Hackers sent email that Trezor database has been hacked hacked

[_act_]

This message is from hackers:

Do not updated your Trezor on the fake website.

This is what they will say in the scam email:
The scammer reported that no seed phrase or private key that was hacked but that that hackers gained access to databases containing device serial numbers, firmware versions, and device registration metadata. That Trezor is using the means to tell their users to update to firmware version 3.8.0 with enhanced device authentication and additional security hardening. This update ensures your device can not be targeted based on the compromised configuration data.


It is a scam

If you click on update on the email, this is the scam site that you will be taking to connect your wallets:

Code:

https://open-trezor.com/?input_24=WsvjXUScmyWE6BNGsdThoJ+AWsRlbJTP+ryQyq62u9txUXUxvkXBXb93iKSna0/aKlQUcHGsP4JHknPKPpkJrHQjvP6E8788qQ1uRrtvFScbm/qnIAXDdh9SIVjydUZvkrYswTQsnkIWcnkRnrK/YpiAeKr/FhMLeOrHUfukhljAlrHcO6na9FEriPqEtLbQEvqSSsCR2Qyd5EvjSAFLotETatMukXVnkudx23EGdG7h8vJVpoqFJoczjBRJkb2MpnYlxaU/bM+Vu0lOy7nVteqkk76LkGxhmV7b4OrdfbCLLWRtZTiTmLD04J8svfrXHYNeLq34uoyPKV2px4yg4A==

Can you see it is not a Trezor official website. This is the Trezor official website: https://trezor.io/

This is the fake email:

[Sticky Bomb]

It's very important that people stop talking action from their mails, I believe every information sent to your mail should be present in the official site if it's legitimate. when you get any of these mail, It's always a better discipline you go to the official site for confirmation and take any valid action from the site and not the email prompt. That way the phishing links wouldn't fulfill it's purpose.

[rdluffy]

Thanks for the warning
Although I have a Trezor, I bought it on Amazon, so luckily I don't receive any emails that hackers target at Trezor users

What will be the method of attack after the user clicks on this malicious link?
Will they try to connect the wallet and sign a transaction to send funds on EVM networks?

[_act_]

What will be the method of attack after the user clicks on this malicious link?
Will they try to connect the wallet and sign a transaction to send funds on EVM networks?

When the scam link is clicked on, it will expect you to connect your hardware wallet. I did not go further than that because I know any other thing may give the scammers higher chance to steal.

[JeromeTash]

Sorry for my bit of ignorance (I haven't acquired Trezor or Ledger hardware wallets yet) But every passing month I see complaints or posts about phishing emails from hackers. Which begs the question, how do hackers land on hardwaew wallet user Email addresses?
Does setting up these wallets require one to sign up using an email address that could have later leaked to the hackers.

One of my crypto related email address has leaked several times from some crypto site, but I have never received any phishing emails pretending to be Ledger or Trezor meaning the hackers actually know people how have interested or have used one of the two hardware wallets before.

[PX-Z]

Sounds like Trezor got hacked first before Ledger, and now the hackers are just following a schedule targeting these two one after another, lol. And suddenly both companies are pushing urgent firmware updates within days of each other. What a bunch of geniuses.

Here's the email i received almost the same from Ledger.

[Forsyth Jones]

People who fall for these scams are the most naive. If there's a device update, I'll do it through wallet management software, like Trezor Suite. Anyone who uses a hardware wallet is probably already tired of knowing this.

Probably if the OP had clicked the link, he would have been redirected to a phishing site asking for the wallet's recovery words or tricked into downloading malware onto his computer, further complicating things.

Thank you for this warning. I hope it saves someone from falling for these scams.

[andnapu]

I am a Trezor user and received the following content via email. However, upon checking the Trezor official website, I found no corresponding content.

Quantum Computing Notice

Dear Trezor User,
     Recent breakthroughs by Google and IBM in quantum computing have fundamentally altered the security timeline for cryptocurrency wallets. Quantum systems now exceeding 1,000 qubits with improved error correction have compressed what was a 10-15 year threat window to an estimated 6-12 months. The ECDSA cryptography protecting your assets is mathematically vulnerable to these quantum computational methods.
We've developed a firmware release in collaboration with MIT, Stanford, and NIST cryptographers. This implements post-quantum lattice-based algorithms proven to resist both classical and quantum attacks. Installation takes 4 minutes via Trezor Suite and doesn't affect your recovery seed or balances. We strongly recommend updating within 72 hours.

Respectfully,
Trezor Security Engineering

[m2017]

Putting aside the "shell," this is a standard way to "scare" the victim with "dire consequences" and force them to click a link with a malicious program (script). Nothing unusual.

What's the solution?
1. - Ignore such emails (preferably, don't open emails from "unexpected senders" at all).
2. - Create and use a separate email address for purchasing hardware wallet from manufacturers to receive information from the manufacturer (don't use it anywhere else). However, this method may be useless if the user email database is stolen from the manufacturer.
3. - Check the manufacturer's official social media for information about similar updates. All firmware updates are available on the official website.
4. - Wait a while after new firmware is released. This will "save" you from bugs at a minimum, and at most from attackers who hack the manufacturer's official website and upload a malicious firmware version (this is theoretically possible).
5. - Don't panic, as attackers always try to sway the victim's emotions and act recklessly.

Questions for the OP:
- Have you purchased a hardware wallet from this manufacturer (trezor) before?
- How do you think the attackers could have found out your email address?

[rdluffy]

Sorry for my bit of ignorance (I haven't acquired Trezor or Ledger hardware wallets yet) But every passing month I see complaints or posts about phishing emails from hackers. Which begs the question, how do hackers land on hardwaew wallet user Email addresses?
Does setting up these wallets require one to sign up using an email address that could have later leaked to the hackers.

One of my crypto related email address has leaked several times from some crypto site, but I have never received any phishing emails pretending to be Ledger or Trezor meaning the hackers actually know people how have interested or have used one of the two hardware wallets before.

There have been data breaches at both companies, Trezor (via a third party) and Ledger
These emails are constantly used to try out new scams

https://hackread.com/trezor-data-breach-users-email-names-exposed/
https://haveibeenpwned.com/Breach/Ledger

In the case of Ledger, there was even a leak of phone numbers and addresses
It's very complicated to have this data leaked so that anyone can buy it and get their hands on it