Altcoin News: Cryptocurrency Holders Become Victims of Microsoft Outlook Vulnerability

April 30, 2019, by Marko Vidrih on ALTCOIN MAGAZINE

Several cryptocurrency holders reported to Motherboard portal about the probable target of hackers who recently hacked the mailboxes of users of the Microsoft Outlook service.

According to the publication, the attackers gained access to users’ emails using the data to log into the account of the support service employee. This supposedly allowed them to view the contents of any unincorporated Outlook, Hotmail and MSN accounts.

“The hackers also had access to my inbox allowing them to password reset my Kraken.com account and withdrawal [sic] my Bitcoin,” a user named Jevon Ritmeester told the portal.

According to him, after hacking, the attackers did not begin to make themselves felt, but they set up the mailbox so that it automatically forwards messages to Kraken, including requests for changing the password and cryptocurrency, to their address in the Gmail mail service.

Ritmeester discovered that the attackers did both, only when he decided to check the folder with the deleted emails. In this case, the user has lost one Bitcoin, however, there is evidence that there are other victims.

“My account was hacked as a direct result of this,” Reddit user shinratechlabs wrote earlier this month, adding that he lost “25,000 in crypto.” “The same happened to me, although the amount was significantly less,” added another.

Ritmeester explained that he did not use two-factor authentication, which could protect his account in this case.

Previously, Microsoft stated that the vulnerability affects only the mailbox details.

“Customers who believe they have been impacted beyond what was outlined in the company’s notification should contact the Microsoft support team for assistance,” the Microsoft representative said, commenting on the messages of affected cryptocurrency holders.

“I feel Microsoft is trying to cover up and is not taking this seriously. Many users might have suffered in one way or another because incoming messages contain critical information,”

Ritmeester said, adding that he intends to at least go to the police and is thinking about billing Microsoft for the damage. “In fact, in the near future, a large amount of my personal information may leak.”

In March, Kraken announced that it would establish two-factor authentication as a forced setting for all its users.

Author: Marko Vidrih