Email provider ProtonMail says it was hacked, then claims return
Hacking, when companies retaliate against cybercriminals, probably happens much more than the public realizes. Whether a business decides to gather intelligence on who is attacking its customers, or perhaps wipe out stolen data from a server, the hack is controversial.
And people don’t usually tweet about it. Encrypted email provider ProtonMail claimed on Wednesday that it had hacked someone impersonating its service into phishing emails, and the company then quickly deleted the tweet.
Early Wednesday morning, the security researcher known as x0rz tweeted a series of screenshots allegedly showing someone sending emails that directed targets to a fake ProtonMail login screen.
“You have an overdue bill,” the message read.
In response, ProtonMail said it took action.
“We also hacked into the phishing site, so the link is down now,” ProtonMail tweeted.
Depending on the context and what exactly the retaliatory organization did, hacking may be illegal. The hack could violate the law on fraud and computer abuse, or perhaps even the laws on wiretapping. A recently proposed bill would attempt to legalize the practice.
ProtonMail quickly deleted his tweet, but not before x0rz could grab and then tweet a screenshot. x0rz then deleted his own tweet on demand from ProtonMail.
A ProtonMail spokesperson told Motherboard in an email that the company’s hack tweet “fueled rumors and unsubstantiated speculation as to what may or may not have happened.”
“For reasons you can probably understand, we’re not really commenting on the phishing record, and we can’t confirm or deny if anything has happened.”
Either way, the phishing link is no longer active.
“We are happy to see that this phishing link (as well as the phishing links for Google and Yahoo) are no longer active,” added the representative, “and that the site owner has gotten the help he needs. to secure his server. “
Do you have any advice? You can contact this reporter securely on Signal at +44 20 8133 5190, the OTR chat at firstname.lastname@example.org or by email at email@example.com.
Get six of our favorite stories on the motherboard every day by subscribing to our newsletter.