Trezor Customers Targetted....!!!

[romero121]

Trezor owners  have been targeted with fake data breach emails, according to Twitter post.



Mailchimp have confirmed that their service has been compromised by an insider in order to send malicious links to cryptocurrency firms.

Users subscribed to newsletters powered by Mailchimp received a slew of fake notifications. Fraudsters, who were impersonating the Trezor team, warned that the cryptocurrency holdings of their potential victims could be stolen due to a massive security breach.
The bogus domain name featured Punycode characters, which made it possible for the hackers to add a veneer of legitimacy to the fake app.

According to Bleeping Computer, the scammers created a fraudulent version of Trezor Suite that is almost indistinguishable from the real one on the surface. To make potential victims drop their guard, the app even included a legitimate-looking warning, which urged users not to enter their recovery seed in the wake of the recent phishing attacks (unless the physical device instructs them to do so).

Trezor Customers Targetted

[1715418276]

1715418276

[1715418276]

1715418276

[jackg]

Potentially this could be a data injection attack at most. It's not possible to actually spend funds without your confirming it and seeing the address you're sending funds to - on the actual device - (unless there's a coin out there that doesn't do this - like erc20 tokens could be at a bit of a higher risk).

I remember it being said emails weren't well encrypted and I just accepted that as being the case (even if it isn't) - so it's generally worthwhile to not trust links in emails if you have the official link you can put in instead.

I think it's quite surprising companies don't handle this thing themselves though too, this might be an incentive for some like trezor to do it if they already send a lot of their emails from in-house servers.