ViralKit Logo
              

ViralKit Incident Report on Aug. 7, 2024

What happened

On August 7th, 2024, ViralKit was the victim of a phishing email cyber attack. The attacker used their own external email list (unrelated to ViralKit) and abused ViralKit's sign up system to send phishing emails to that list. We detected the incident within less than an hour and promptly shut it down. There was absolutely no breach of any data from ViralKit's customers or database.

Initially, we believed the attacker had sent these messages by spoofing our email address. However, after further investigation, we discovered that the attacker created fake user accounts on our site using the contacts from their email list. It's important to note that none of these email addresses belonged to existing ViralKit customers or were associated with us in any way.

How the attacker did it

During the account creation process on ViralKit, users are asked to provide their name and email address. Instead of entering a real name in the "Name" field, the attacker inserted an offensive message. Consequently, the welcome email, which normally says "Hello, [NAME]," instead displayed "Hello, [OFFENSIVE MESSAGE FROM ATTACKER]" to all the fake account sign-ups. The attacker used emails from their list to create fake accounts on ViralKit.

How we responded

We immediately sent a follow-up email to everyone affected and instructed them to ignore the phishing email, not respond to it, and not click on any links within it. We also put a very visible warning notice on the top of our homepage. In order to prevent this from ever happening again, we implemented the following security measures:

  1. Account creation is now limited to "short" names.
  2. We automatically screen for offensive words and block account sign-ups containing inappropriate language.
  3. We have implemented stricter rate limits on sign-ups.

What you should do

Ignore the unauthorized email you received on August 7th, 2024. It was sent by an attacker and not by ViralKit. Do not click on any links or reply to the email.

Message

We sincerely apologize for any inconvenience or confusion this may have caused. We take the privacy and security of our users very seriously and have taken all necessary steps to prevent this from happening again.

Thank you for your understanding. Please don't hesitate to reach out if you have any questions or concerns.

Contest Templates

InstagramFacebookTwitter XTikTokYouTubeSubscribe To NewsletterPinterestTwitchFile UploadBonus Entries For PurchasesBuild Your Own Entry MethodDaily BonusBlog CommentLinkedInNFTAirdrop
DiscordTelegramViral Share (Refer a Friend)SnapChatThreadsSecret CodeDownload an AppContest Form BuilderSubscribe To MessengerLeave a ReviewVisit a WebsiteVoting PollRedditSpotifySoundCloudSteamView More

Support

Privacy PolicyTerms of UseHelp DocsBlog

Free Tools

Random Name PickerFlip a CoinDice Roller

Third Party Plugins

Wordpress Plugin

More

How to use the AI contest builderContest templatesAffiliate programAPI documentationHow to randomly select winnersHow to use the Style EditorContest security settingsHow to add contest rulesViralKit Incident Report on Aug. 7, 2024
© 2024 ViralKit Inc.