User attacked via phishing email

02. März 2023, 17:03 Uhr

Von Krypto News Österreich

Das Blockchain-basierte Metaverse-Unternehmen The Sandbox hat seine Benutzer vor einer Sicherheitsverletzung durch eine Malware-Anwendung gewarnt. Laut dem offiziellen Blogbeitrag gelang es einem unbefugten Dritten, sich Zugang zum Computer eines seiner Mitarbeiter zu verschaffen und die gefundenen Informationen zu verwenden, um eine E-Mail zu versenden, die fälschlicherweise behauptete, von The Sandbox zu stammen. Seine Aussage lautete: „Wir haben die Konten und den Zugriff des Mitarbeiters auf The Sandbox gesperrt, den Laptop des Mitarbeiters neu formatiert und alle zugehörigen Passwörter zurückgesetzt, einschließlich der Anforderung einer Zwei-Faktor-Authentifizierung. Wir haben keine weiteren Auswirkungen festgestellt.“ Sicherheitslücke Die Sandbox erklärte, dass die Sicherheitslücke, die erstmals am … — The blockchain-based Meta-Verse company The Sandbox warned its users about a safety violation by a malware application. According to the official blog post, an unauthorized third party managed to gain access to the computer of one of his employees and use the information found to send an email that incorrectly claimed to come from The Sandbox. His statement was: "We blocked the accounts and access of the employee to The Sandbox, reorganized the employee's laptop and reset all associated passwords, including the request of a two-factor authentication. We have not established any further effects." The Sandbox explained security gap that the security gap, which for the first time on ... (Symbolbild/KNAT)

The blockchain-based meta-verse company The Sandbox warned its users about a safety violation by a malware application.

According to the official blog post, an unauthorized third party managed to get access to the computer of one of his employees and use the information found to send an email that incorrectly claimed to come from The Sandbox. His statement was:

"We have blocked the accounts and access of the employee to The Sandbox, reorganized the employee's laptop and reset all the associated passwords, including the request for a two-factor authentication. We have not found any further effects."

security gap

The Sandbox explained that the security gap, which was first identified on February 26, enabled the third to access several email addresses, to which he then sent a message that incorrectly pretended to come from the company.

The email in question, which was invited with malware hyperlinks, was entitled "The Sandbox Game (Pureland) Access". This made it possible for the exploiter to install malware from a distance on the computer of a user and to grant him control over the computer and access to the user's personal data.

The company warned of possible phishing attacks and asked them not to click on a hyperlink in the phishing email or other suspicious links to prevent malware from being installed on their computers. In addition, the users were recommended to strengthen their passwords and to implement a two-factor authentication.

The sandbox, however, made it clear that the third party's access to the computer of a single employee was limited to which a malware application was accessed. No other services or accounts of The Sandbox were injured.

So far, all recipients have been notified by email and the compromised passwords of the employee account have been reset. The team is currently monitoring the situation and is working on improving the corresponding security guidelines and practices.

rampant phishing attacks

The latest development comes days after Trezor Warned its user about an active phishing attack on Theft of Geldern by meansing it to enter the restoration phrase of the wallet on a fake website that resembles that of the hardware cryptocurrency wallet provider.

The rival Ledger suffered a massive data violation in 2020. The perpetrators publicly leaked the personal data of over 270,000 customers.