Trezor Issues Data Breach Warning As Users Cite Phishing Attacks

Key Insights:

• Trezor has reported a phishing attack suffered by some of its users.
• Trezor users received an email that asked them to click on an unsafe link.
• Of late, more security breaches have surfaced in the crypto-verse. 

With data breaches and security compromises being the norm of the day in the crypto-verse, another data breach was reported on Sunday morning. Crypto hardware wallet provider Trezor has confirmed that some of its users suffered a phishing attack this weekend.

Trezor Phishing Attack

Trezor wallet owners did not have a good Sunday morning after the hardware wallet provider revealed that some of its users were the target of a phishing attack over the weekend. On April 3, Crypto Twitter was filled with community warnings about an ongoing email phishing campaign targeting Trezor users via their registered email addresses.

MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.

We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected. 1/

— Trezor (@Trezor) April 3, 2022

Unauthorized actors have attempted to contact Trezor users posing as the firm to scam unaware users out of their investments. Users received an email about downloading an app from a similar domain called ‘trezor.us’ instead of the official Trezor domain name, ‘trezor.io.’

Trezor initially suspected that the compromised email addresses belonged to a list of users who opted-in for newsletters hosted on an American email marketing service provider Mailchimp. 

The firm has begun investigating the data breach and has confirmed that its service has been compromised by ‘an insider targeting crypto companies.’ As the firm officially investigates the total number of stolen email addresses, they have advised users not to click on links coming from unofficial sources until further notice. 

Data Attacks Still Plaguing Crypto

Security breaches and data attacks on crypto firms have seen a drastic rise in the last few months. A couple of days ago, the BAYC team confirmed that their Discord servers were compromised, and the hackers even managed to steal a valuable Mutant ApeYacht Club (MAYC) NFT.

These attacks come just a week after the Ronin bridge hack, where hackers took off with a whopping 173,600 ETH alongside another 25.5M USDC.

Looking at the rise in data breaches in the crypto space, FXEmpire reported about Ledger Live’s privacy policy and hack a year ago. 

FXEmpire also reported that DeFi protocols have been an easy target for hackers as more and more security breaches have surfaced over the last couple of years. On April 1, decentralized lending protocol Ola Finance also suffered an exploit that allowed hackers to grab $3.6 million worth of cryptocurrencies from the platform.