Reports of phishing email campaigns targeting users of Trezor hardware wallets have appeared online.
It looks like Trezor may have been breached? @Trezor @zachxbt #Trezor pic.twitter.com/4lmjZE1Quk
— j (@JHDN) October 26, 2023
On-chain sleuth ZachXBT drew attention to the issue, disseminating the warning in his Telegram channel.
According to him, one user received a ‘poisoned’ email at an address that had been created specifically for ordering the Trezor device.
The account was registered about six months ago, so the expert suggested a data leak either from the wallet manufacturer or from Evri, the British delivery company.
A similar suspicion was voiced by a Reddit user by the handle Avid28193:
\”Obviously, someone has seized control of the Trezor customer database. I have been receiving several emails and messages about ‘firmware updates’ for about a month or so.\”
Trezor has responded to the situation, saying the company is currently looking into the matter.
Hi, thanks for letting us know, we are looking into it.
We would like to remind all our users that the Trezor company never asks for users’ recovery seed, PIN, or passphrase. We suggest checking this article on how to stay safe in our knowledgebase
— Trezor (@Trezor) October 27, 2023
\u201cWe would like to remind all our users that the Trezor company never asks users for their recovery seed, PIN, or passphrase,\u201d the company representatives stressed, attaching a link to the security guide.
Earlier, the cybersecurity startup Unciphered uploaded a video showing a seed phrase hack of the Trezor T wallet on YouTube.
Earlier in September, Pocket Univers warned about phishing via Discord servers — attackers embed malicious links in messages.
In the same month, journalists reported that criminals began using URLs of government websites of several countries to dupe users of the non-custodial crypto wallet MetaMask and to steal their assets.