Hackers using AT&T email addresses to steal millions from cryptocurrency accounts

Share via:

Unknown hackers have reportedly gained access to the email accounts of people with AT&T email addresses and are using that access to break into victims’ cryptocurrency exchange accounts and steal their digital assets.

According to an anonymous source who contacted TechCrunch at the beginning of the month, the hackers have found a way to hack into the email addresses of anyone who has an att.net, sbcglobal.net, bellsouth.net, and other AT&T email addresses. The hackers are reportedly able to do this because they have access to a part of AT&T’s internal network that allows them to create mail keys for any user.

With a target’s mail key, the hackers can log into the target’s account via email apps like Thunderbird or Outlook and start resetting passwords for more lucrative services like cryptocurrency exchanges. The AT&T spokesperson Jim Kimberly stated that the company had “identified the unauthorized creation of secure mail keys, which can be used in some cases to access an email account without needing a password.

We have updated our security controls to prevent this activity.” The company also proactively required a password reset on some email accounts as a precaution and locked some email accounts, forcing their owners to reset their passwords.

The report also suggests that the hackers may have access to AT&T’s internal VPN after obtaining an API access key. According to the anonymous source, the hackers have made between $15 and $20 million in stolen crypto, but this claim could not be independently verified by TechCrunch.

One victim told TechCrunch that hackers had stolen $134,000 from his Coinbase account, while another victim stated that this has been happening repeatedly since November 2022. Several people with AT&T and other related email addresses also reported on Reddit that they had been hacked.

As cryptocurrency becomes increasingly popular, hackers have become more sophisticated in their methods of attack, and incidents like this serve as a reminder of the importance of strong security measures. Users are advised to use two-factor authentication and avoid reusing passwords across multiple accounts.

AT&T users who suspect that their accounts have been compromised should immediately reset their passwords and enable two-factor authentication.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Hackers using AT&T email addresses to steal millions from cryptocurrency accounts

Unknown hackers have reportedly gained access to the email accounts of people with AT&T email addresses and are using that access to break into victims’ cryptocurrency exchange accounts and steal their digital assets.

According to an anonymous source who contacted TechCrunch at the beginning of the month, the hackers have found a way to hack into the email addresses of anyone who has an att.net, sbcglobal.net, bellsouth.net, and other AT&T email addresses. The hackers are reportedly able to do this because they have access to a part of AT&T’s internal network that allows them to create mail keys for any user.

With a target’s mail key, the hackers can log into the target’s account via email apps like Thunderbird or Outlook and start resetting passwords for more lucrative services like cryptocurrency exchanges. The AT&T spokesperson Jim Kimberly stated that the company had “identified the unauthorized creation of secure mail keys, which can be used in some cases to access an email account without needing a password.

We have updated our security controls to prevent this activity.” The company also proactively required a password reset on some email accounts as a precaution and locked some email accounts, forcing their owners to reset their passwords.

The report also suggests that the hackers may have access to AT&T’s internal VPN after obtaining an API access key. According to the anonymous source, the hackers have made between $15 and $20 million in stolen crypto, but this claim could not be independently verified by TechCrunch.

One victim told TechCrunch that hackers had stolen $134,000 from his Coinbase account, while another victim stated that this has been happening repeatedly since November 2022. Several people with AT&T and other related email addresses also reported on Reddit that they had been hacked.

As cryptocurrency becomes increasingly popular, hackers have become more sophisticated in their methods of attack, and incidents like this serve as a reminder of the importance of strong security measures. Users are advised to use two-factor authentication and avoid reusing passwords across multiple accounts.

AT&T users who suspect that their accounts have been compromised should immediately reset their passwords and enable two-factor authentication.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Rustom Kerawalla’s VIBGYOR group of schools students shine bright...

New Delhi (India), May 23: The result season...

EmergeTech Multicity Roadshow 2024 – Mumbai Chapter: A Resounding...

EmergeTech 2024 Highlights: The event kicked off with a...

Sachin Bansal’s Navi Finserv Bags INR 150 Cr Via...

SUMMARY Among the investors are Dadachanji Group chairman Kairus...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!