Trezor users are falling victim to a phishing attack


The hardware wallet maker Trezor is alerting its users that crypto fraud is taking place through a phishing attack. Basically, the attackers plan is to trick investors into entering their recovery seed phrase on a fake Trezor website.

Phishing attack on Trezor users

The famous Trezor hardware wallet announced on Twitter that there is a probable fraud in the form of a phishing attack that affects wallet users.

Basically, it seems that the attackers contact their victims through phone calls, SMS and/or email, trying to get them to enter your wallet recovery seed phrase on a fake Trezor website. The most used excuse is precisely a “security breach” in your Trezor account.

In this regard, the hardware crypto wallet claims that they found no evidence of database breach and would never contact their users via calls or SMS.

Trezor: “the seed recovery phrase is your most precious treasure”

The only way to cause crypto fraud against Trezor Wallet users is precisely to steal the recovery seed phrase. That is why the company itself reiterates in its tweet:

“The Seed of Recovery is your dearest treasure!”

And in fact, the initial wallet recovery phrasealso known as private keyis the most important part of self-custody of cryptocurrencies. It is what defines the user as “owner of his money”.

Especially for a hardware wallet like Trezor, the security of the recovery phrase is much more important than the security of the hardware wallet itself, since once the private keys are stolen, the owner loses all of their cryptocurrency.

This phishing attack, which appears not to have caused any crypto fraud yet, is not the first in Trezor history.

In fact, back in April 2022, the same wallet had already announced to your users other attack, which came from the MailChimp newsletter service.

Essentially, an insider had compromised the service by targeting not only Trezor but also cryptocurrency companies in general.

Precisely in order not to create victims among its users, Trezor had decided to suspend its newsletters at least until the situation was resolved later.

Other cases of phishing attacks on CoinMarketCap and OpenSea

Over the past year, two other giants in the cryptocurrency world have allegedly suffered from phishing attacks, and they are not hardware wallets.

In the case of CoinMarketCapthe attackers had created an account of their own project on the website, but renamed it CoinMarketCap and added a link leading to a website purporting to be the original CoinMarketCap site.

In it fake website, carefully created by attackers, selling tokens. At the same time, the hackers also hacked into the platform’s CryptTown social network and created a number of verified accounts with which they posted messages about token sales.

In this way, users believed that said tokens were promoted and created by the “official” website, and the crypto fraud managed to raise 12 ETH and 192 BNB, with a total value at the time of $130,000.

As to OpenSealast February 2022, the phishing attack against its users had lasted 3 hours and had been able to rob 32 victims.

In fact, the vulnerability that enabled the attack was a flaw in the Wyvern protocol, an open source standard that underlies so many smart contracts and NFT platforms.

From here, the hackers were reportedly able to steal some NFTs from the collection Cool Cats and Doodle for a total of 254 works.

Rate this news!

0 / 5 Number of votes: 0

Your vote in this news:

Click to rate this post!
[Total: 0 Average: 0]
Next Post

Lundbergs buys shares in Industrivärden for 359 million

Decentralized automation: this is the industry of the future Published: 21 February 2023, 09:00 Updated: 3 March 2023, 08:56Today, Sweden’s industries are making their fastest transition ever – towards Industry 4.0. Increased automation is necessary to keep up with developments and the key factor for maximum efficiency is decentralized control, […]
Lundbergs buys shares in Industrivärden for 359 million

Subscribe US Now