is suspicious and you do not reckoning it, do not open it.

If curiosity got the better of you, or a misclick that opened the email, do not click on the attachment.

If you own a Mailchimp account:

Login this instant to get 2FA authentication set up for your account.

Change your account password to a stronger one, which should consist of letters and numbers, with one capital letter, and one symbol.

How can CTARe help?

Simple: let us manage it for you. Our managed IT solution not only helps you in your IT administration, we also provide backups, and cyber security for your workstations, servers, and website.

Our bundled next-generation anti-virus keeps your workstations protected from this malware.