We found a workaround for this.
As the spammers are targeting [url]/?na=s, you have to change this in the code of the plugin.
This is for advanced users only! You have to be very careful when changing files of the plugin itself!
To change it, go to the following files in the plugin folder of your wordpress installation, search for ‘s’ (case sensitive!) and change it to ‘sub’ or whatever you want:
/newsletter/widget/minimal.php
/newsletter/subscription/subscription.php
/newsletter/includes/module.php
We have reactivated the plugin this afternoon and until now there were no further spam subscriptions…