Zendesk tickets hijacked in massive spam campaign

News
By published

Someone is sending hundreds of pointless emails to people

Man annoyed at laptop
(Image credit: Marjan Apostolovic / Shutterstock)
  • Hackers exploited Zendesk ticket system to send mass spam emails from legitimate domains
  • Major companies including Discord, Tinder, Riot Games, and Dropbox affected by the campaign
  • Zendesk introduced monitoring and limits to stop relay spam and protect users

Hackers have hijacked Zendesk’s support system and used it for an apparently utterly chaotic and pointless spam campaign.

Zendesk is a customer service and support software platform that helps companies manage customer communication. It supports tickets, live chat, email, phone, and communication through social media. Among its features is the ability to allow unverified users to submit support tickets which, when that happens, automatically generates a confirmation email and sends it to the email that the user entered.

Now, researchers are saying hackers went through huge lists of email addresses and created countless fake support tickets, turning the feature into a mass-spam tool.

Zendesk customers hit

The list of affected companies is apparently huge, and it includes a few heavy hitters: Discord, Tinder, Riot Games, Dropbox, CD Projekt, NordVPN, Tennessee Department of Labor, Tennessee Department of Revenue, and many others.

Since the emails originate from a legitimate Zendesk system, they pass most spam filters, and land directly in people’s inboxes. Some people, according to BleepingComputer, received “hundreds” of emails in a very short amount of time.

The campaign started on January 18, but we don’t know if it’s still ongoing. What’s particularly bizarre about this campaign is that it’s not distributing malware, or phishing links. These are just emails pretending to be cries for help, or law enforcement takedown requests, which do nothing but flood the victims’ inboxes.

Here are a few subject lines:

FREE DISCORD NITRO!!

TAKE DOWN ORDER NOW FROM CD Projekt

LEGAL NOTICE FROM ISRAEL FOR koei Tecmo

TAKE DOWN NOW ORDER FROM Israel FOR Square Enix

Zendesk told BleepingComputer it tackled the problem by introducing new safety features.

"We've introduced new safety features to address relay spam, including enhanced monitoring and limits designed to detect unusual activity and stop it more quickly," the company said.

"We want to assure everyone that we are actively taking steps - and continuously improving - to protect our platform and users."

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.