Illustration by Alex Castro / The Verge
Hackers have reportedly been breaking into AT&T-provided email addresses, and using this access to steal large quantities of cryptocurrency, TechCrunch reports. While it’s not clear how many people have been impacted, one alleged victim claims to have lost $134,000 from a Coinbase account associated with a compromised email address. Email addresses with att.net, sbcglobal.net, and bellsouth.net domain names have all reportedly been affected.
The vulnerability revolves around mail keys, which are meant to allow users to log into AT&T email accounts via clients like Outlook or Thunderbird. Somehow, attackers appear to have found a way to generate these keys without the knowledge of the owner of an email account. Once they have access,…
