Well-known hackers are hacking into the accounts of people using AT&T email accounts and then utilizing that access to hack into the victim’s cryptocurrency exchange accounts and steal their coins.
Tech Hub has established that earlier this month a team of cybercriminals had discovered a way to hack into the email accounts.
Anyone with an att.net, sbcglobal.net, bellsouth.net, or other AT&T email address was found to be at risk.
The hackers are able to do so, according to the tip, because they have access to a portion of AT&T’s internal network.
This allows them to generate mail keys for any user.
Mail keys are one-of-a-kind credentials that AT&T email users can use to connect into their accounts.
This can be done using email applications like Thunderbird or Outlook without having to enter their passwords.
How they are doing it
Hackers can utilize a target’s mail key to get into the target’s account and begin changing passwords for more profitable services, such as cryptocurrency exchanges, using an email app.
At that point, the user is out of luck because the hackers can reset the victim’s Coinbase or Gemini account password by email.
According to AT&T spokesperson Jim Kimberly, the company “identified the unauthorized creation of secure mail keys, which can be used in some cases to access an email account without needing a password.”
“To prevent this activity, we have updated our security controls.” “As a precaution, we also required a password reset on some email accounts,” stated the official.
“This process wiped out any secure mail keys that had been created,” the spokesperson added.
AT&T has refused to say how many individuals have been affected by this series of hacking. However, “as a precaution,” the business has locked some email accounts, compelling their owners to reset their passwords.
Access to VPN
“This process wiped out any secure mail keys that had been created,” said the representative.
According to screenshot by the hackers, the hacker stated in the Telegram channel.
According to the source, the gang now has access to AT&T’s internal VPN.
AT&T representative Kimberly denied that the hackers had access to internal business networks.
“There was no system intrusion for this exploit.” The malicious actors made use of API access.”