|
|
|
|
|
|
by justusw
451 days ago
|
|
|
Can confirm, I've got a DKIM passing email today asking me to sell my "Illuvium". DKIM auth result header: > Authentication-Results: spamfilter01.heinlein-hosting.de (amavisd-new);
> dkim=pass (2048-bit key) header.d=autodesk.com For this DKIM-Signature: > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=autodesk.com;
> h=from:subject:mime-version:list-unsubscribe:content-type:reply-to:
> cc:content-type:from:subject:to;
> s=s11; bh=... MTA: > Received: from ec2-3-8-140-122.eu-west-2.compute.amazonaws.com (unknown)
> by geopod-ismtpd-13 (SG) with ESMTP id n5WDORJ6Taauv7FuUNA9Ug I wonder if just their DKIM selector got stolen or someone owned their AWS accounts as well? |
|
|
They seem to be using SendGrid. I pinged the CEO and CTO of Autodesk, the official Autodesk account and the SendGrid account on X about this, but now, more than 24h later, the attack is still ongoing and nobody seems to be giving a flying fuck about it.