Network Security, Breach, Phishing

Cyberattack hits Mercku’s helpdesk portal

Share
Plain code with the word "cyberattack" in red.

BleepingComputer reports that Canadian multinational wireless networking equipment manufacturer Mercku's helpdesk portal has been responding to newly filed support tickets with MetaMask phishing emails following an apparent cyberattack.

Submission of tickets via the portal is immediately followed by the delivery of an email with the subject "Metamask: Mandatory Metamask Account Update Required," which urges recipients to amend information on their MetaMask cryptocurrency wallet accounts within the next 24 hours to prevent losing account access. Included within the email is a phishing link containing "metamask.io" but redirects to a zpr[.]io service through the exploitation of the userinfo part of the URI scheme.

Another redirection to "hxxps://matjercasa.youcan[.]store" is conducted by the zpr[.]io service although intrusions have been averted following the suspension of the hosting account of the former, according to BleepingComputer.

Such a development should prompt organizations served by Mercku to avoid the firm's support portal, as well as emails from the portal.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.