PoisonSeed Campaign Targets CRM and Bulk Email Providers in Supply Chain Spam Operation
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
The PoisonSeed campaign is targeting enterprise organizations and individuals outside the cryptocurrency industry by phishing CRM and bulk email provider credentials. The attackers export email lists and send bulk spam from compromised accounts, primarily to support cryptocurrency spam operations. The campaign uses a novel cryptocurrency seed phrase poisoning attack, providing security seed phrases to trick victims into copying them into new cryptocurrency wallets for future compromise. While similarities exist with Scattered Spider and CryptoChameleon groups, PoisonSeed is currently classified separately due to unique characteristics. The campaign has targeted companies like Coinbase, Ledger, Mailchimp, SendGrid, Hubspot, Mailgun, and Zoho, using sophisticated phishing techniques and automated processes to quickly exploit compromised accounts.
OPENCTI LABELS :
phishing,cryptocurrency,supply chain,crm,coinbase,bulk email,ledger,seed phrase poisoning
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
PoisonSeed Campaign Targets CRM and Bulk Email Providers in Supply Chain Spam Operation