Microsoft Outlook data leaks, cryptocurrency users become hacker targets

Earlier this month, technology media Motherboard found that hackers can not only access the email metadata of Outlook users, but also get the content of the email. The key to this type of attack is that the hacker obtains the login credentials of the Microsoft customer service staff; in this way, the hacker can sneak into the content of any non-enterprise Outlook, Hotmail or MSN account.

Crypto

Today, several victims say they believe that one of the reasons for hacking into such email accounts is to empty people's cryptocurrency accounts.

Microsoft user Jevon Ritmeester revealed:

The hacker visited my inbox, they reset my Kraken.com account password and took my bitcoin.

Ritmeester showed a reminder of the stolen email from Microsoft and related screenshots – the hacker forwarded the mail, and all emails mentioning the word "Kraken" were automatically forwarded to the hacker-controlled Gmail address.

These forwarded messages contain requests for password reset and bitcoin extraction. Ritmeester recently wrote in a post on the Technology Forum that he checked the spam in his mailbox and found that someone had made both requests. In this post, he added that his loss of bitcoin exceeded 1 BTC and the current price of bitcoin was around $5,200.

It seems that Ritmeester is not the only Microsoft user who has stolen money.

Reddit user Shinratechlabs also said, "This directly led to my account being hacked." He said that he lost "25,000 in crypto", but it is not clear whether he lost 25,000 coins or lost 25,000.

Another Reddit user, mickey_ficke, said that he had encountered such a situation, but did not lose a lot of money.

Ritmeester said:

I think Microsoft tried to hide it and didn't take it seriously.

Ritmeester mentioned in the post that he did not enable two-factor authentication (F2A) on Kraken, which would allow hackers to invade cryptocurrency accounts to some extent. If F2A is enabled, the hacker may also have to control the user's phone number in order to steal the cryptocurrency.

A Microsoft spokesperson said in an e-mail on Monday that "if customers think they are affected more than what Microsoft mentioned in the notice, they should contact the Microsoft customer service team for help."

Initially, when TechCrunch and other media reported Outlook data breaches, Microsoft said that only email metadata and customer information were affected, such as subject and recipient, and the sender's email address name. After the reporter told Microsoft that the e-mail content was also affected and submitted relevant evidence, Microsoft revised the statement, but in fact they already realized that the e-mail content was also publicized; the company has sent an email notification to the victim. .

Ritmeester said:

I think Microsoft is saying this to reduce the impact of this leak. I think a lot of users have suffered losses in one way or another because there is a lot of sensitive information in the inbox.

I plan to report the case to the police and consider letting Microsoft bear the economic loss, given that many of my personal information may be leaked in the near future.

Such incidents once again sounded the alarm for cryptocurrency users. The storage of digital assets should try to choose unmanaged wallet or cold storage solution, and it is safest to control the private key by yourself. When you need to use the exchange, you should turn on the more comprehensive security measures for two-factor authentication, so as to avoid hackers.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

Why do I always receive "Exchange Withdrawal" messages? Learn about the classification and protection measures of Web3.0 data leakage events in this article.

This article will introduce you to the classification of Web3.0 data breaches and what measures we should take to pr...

Blockchain

BiClub realizes full automation of OTC platform and helps build a large-scale digital asset financial service system

In the early hours of Beijing time yesterday, BiClub ( www.biclub.io , WeChat biclubcom) team has completed a key ste...

Blockchain

99% of the transaction volume is fraudulent, what is left behind the false prosperity of the currency circle?

The amount of trading fraud has been ridiculous for the people of the coin circle, but all along, there are always bl...

Blockchain

Forbes: What challenges will cryptocurrency regulators face?

According to a recent survey by Coinfirm, only 14% of the world's 216 cryptocurrency exchanges have regulatory a...

Blockchain

New Battlefield for Encrypted Exchanges: High Frequency Trading

Some cryptocurrency exchanges are "quietly" paving the red carpet for High-Frequency Trading, and many trad...

DeFi

LK Venture Research Report | Telegram vs Twitter Who will dominate the super application race in the Web3 era?

Original author LeoDengSummary X and Telegram are globally renowned social media platforms that are exploring in the ...