Home / News / Crypto / News / Trezor CEO: Phishing Attack Highlights Need for Crypto User Education
7 min read

Trezor CEO: Phishing Attack Highlights Need for Crypto User Education

Last Updated 6 days ago
Teuta Franjkovic
Last Updated 6 days ago
By Teuta Franjkovic
Verified by Peter Henn

Key Takeaways

  • Trezor’s CEO Matěj Žák details a sophisticated phishing attack compromising their Twitter account for fraudulent messages.
  • Žák emphasizes social engineering risks like phishing that aim to steal recovery seeds.
  • He highlights importance of self-custody with hardware wallets for better security and control over crypto assets.

Trezor, a provider of cryptocurrency hardware wallets, recently faced a security breach when its official Twitter account was compromised. 

The attackers used the platform to disseminate fraudulent messages about presale token offerings. This misled followers and put them at risk of financial scams.

Now, the company’s CEO says that user education is vital when it comes avoiding attacks.

Trezor CEO Reassures Users After Social Media Phishing Attack

Despite the unsettling nature of the social media attack, Trezor has assured its users that the security of their hardware wallets remains intact. The company clarified that the incident did not affect the security frameworks of any of their products, including the Trezor hardware wallets and the Trezor Suite application.

In a discussion with CCN, Matěj Žák , the CEO of Trezor, shared insights into his role and the company’s objectives. Žák, who took on the CEO role at the start of 2023, originally joined Trezor in 2018 as the first Product Manager. He emphasizes maintaining a high level of security and privacy for Trezor devices, which are critical components of the company’s strategy. His vision and strategic direction focus on expanding Bitcoin’s reach while ensuring the technology remains secure and user-friendly.

Phishing Attacks Possible Despite Strong Security

Žák shared details about the phishing attack that compromised their official Twitter account, leading to fraudulent presale token announcements. Despite robust security practices like strong passwords and two-factor authentication, attackers breached the account. They then posted unauthorized and misleading content, including requests for users to send funds to an unknown wallet.

Žák explained that the attackers posed as a credible entity from the crypto community, complete with a sophisticated social media presence. They initially contacted Trezor’s PR team pretending to schedule an interview with Žák. The attackers set up a fake meeting and shared a malicious link disguised as a Calendly invite. When a Trezor team member clicked the link, it redirected to a page that requested Twitter login credentials, raising immediate alarms.

The meeting was rescheduled. During the new appointment, the attacker feigned technical problems and manipulated the Trezor team member into “authorizing” a connection that linked the attacker’s app with Trezor’s Twitter account. This allowed the attackers to gain control over the account.

The breach was quickly detected, and the misleading posts were removed shortly after they appeared, helping to limit the damage. Trezor’s swift response and ongoing investigation into the breach underscore the sophisticated nature of the phishing tactics used and the continuous risks organizations face in maintaining security online.

Strengthening Security After Phishing Attack Targets Staff

In response to a phishing attack that compromised their security rather than the initially suspected SIM-swap attack, SatoshiLabs has outlined further measures to secure their communication channels. 

Žák said that despite already having tough security protocols such as strong passwords and two-factor authentication, the recent breach revealed the sophisticated nature of the phishing attempt.

He said:

“As always, phishing attacks serve as a reminder to exercise caution when asked via email or text to click on a link and follow suspicious instructions. We need to remind all users not to enter their recovery seed anywhere unless in their device upon recovery.”

Žák discussed hardware wallets’ common vulnerabilities and shared recommendations on how to mitigate these risks. He highlighted that hardware devices are inherently secure against remote hacking attempts because they are offline. However, he warned attackers often resort to social engineering tactics, such as phishing, to trick users into revealing their recovery seeds.

Žák also noted the importance of the recovery seed in situations where a hardware wallet is lost, damaged, or when accessing crypto from a different wallet. He advised users to be vigilant about another potential threat, address poisoning through fake versions of the applications. This scam involves tricking users into downloading a counterfeit app. This generates a hacker’s address instead of the user’s during transactions

Finally, Žák emphasized that education is the best defense against these threats. He believes that with a basic understanding of how scammers operate, most attacks can be rendered harmless.

Security Must-Haves: PIN, Offline Storage and Optional Passphrase

When asked about the role of two-factor authentication (2FA) in enhancing security, Žák explained that the Trezor hardware wallet itself functions as a 2FA device. Because all hardware wallets are offline, this protects them from remote hacking attempts. Additionally, a PIN, which acts as a primary security measure, secures these devices.

Žák further emphasized the possibility of adding another layer of security through the use of a passphrase. Unlike other data, this passphrase is not stored anywhere. The combination of an offline device protected by both a PIN and an optional passphrase helps secure hardware wallets.

Making Case for Self-Custody of Crypto Assets

Žák highlighted the critical importance of self-custody in the context of cryptocurrency security. He pointed out that, according to Unchained, over the last 15 years, exchanges and other custodial solutions have seen more than $4.6 billion in crypto assets lost due to hacks. When including major incidents at exchanges like Mt. Gox and FTX, the total amount of lost crypto becomes staggering.

Despite the daunting aspect of self-custody, Žák emphasized its simplicity and the role it plays in ensuring users own their assets. He stressed the importance of the principle “not your keys, not your coins”. This underscores the control and security that come with self-custody. Moreover, he noted educating users about the benefits of self-custody is equally important. This ensures people are aware of how it can protect their investments from similar losses.

This approach empowers users by putting them in direct control of their cryptocurrencies. It also minimizes risks associated with relying on third-party services that may be vulnerable to security breaches. He said:

“In the last 18 months we’ve seen exchanges collapse, spot ETFs gaining licence, and Bitcoin hitting its all-time high.  These markers tell us interest in cryptocurrency prevails as its benefits become accessible to wider markets. Obviously, hardware wallets have a huge role to play and importantly must move in step with this growing interest.”

Was this Article helpful? Yes No