A hack that targeted Microsoft email users may have been conducted in order to steal cryptocurrency users’ funds. The hack, which was exposed by Motherboard in mid-April, allowed attackers to compromise a Microsoft support account and gain access to some users’ email accounts. Multiple victims have since come forward to reveal that their accounts were compromised in a very specific way – to try and gain access to their cryptocurrency wallets and exchange accounts.
Crypto Users See Wallets Emptied
In following up the hack, which was worse than first feared, Motherboard were contacted by a number of users whose crypto accounts were emptied as a direct result of the hack. One user revealed that the hackers had managed to use his hacked email to reset his Kraken password, including creating a rule that forwarded all emails containing the word ‘Kraken’ to their own email address without alerting the user. This would include verification emails sent by the exchange to confirm withdrawals, allowing the hacker to potentially empty his account without his knowledge. Another user posted on Reddit that he had lost “25,000 in crypto” as a direct result of the hack, with others responding in kind, reporting varying amounts lost.
Security Back in the Spotlight
Microsoft have since been accused by affected users of not taking the hack seriously and trying to cover it up. Given that they initially insisted that only email metadata had been accessible and only conceded that accounts had been fully compromised when presented with evidence by Motherboard, this assertion has legs. The incident once again brings to the fore the issue of security, and is a stark reminder that two-factor authentication (2FA) using the likes of Google Authenticator and Authy are the safest ways to protect your cryptocurrency accounts, something the users clearly did not have in place, despite Kraken making 2FA mandatory on customer accounts earlier this month.