On GameSpot: Sony, Nintendo, Apple sued over wireless
BNET Business Network:
BNET
TechRepublic
ZDNet

August 11th, 2009

Campaign Monitor hacked, accounts used for spamming

Posted by Dancho Danchev @ 10:30 am

Categories: Spam and Phishing, Uncategorized

Tags: Spammer, Spamming, Attack, E-mail, Spam, Servers, Security, Spam And Phishing, Hardware, Dancho Danchev

E-mail marketing software developer Campaign Monitor warned users today of a server compromise that took place during the weekend.

The compromise allowed the attackers to gain access to customer accounts, which they abused by importing their own lists of harvested emails in order to launch spam campaigns using the clean IP reputation of their servers. No credit card details have leaked, according to the company.

More info on the attack:

The main attack took place over this weekend, for a few hours on Saturday and Sunday and continuing into this week. We have up until now been gathering information so that we can contact you with accurate details, and also making sure we were stopping ongoing problems. We did not want to give you incomplete or misleading information. Right now we are still finding out more, but it is important you are all aware of the situation.

We are still actively working to get full detail on this, but essentially one of our servers was compromised, and that gave the hacker enough access to be able to get into a few customer accounts. We now know more, but don’t want to publish any details as you can understand.

The incident reminds a similar one where compromised university accounts were used in the very same fashion. However, this tactic is fad due to a spammer’s obsession with efficiency, which they’re already achieving by using automatically registered/compromised email accounts, now representing close to 20% of the overall spam volume.

Who’s behind this attack? It’s either a spammer opportunist, or unethical competition that went to great lengths in an attempt to have Campaign Monitor’s servers blacklisted, which isn’t happening based on their bounce rate monitoring.

The company has notified the owners of the affected accounts, and has commissioned an external security audit.

Dancho DanchevDancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog. See his full profile and disclosure of his industry affiliations.

Email Dancho Danchev

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 3 Talkback(s)
It wasn't the point
Whenever a server is hacked, the first thing the Linux fanboys do is run to netcraft to see what it was running. If it was running Windows, then Windows was to blame. If it was running Linux (as was t... (Read the rest)
Posted by: NonZealot Posted on: 08/11/09 You are currently: a Guest | | Terms of Use
I guess they shouldn't have switched from Windows to Linux!  NonZealot | 08/11/09
Except that's not what the Netcraft data suggests.  Zogg | 08/11/09
It wasn't the point  NonZealot | 08/11/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here