Hello everyone. This is Netkiller.
Netkiller is committed to prioritizing the secure protection and management of our customers’ valuable information. On December 19, 2023, a phishing attack targeting SendGrid users led to the theft of Netkiller’s SendGrid account, resulting in the distribution of spam emails using the Netkiller domain. We immediately responded to this security breach, ensuring that no data or customer information was leaked. It was identified that 39 recipients(Not Netkiller Customers) opened the spam message. Netkiller sincerely apologizes to those who received these unauthorized emails and is dedicated to implementing measures to prevent any such incidents in the future.
Incident Summary:
On December 19, 2023, around 10 AM KST, a Netkiller employee received a phishing email disguised as a SendGrid service notification. The phishing email contained a fake login page, through which the employee’s account credentials, password, and two-factor authentication details were compromised. Although the employee quickly recognized the email as phishing and reset their account password within minutes, the SendGrid API was stolen, leading to a mass distribution of spam emails. Immediate action was taken to address this bulk mailing, and the issue has now been resolved, with no further unauthorized mailings occurring.
Description of Damages:
- A temporary SendGrid account used by Netkiller was compromised through a phishing email, leading to the theft of SendGrid API information.
- Spam emails were sent out to various email addresses using this API.
- The spam emails were sent to a total of 16,277 random email addresses, and among them, 39 individuals clicked on the phishing link.
Measures and Improvements:
Netkiller has taken measures to ensure that such incidents do not occur again in the future, including enhanced security training on phishing and spam emails, and implementing additional account authentication and management systems. We sincerely apologize for the concern this has caused to our customers and those who received the fraudulent emails.
Inquiries and Support:
If you have any questions about our compliance policy, please contact us at support@netkiller.com.
We appreciate your patience, understanding, and ongoing support while we address this incident.
Sincerely,
The Netkiller Team