PoisonSeed Campaign Exploits CRM Accounts to Steal Cryptocurrency

A malicious campaign named PoisonSeed is exploiting compromised credentials associated with Customer Relationship Management (CRM) tools and bulk email service providers to send spam messages containing cryptocurrency recovery phrases. These messages aim to empty the digital wallets of victims. According to Silent Push, the recipients of these spams are targeted by a "cryptocurrency seed phrase poisoning" attack.