Connect with us

Hi, what are you looking for?

Economy

Trezor Confirms Unauthorized Use of Email Provider Led to Malicious Emails

Hardware wallet provider Trezor has confirmed that the unauthorized use of its third-party email provider led to a spate of malicious emails sent to users over the past 12 hours.

In a statement released on January 24, Trezor disclosed that it had detected an unauthorized email impersonating the company, which was sent from a third-party email provider they utilize.

The malicious email, originating from the address “noreply@trezor.io,” instructed users to upgrade their “network” or risk losing their funds.

It included a link that directed recipients to a webpage where they were prompted to enter their seed phrase.

Trezor has not confirmed any cases of users losing funds as a result of this phishing attempt, and there have been no reports suggesting that Trezor users fell victim to the scam.

Security Alert

We’ve detected an unauthorized email impersonating Trezor sent from a third-party email provider we use.

If you received a suspicious email with the subject line ‘Assets undergoing upgrade’ from the ID: noreply@trezor.io, please do not click any links or… pic.twitter.com/RqQnQkB4hX

— Trezor (@Trezor) January 24, 2024

Trezor Says it Has Deactivated the Malicious Link


Trezor assured its users that it had successfully deactivated the malicious link and emphasized that user funds remained safe as long as the recovery seed was not entered.

“We swiftly managed to deactivate the malicious link within the email text immediately and limited the reach of the threat!”

However, for those who did enter their recovery seed, Trezor asked them to transfer their funds to a new wallet immediately.

Trezor’s ongoing investigation indicates that an unauthorized individual gained access to its database of email addresses for newsletter subscribers and utilized a third-party email service to send the malicious emails.

Notably, MailerLite, an email marketing software firm, recently reported a cybersecurity incident on January 23, which resulted in a series of phishing emails exploiting branded domains, including those owned by Cointelegraph, WalletConnect, and Token Terminal.

Whether Trezor utilizes the same email domain provider remains unclear.

Digital asset lawyer Joe Carlasare shared his personal experience of receiving the phishing email in a post, describing it as a “sophisticated scam.”

Sophisticated scam right here pic.twitter.com/Sys5gcpeC1

— Joe Carlasare (@JoeCarlasare) January 24, 2024

Recent Hack Might be Linked to Breach of Support Portal


Some speculate that this recent attack may be linked to a security breach of Trezor’s support portal in which the contact information of approximately 66,000 users was exposed on January 17.

Despite the breach, the company emphasized that no recovery seed phrases were disclosed as a result of the incident.

At the time, the hardware wallet provider also said it has restricted access to unauthorized actors and has been in the process of contacting the affected users.

It is worth noting that this is not the first time Trezor has faced attempts to compromise user funds.

While being a reputable name in the cryptocurrency hardware wallet industry, Trezor has faced its fair share of security challenges over the years.

In February of the previous year, Trezor warned users about a phishing attack that aimed to steal investor funds by tricking them into entering their recovery phrase on a fake Trezor website.

Additionally, in May, cybersecurity firm Kaspersky reported the emergence of a counterfeit hardware wallet posing as Trezor.

This fraudulent device utilized a replaced microcontroller to gain control of a user’s private keys, enabling the scammers to steal funds.

The post Trezor Confirms Unauthorized Use of Email Provider Led to Malicious Emails appeared first on Cryptonews.

Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

Latest

Economy

With Bitcoin’s (BTC) price quickly re-approaching its all-time high, almost all holders of the digital currency are back in the black. Blockchain market intelligence...

Economy

Circle, USDC’s issuer, has struck a partnership deal with Coincheck, one of Japan’s biggest crypto exchanges – with a view to securing the stablecoin’s...

Economy

In wake of the Pepe Coin (PEPE)’s 40% price pump on Tuesday, profit-taking Pepe holders are shifting funds to a new crypto token for...

News

President Biden said Israel has agreed to a cease-fire in the Gaza Strip during the Islamic holy month of Ramadan, but Hamas is not...

News

Sen. Josh Hawley, R-Mo., is urging global consulting firm McKinsey & Company to hand over ‘comprehensive documentation’ showcasing its past or present contracts with the...

News

House Foreign Affairs Committee Chairman Michael McCaul, R-Texas, is threatening to hold Secretary of State Antony Blinken in contempt of Congress, accusing him of...

You May Also Like

Financial Advisors

[#item_full_content]

Financial Advisors

[#item_full_content]

Financial Advisors

The humongous outbreak of the dreaded coronavirus has brought about a groundbreaking change in what the world perceived as ‘normal’. With an estimated 280,391,189...

Disclaimer: Respect Investment.com, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2024 Respect Investment. All Rights Reserved.