{"id":11780,"date":"2024-03-20T10:32:41","date_gmt":"2024-03-20T08:32:41","guid":{"rendered":"https:\/\/forklog.com\/en\/trezors-x-account-hacked-to-promote-scam\/"},"modified":"2024-03-20T10:32:41","modified_gmt":"2024-03-20T08:32:41","slug":"trezors-x-account-hacked-to-promote-scam","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/trezors-x-account-hacked-to-promote-scam\/","title":{"rendered":"Trezor&#8217;s X Account Hacked to Promote Scam"},"content":{"rendered":"<p>The official X account of Trezor, a manufacturer of hardware crypto wallets, was reportedly hacked to post a series of fraudulent messages about presales on Solana.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">Community alert: Trezor X\/Twitter account is currently compromised <a href=\"https:\/\/t.co\/hNm2OUjEgE\">pic.twitter.com\/hNm2OUjEgE<\/a><\/p>\n<p>\u2014 ZachXBT (@zachxbt) <a href=\"https:\/\/twitter.com\/zachxbt\/status\/1770225097552363795?ref_src=twsrc%5Etfw\">March 19, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The incident was highlighted by well-known on-chain researcher ZachXBT. The suspicious activity was subsequently <a href=\"https:\/\/twitter.com\/realScamSniffer\/status\/1770227728014614913\">noted<\/a> by the Scam Sniffer service.<\/p>\n<p>The posts promoted a fake presale of the TRZR token for SOL and contained links leading to drainers. The messages mentioned the popular meme coin SLERF, likely to attract attention.<\/p>\n<p>ZachXBT also noted that the hacker stole about $8100 from Trezor&#8217;s account on the Zapper platform.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">Imagine hacking the Trezor account only to steal $8.1K (includes 25% drainer fee)<\/p>\n<p>0x16384f846c2ac7a10cd5d2353e59ae9d635cbc9f <a href=\"https:\/\/t.co\/xrVCuhyCLe\">pic.twitter.com\/xrVCuhyCLe<\/a><\/p>\n<p>\u2014 ZachXBT (@zachxbt) <a href=\"https:\/\/twitter.com\/zachxbt\/status\/1770237007366639681?ref_src=twsrc%5Etfw\">March 19, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In the comments, many users called it &#8220;ironic&#8221; that a company offering secure storage solutions could not protect its own account.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;It&#8217;s hard, funny, and at the same time damn shameful that they don&#8217;t even practice what they preach and don&#8217;t follow their own advice,&#8221; <a href=\"https:\/\/twitter.com\/DigiHustlerX\/status\/1770229263675040157\">wrote<\/a> one user.<\/p>\n<\/blockquote>\n<p>Web3 security expert John Holmquist suggested that the Trezor team &#8220;remember&#8221; the possibility of using the company&#8217;s hardware devices as keys for two-factor authentication (2FA).<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">Trezor is not having a presale.<\/p>\n<p>Trezor&#8217;s account is compromised\u2026<\/p>\n<p>Good time to mention you can use a Trezor as a security key for 2FA to secure your Twitter account?<\/p>\n<p>Absolutely major L from a security company, please take account security more seriously. <a href=\"https:\/\/t.co\/ZQtgqdRx6G\">pic.twitter.com\/ZQtgqdRx6G<\/a><\/p>\n<p>\u2014 Jon_HQ (@Jon_HQ) <a href=\"https:\/\/twitter.com\/Jon_HQ\/status\/1770226432775790920?ref_src=twsrc%5Etfw\">March 19, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The specialist emphasized that security &#8220;should be taken more seriously.&#8221;<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;There&#8217;s some deep irony that these hardware wallet companies can&#8217;t even secure their own Twitter accounts,&#8221; summarized a commentator under the nickname Pledditor.<\/p>\n<\/blockquote>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">.<a href=\"https:\/\/twitter.com\/Trezor?ref_src=twsrc%5Etfw\">@Trezor<\/a>&#8216;s account is hacked<\/p>\n<p>There&#8217;s some deep irony that these hardware wallet companies can&#8217;t even secure their own twitter accounts <a href=\"https:\/\/t.co\/z4j7gVHJey\">pic.twitter.com\/z4j7gVHJey<\/a><\/p>\n<p>\u2014 Pledditor (@Pledditor) <a href=\"https:\/\/twitter.com\/Pledditor\/status\/1770227256050200887?ref_src=twsrc%5Etfw\">March 19, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to the <a href=\"https:\/\/trezor.io\/\">Trezor website<\/a>, the company has over 2 million device users. The current offering includes three models priced from $59 to $179.<\/p>\n<div class=\"wp-block-text-wrappers-update-2 article_update\"><time class=\"gtb_text-wrappers_update_time\">March 20, 2024 | 16:14<\/time><span class=\"gtb_text-wrappers_update_head\">Update: <\/span><\/p>\n<p>The team confirmed the security incident with the X account. Developers noted that they used 2FA and are investigating the hack. They emphasized that the company &#8220;will never ask for funds to be sent to any address&#8221; or request users&#8217; wallet recovery information.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">? Alert ?<\/p>\n<p>We experienced a security incident on our X\/Twitter account overnight, despite robust protections including a strong password and 2FA. We continue to investigate.<\/p>\n<p>Please remain vigilant and remember, Trezor will NEVER request funds or assets be sent to any address.\u2026<\/p>\n<p>\u2014 Trezor (@Trezor) <a href=\"https:\/\/twitter.com\/Trezor\/status\/1770391253303050249?ref_src=twsrc%5Etfw\">March 20, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<p>In January, the manufacturer <a href=\"https:\/\/forklog.com\/en\/news\/data-breach-affects-66000-trezor-users\">acknowledged a data breach<\/a> affecting approximately 66,000 clients through a third-party support service.<\/p>\n<p>In December 2023, Trezor added support for Solana and <span data-descr=\"Solana Program Library\" class=\"old_tooltip\">SPL<\/span> tokens.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The official X account of Trezor, a manufacturer of hardware crypto wallets, was reportedly hacked to post a series of fraudulent messages about presales on Solana. Community alert: Trezor X\/Twitter account is currently compromised pic.twitter.com\/hNm2OUjEgE \u2014 ZachXBT (@zachxbt) March 19, 2024 The incident was highlighted by well-known on-chain researcher ZachXBT. The suspicious activity was subsequently [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":11779,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,961,115],"class_list":["post-11780","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-hardware-wallets","tag-trezor"],"aioseo_notices":[],"amp_enabled":true,"views":"34","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/11780","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=11780"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/11780\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/11779"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=11780"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=11780"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=11780"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}