Related Infrastructure of MailChip Breach

Published on:

January 24, 2023

Likely target, user credentials

In investigating possible infrastructure related to the recent breach of MailChimp, we’ve identified an unrelated set of coordinated sites likely targeting user credentials. Enterprises using MailChimp should monitor the situation carefully.

Registrar: TUCOWS
Host: Grnasy s.r.o.
Nameservers: njalla
ex: mailchimp-taskus[.]com
mailchlmp[.]com
mailchimp-admin[.]comma

Related Content

SecuritySnacks

DPRK Contagious Interview: Developer Workflow Compromise

Analyze the DPRK "Contagious Interview" campaign targeting developers. Get technical deep-dives into VS Code task abuse, Node.js malware obfuscation, and a full Sigma/EDR detection pack to defend your CI/CD pipeline and identity perimeter.

Learn More

SecuritySnacks

The AI Frame Campaign Continues

Analysis of the persistent AIFrame campaign: A fake Google Authenticator Chrome extension and 6+ related apps use "deploy clean, update dirty" tactics to steal 2FA credentials and inject malicious iframes. Learn how this operation bypasses Google’s security reviews.

Learn More

SecuritySnacks

Cybersecurity Reading List - Week of 2026-04-06

From Gramsci's 'morbid symptoms' to modern threat intelligence - a cybersecurity roundup exploring why defenders should treat root causes over chasing dramatic threats, with curated links on ransomware, HUMINT, disinformation, and more.

Learn More

Related Infrastructure of MailChip Breach

Likely target, user credentials

Heading