• Hackers attacked the domain registrar Namecheap on Sunday, Feb. 12, 2023 and compromised their email account.
• The hackers leveraged the company’s email account through a third-party provider, Sendgrid, to send out phishing emails claiming to be from Metamask and DHL.
• Namecheap CEO Richard Kirkendall confirmed the issue and disabled Sendgrid services, while Metamask warned users not to enter their recovery phrase on any website.
Hackers Attack Domain Registrar Namecheap
On Sunday, Feb. 12, 2023, hackers attacked the domain registrar Namecheap’s email account. Subsequently, a large number of individuals received phishing emails claiming to be from Metamask and DHL that originated from the email platform Sendgrid.
Namecheap Confirms Email Account Compromise
Namecheap CEO Richard Kirkendall confirmed the compromise and said the firm has disabled Sendgrid services in response. Multiple reports indicate that hackers leveraged the company’s email account through a third-party provider to send out malicious emails with links leading to a phishing campaign attempting to steal private information from users.
Metamask Warns Recipients
Metamask also tweeted about the Namecheap emails and told recipients to ignore them as they do not collect KYC information nor will they ever ask for someone’s recovery phrase via email. They reiterated that people should never enter their secret recovery phrase on any website under any circumstances.
Phishing Attacks Commonly Used by Hackers
Phishing attacks have been common in recent years and hackers have used various methods to access people’s private information such as financial data or mnemonic phrases from wallets like Metamask. The DHL phishing email attempted to provide users with an invoice in order for them to enter payment information for a fake issue which would enable hackers access funds from their accounts if successful.
Namecheap Takes Immediate Action
Beehive Cybersecurity noted that when they notified Namecheap of this breach they acted promptly and treated it seriously as per best practices in cybersecurity; this is what companies should strive for when responding quickly and efficiently when faced with such crises.