Trezor Clarifies Security Breach: Phishing Attack Identified as Cause of Compromised X Account

Watch Icon
News
Trezor Clarifies Security Breach: Phishing Attack Identified as Cause of Compromised X Account
[[{"value":"

On March 21, SatoshiLabs, the company behind Trezor hardware crypto wallets, announced that the recent compromise of its X (formerly Twitter) account resulted from a phishing scam and not a SIM-swap attack as earlier suspected.

The hardware wallet also shared that only its X social media account was compromised and guaranteed the safety of all wallets for crypto transactions and storage.

Trezor Confirms No Trezor Account or Funds Were Compromised

Cryptonews recently reported the breach of Trezor’s X account when popular blockchain and crypto security investigator ZachXBT alerted his 533K followers about the compromise of the hardware wallet page.

Community alert: Trezor X/Twitter account is currently compromised pic.twitter.com/hNm2OUjEgE

— ZachXBT (@zachxbt) March 19, 2024

Soon after, crypto security firm, Scam Snifer, detected the suspicious activity and warned crypto traders to steer clear.

According to SatoshiLab’s detailed report via Medium, the unauthorized access to their X account was identified at 11:53 PM on March 19, scaling past a series of security protocols, including two-factor authentication (2FA) and a strong password.

Update on our X account security incident

Earlier this week, we experienced a breach of our X account due to a sophisticated phishing attack.

Immediate actions were taken to secure our account & no product security was compromised.

For more, https://t.co/ZZOHSNtI9u

— Trezor (@Trezor) March 21, 2024

Nevertheless, the hardware wallet producers stated that all compromises have been resolved, and accounts on its ecosystem remain safe.

“We want to stress here that the security of all our products remains unaffected. This incident has not impacted or compromised the security of Trezor hardware wallets or our other products. Your Trezor device and Trezor Suite remain safe,” SatoshiLabs said.

It is worth noting that the hardware wallet’s X account was used to promote $TRZR asset presale on the Solana blockchain network, during the breach, to deceive traders into sending funds into a Solana wallet.

The post also mentioned a new Solana memecoin named Slerf to attract more attention and directed crypto investors to click on a malicious link designed to connect to their wallets and wipe off all assets and funds stored. Nonetheless, these posts were deleted shortly after.

Popular Web3 security investigator John Holmquist termed the hardware wallet breach the effect of neglecting to implement two-factor authentication (2FA).

Trezor is not having a presale.

Trezor's account is compromised…

Good time to mention you can use a Trezor as a security key for 2FA to secure your Twitter account?

Absolutely major L from a security company, please take account security more seriously. pic.twitter.com/ZQtgqdRx6G

— Jon_HQ (@Jon_HQ) March 19, 2024

However, this was off the mark, as SatoshiLab highlighted that its X account had 2FA and other security measures active. It remains unknown if there will be an impending investigation to identify the perpetrator(s).

Trezor Asserts Phishing Attack Was in the Works for Weeks

SatoshiLab further stressed that the official X account breach was a complex and calculated phishing attack that had been in the works for weeks.

The company’s investigation revealed that it was a plan that kicked off on February 29, 2024. The bad actors created a faux entity in the crypto sector that convinced members of crypto communities of its high reputation.

Although the entity’s name was left out in the report, it was noted that the bad actors participated in genuine crypto conversations to boost its media presence, grew his followership to thousands, and reached out to SatoshiLab’s PR team for an interview with the wallet firm’s CEO.

This led to a meeting being set up and a malicious link shared under the faux, guise of a Calendly invitation. The firm’s PR team member clicked the link and was directed to a page asking for X login details, which raised red flags and halted initial plans for an interview and a suggested reschedule.

During the rescheduled meeting, the attacker notified Trezor’s team members of technical issues and urged for a call authorization, which linked the attacker’s Calendly app with SatoshiLab’s X account.

The breach then enabled the bad actors to promote fraudulent crypto and malicious links on behalf of the hardware wallet. This was what ZachXBT detected that made him alert his followers.

The post Trezor Clarifies Security Breach: Phishing Attack Identified as Cause of Compromised X Account appeared first on Cryptonews.

"}]] 
More News

Dogecoin Price Prediction as Elon Musk’s ‘...

Watch Icon
Last updated

Source: Bing Image Creator The Dogecoin price has dipped by 1% today, with its fall to $0.081625 coming as the cryptocurrency market as a whole has slipped by 0.5% in 24 hours. Despite its drop, DOGE has posted a 7% gain in a week, helped along by the news that the ‘Doge-1’ satellite mission has The post Dogecoin Price Prediction as Elon Musk’s ‘Doge-1’ Moon Mission Launch Approaches – Will DOGE Reach $1? appeared first on Cryptonews.

Robinhood to Launch in U.K. in Early 2024

Watch Icon
Last updated

Investment platform, Robinhood, has plans to launch in the U.K. as early as the start of 2024, according to CEO Vlad Tenev. New features launching “The intention is, for the U.K. market, Robinhood to be the best place to invest in U.S. stocks and U.S. dollars, and we believe we can fulfill that need better The post Robinhood to Launch in U.K. in Early 2024 appeared first on Cryptonews.

Back to Top