Dear customer.
This email is to let you know your wallet assets are undergoing a upgrade.
In an effort to upgrade our infrastructure we are temporarily disabling the following networks:
BTC, ETH, XRP, ERC20, BEP20, TRON, TRC20
We are requiring action from our users to re-enable the networks.
Important: Failure to upgrade your networks could result to full funds loss.
suite.trezor.io/upgrade
And then:
https://twitter.com/Trezor/status/1750223673506558146🚨 Security Alert 🚨
We've detected an unauthorized email impersonating Trezor sent from a third-party email provider we use.
If you received a suspicious email with the subject line 'Assets undergoing upgrade' from the ID:
noreply@trezor.io, please do not click any links or provide any info within.
We request you to delete that email immediately.
Your trust is our priority:
✅Rest assured, your wallets & funds remain secure.
✅Remember, NEVER disclose your recovery seed.
✅Stay vigilant for phishing attempts.
Apologies for any worry caused. We're actively handling the situation & will provide updates
Below is a screenshot of the email.
Digging a big deeper, this is are my preliminary conclusions:
1) An attacker gained control of a third-party email provider they use... presumably gaining full access to the database of (at least) email addresses of Trezor users.
2) They did gain enough access as to be able to send the "phishing" (but otherwise coming from the real source) emails directly from the email provider.
3) They did gain enough access as to be able to add a malicious link in a website under the LEGIT subdomain of mailing.trezor.io.
4) They quickly (1-2 hours after the email I received) posted the above twitter advice (this is reasonably quick)
5) They failed to use the same via (EMAIL) to quickly alert users of the incident... Probably because by that time they had already removed the offending destination link anyways (not good not terrible).
6) In the same way that Ledger did (in an even bigger fuckup), they fail to acknowledge how serious it is for this kind of companies to keep falling in the same errors again and again (mostly by trusting third parties with users data).
Really.... Will they never learn anything? Will they keep behaving as if security and privacy of their customers isn't of utmost importance in this field? As if nothing happened here?
Bleh. Nothing to see here for most of the people... I guess... but I am a bit annoyed and worried thinking about what their (not Trezor specifically... any of them) next fuckup could be.
nuff rant.