BleepingComputer reports that Canadian multinational wireless networking equipment manufacturer Mercku's helpdesk portal has been responding to newly filed support tickets with MetaMask phishing emails following an apparent cyberattack.Submission of tickets via the portal is immediately followed by the delivery of an email with the subject "Metamask: Mandatory Metamask Account Update Required," which urges recipients to amend information on their MetaMask cryptocurrency wallet accounts within the next 24 hours to prevent losing account access. Included within the email is a phishing link containing "metamask.io" but redirects to a zpr[.]io service through the exploitation of the userinfo part of the URI scheme.Another redirection to "hxxps://matjercasa.youcan[.]store" is conducted by the zpr[.]io service although intrusions have been averted following the suspension of the hosting account of the former, according to BleepingComputer.Such a development should prompt organizations served by Mercku to avoid the firm's support portal, as well as emails from the portal.
Network Security, Breach, Phishing
Cyberattack hits Mercku’s helpdesk portal
(Adobe Stock)
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds