Microsoft Outlook data leaks, cryptocurrency users become hacker targets

Earlier this month, technology media Motherboard found that hackers can not only access the email metadata of Outlook users, but also get the content of the email. The key to this type of attack is that the hacker obtains the login credentials of the Microsoft customer service staff; in this way, the hacker can sneak into the content of any non-enterprise Outlook, Hotmail or MSN account.

Crypto

Today, several victims say they believe that one of the reasons for hacking into such email accounts is to empty people's cryptocurrency accounts.

Microsoft user Jevon Ritmeester revealed:

The hacker visited my inbox, they reset my Kraken.com account password and took my bitcoin.

Ritmeester showed a reminder of the stolen email from Microsoft and related screenshots – the hacker forwarded the mail, and all emails mentioning the word "Kraken" were automatically forwarded to the hacker-controlled Gmail address.

These forwarded messages contain requests for password reset and bitcoin extraction. Ritmeester recently wrote in a post on the Technology Forum that he checked the spam in his mailbox and found that someone had made both requests. In this post, he added that his loss of bitcoin exceeded 1 BTC and the current price of bitcoin was around $5,200.

It seems that Ritmeester is not the only Microsoft user who has stolen money.

Reddit user Shinratechlabs also said, "This directly led to my account being hacked." He said that he lost "25,000 in crypto", but it is not clear whether he lost 25,000 coins or lost 25,000.

Another Reddit user, mickey_ficke, said that he had encountered such a situation, but did not lose a lot of money.

Ritmeester said:

I think Microsoft tried to hide it and didn't take it seriously.

Ritmeester mentioned in the post that he did not enable two-factor authentication (F2A) on Kraken, which would allow hackers to invade cryptocurrency accounts to some extent. If F2A is enabled, the hacker may also have to control the user's phone number in order to steal the cryptocurrency.

A Microsoft spokesperson said in an e-mail on Monday that "if customers think they are affected more than what Microsoft mentioned in the notice, they should contact the Microsoft customer service team for help."

Initially, when TechCrunch and other media reported Outlook data breaches, Microsoft said that only email metadata and customer information were affected, such as subject and recipient, and the sender's email address name. After the reporter told Microsoft that the e-mail content was also affected and submitted relevant evidence, Microsoft revised the statement, but in fact they already realized that the e-mail content was also publicized; the company has sent an email notification to the victim. .

Ritmeester said:

I think Microsoft is saying this to reduce the impact of this leak. I think a lot of users have suffered losses in one way or another because there is a lot of sensitive information in the inbox.

I plan to report the case to the police and consider letting Microsoft bear the economic loss, given that many of my personal information may be leaked in the near future.

Such incidents once again sounded the alarm for cryptocurrency users. The storage of digital assets should try to choose unmanaged wallet or cold storage solution, and it is safest to control the private key by yourself. When you need to use the exchange, you should turn on the more comprehensive security measures for two-factor authentication, so as to avoid hackers.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

Discussing the SEC's lawsuit against Binance: Years of regulatory balance disrupted, optimistic about the final outcome

Currently, the SEC and Binance's feud only reflects one fact: the imbalanced "ambiguous" regulatory relationship in t...

Blockchain

Research Report | Blockchain Economics Panorama and Future: Exchange Compliance

Author: BlockVC industry research team Source: BlockVC Editor's Note: The original title is "Postal Chain E...

Market

Latest Interview with Zhao Changpeng: Being "Under the Microscope" of Regulation, Market is Recovering in Bearish Period

On May 29th, Binance CEO Changpeng Zhao gave an interview to Bankless discussing his views on the current state of th...

Blockchain

The game of the exchange after the BCHSV "belowed"

The representative of the BSV community, Craig S Wright (CSW), has always claimed to be Nakamoto, and the people in t...

Blockchain

Will Upbit's $ 50 million loss bring Defi's "prosperity"?

The South Korean exchange was stolen again. Following the theft of a South Korean exchange at the beginning of the ye...

News

Who can take the lead in breaking the exchange contract?

Mark Lamb, CEO of CoinFLEX, predicts that by the end of 2020, the derivatives market will reach 20 times the size of ...