- Hackers exploited Zendesk’s ticketing system to send mass spam emails from legitimate domains
- Major companies including Discord, Tinder, Riot Games and Dropbox are affected by the campaign
- Zendesk introduced monitoring and restrictions to stop relay spam and protect users
Hackers have hijacked Zendesk’s support system and used it for a seemingly completely chaotic and pointless spam campaign.
Zendesk is a customer service and support software platform that helps businesses manage customer communications. It supports tickets, live chat, email, phone and social media communication. Among its features is the ability to allow unverified users to submit support tickets, which when done will automatically generate a confirmation email and send it to the email entered by the user.
Now researchers say hackers went through huge lists of email addresses and created countless fake support tickets, turning the feature into a mass spamming tool.
Zendesk customers hit
The list of affected companies is apparently huge, and it includes a few heavy hitters: Discord, Tinder, Riot Games, Dropbox, CD Projekt, NordVPN, Tennessee Department of Labor, Tennessee Department of Revenue, and many others.
Since emails originate from a legitimate Zendesk system, they bypass most spam filters and land directly in people’s inboxes. Some people, according to Bleeping Computerreceived “hundreds” of emails in a very short time.
The campaign started on January 18th, but we don’t know if it’s still running. What is particularly bizarre about this campaign is that it does not distribute malware or phishing links. These are simply emails pretending to be cries for help or takedown requests from the police that do nothing but flood victims’ inboxes.
Here are a few subject lines:
FREE DISCORD NITRO!!
ORDER NOW FROM CD Projekt
LEGAL NOTICE FROM ISRAEL FOR koei Tecmo
TAKE DOWN NOW ORDER FROM ISRAEL TO Square Enix
told Zendesk Bleeping Computer it solved the problem by introducing new security features.
“We’ve introduced new security features to address relay spam, including improved monitoring and restrictions designed to detect unusual activity and stop it more quickly,” the company said.
“We want to assure everyone that we are actively taking steps – and continuously improving – to protect our platform and users.”
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
