- Crypto hackers have been targeting AT&T email accounts to gain exchange access
- The hackers are creating ‘mail keys’ which allow them to reset passwords on crypto exchange accounts
- AT&T has a history of insecurities when it comes to crypto users
Hackers are trying to compromise AT&T email accounts in order to steal information that will allow them to gain access to users’ crypto accounts, according to Techcrunch. The outlet has discovered that a group of hackers has already gained unauthorized access to the exchange accounts of individuals with email addresses on the AT&T domain, having worked out how to breach the email addresses of anyone using att.net, sbcglobal.net, bellsouth.net, and other AT&T domains. AT&T has been among the worst offenders when it comes to SIM swap attacks, and it seems that vulnerabilities in their email system are now being exploited too.
Hackers Gaining Access Through ‘Mail Keys’
Techcrunch says that the hackers have gained access to a section of AT&T’s internal network which enables them to create mail keys for any user. These are unique credentials that allow AT&T email users to log in to their accounts through email apps such as Thunderbird or Outlook, without the need for a password, allowing the hackers to use an email app to log into the target’s account and start resetting passwords for more lucrative services, such as cryptocurrency exchanges.
Once the hacker has gained access through this method they can change the account password or simply reset the account, with Techcrunch confirming that victims are already piling up.
Not AT&T’s First Rodeo
Techcrunch spoke to AT&T, who admitted that the company had “identified the unauthorized creation of secure mail keys, which can be used in some cases to access an email account without needing a password.” It added that it has updated its security controls to prevent such activity, but, as a precaution, has also “proactively required a password reset on some email accounts,” the spokesperson said, forcing the account owners to reset their passwords.”
This process has “wiped out any secure mail keys that had been created,” the company added, but declined to mention the number of victims.
This is not AT&T’s first run-in with crypto hackers; it has been sued by a number of SIM swap victims in the past, who have stolen millions of dollars worth of cryptocurrencies after exploiting the company’s support center system.