At the end of last week, Tippr customers reported on its forums that their BCH accumulation disappeared from their wallets. It was noticed after the users have received e-mails with notifications about changing passwords. The administrator with the “gooeyblob” nickname said that hackers took advantage of the vulnerability of Mailgun products, which supply software for Reddit.
As they say at Reddit, the attackers managed to find a vulnerability in the Mailgun software, which allowed them to seize control of the mailboxes of users, to find out personal data, including wallets passwords. This was enough for hackers to be able to withdraw Bitcoin Cash. In Mailgun they say that they took all necessary measures to block the hacker. At the end, the hack was performed by an unknown user who was not authorized.
Currently, companies are working together to find out the reasons for the leakage of information. All Reddit messages were transferred to secure servers in order to avoid a repeat situation. It is noted that the hacker was stopped so quickly that less than 1% of users data had suffered. Currently, there are 20 affected wallets.