...
...
Haider Jamal

Jan 25, 2024

Trezor On High Alert After Users Receive Unauthorized Emails

Trezor, the popular hardware wallet provider, recently verified that the source of a series of harmful emails sent to users in the past 12 hours was an unauthorized use of its third-party email provider. The company detected an unauthorized email posing as Trezor, originating through a third-party email service they employ. The deceptive email, sent by noreply trezor.io, prompts users to update their network to avoid fund loss, providing a harmful link that leads to a webpage asking for their seed phrase.

A Seed Of Evil

While Trezor has not confirmed any fund losses via the phishing attempt, it successfully deactivated the malicious link, ensuring user funds are secure unless the recovery seed was entered. For those who entered their seed phrase though, Trezor advises an immediate fund transfer to a new wallet. The investigation also revealed an unauthorized person accessed the email database of newsletter subscribers, utilizing the third-party email service employed by Trezor to send the deceptive emails.

Notably, various experts believe that a recent cybersecurity incident involving MailerLite on January 23rd, 2024, resulting in phishing emails with branded domains, including those of Cointelegraph, WalletConnect, and Token Terminal, may indeed be connected to this attack.

Damage Control

Although it remains unclear whether Trezor uses the same email domain provider, losses exceeding $3.3 million have occurred due to these phishing attacks. Some speculate the recent assault might be linked to the security breach of the Trezor support portal on January 17th, 2024, exposing contact details of nearly 66,000 users.

On January 24th, digital asset lawyer Joe Carlasare described the phishing email as a sophisticated scam after personally receiving it. Trezor had cautioned users about a phishing attack last year, and in May, cybersecurity firm Kaspersky observed a fake hardware wallet impersonating Trezor in the market, attempting to steal funds through a manipulated microcontroller, taking control of user private keys.

Top News


cw-icon 28 months ago
cw-icon 30 months ago
Read more latest news

Press Releases

...
Terra
Do Kwon Trial Begins Despite The Founder

7 months ago Mar 26, 2024

The civil fraud trial involving Ter... Read more

...
Goldman
Goldman Sachs Clients Look To Get Back

7 months ago Mar 25, 2024

Institutional clients served by the... Read more

...
Payments
New Payment Limit For Crypto Wallets Scrapped

7 months ago Mar 25, 2024

The recent Anti-Money Laundering re... Read more

...
Bitcoin
Bitcoin Undergoes Price Correction As International Economies

7 months ago Mar 24, 2024

A significant portion of the crypto... Read more

Join Our Newsletter

Get the latest trends and updates on our crypto community.