AT&T accounts are being hacked to steal cryptocurrency

Attackers are resetting crypto account passwords via AT&T emails

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Criminals have discovered a way to break intoemailaccounts provided by AT&T and is using that to access victim’s cryptocurrency exchange accounts and steal their cryptos.

An unnamed tipster talking to TechCrunch revealed how a group of hackers uncovered how to crack email addresses hosted on att.net, sbcglobal.net, bellsouth.net, and other domains from the same provider - AT&T.

Apparently, this group accessed AT&T’s internal network and has the ability to create mail keys for pretty much any user.

AT&T reacts

Mail keys are a type of credential that allows the user to log into their accounts via email clients, such as Outlook, without needing a password. Once they access the inbox, they can request a password change for the crypto account, and after that, they can pull virtually everything found in those accounts.

The tipster even gave a list of people who were allegedly targeted this way, and who confirmed to the publication that the story is true. Victims may need to consider using thebest identity theft protectionto keep themselves safe.

Giving credence to the story is also AT&T spokesperson Jim Kimberly, who told TechCrunch that the company did spot someone creating secure mail keys without authorization.

Thousands of GitHub repositories are littered with malware>Supply chain attacks on open source repositories are reaching new highs>Here are the best malware protection tools right now

“We have updated our security controls to prevent this activity,” Kimberly said. “As a precaution, we also proactively required a password reset on some email accounts,” the spokesperson said.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The company did not say how many people were affected by this incident, but it did say that it locked some email accounts out of caution.

“This process wiped out any secure mail keys that had been created,” the spokesperson added.

The problem doesn’t seem to be that new, either, as one of the victims said the attacks have been happening “repeatedly since November 2022”. Another victim said they lost more than $130,000.

Via:TechCrunch

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Rising AI threats are making firms turn back to human intelligence

Thousands of employees could be falling victim to obvious phishing scams every month

Nokia confirms data breach leaked third-party code, but its data is safe