Key Takeaways
Trezor’s official Twitter account was compromised , leading to the publication of malicious posts about fraudulent presale token offerings.
This incident is believed to be the result of a suspected SIM swap attack.
Blockchain investigator ZachXBT alerted his 528,000 followers to a potential security breach at Trezor with a post on March 19. Shortly after that, crypto security firm Scam Sniffer flagged the same suspicious activity.
Fraudulent messages from Trezor’s official account promoted a non-existent “$TRZR” token presale on the Solana network, deceiving users into sending funds to a specific Solana wallet and directing them to malicious links designed to drain their wallets.
SatoshiLabs company, that is behind Trezor, stated it is currently working on a blog post that describes how the attack happened and what the countermeasures are.
Additionally, ZachXBT reported that the hacker managed to steal approximately $8,100 from Trezor’s Zapper account.
He said :
“Imagine hacking the Trezor account only to steal $8.1K (includes 25% drainer fee).”
The malicious posts also mentioned a new memecoin on Solana named Slerf , probably to attract more attention. Nonetheless, these posts were quickly deleted shortly after being posted.
Crypto commentator and X user John Holmquist termed Trezor’s recent security mishap as significant, criticizing the hardware wallet maker for apparently neglecting to implement two-factor authentication (2FA) for its X account. He urged: “Please take account security more seriously.”
X user Pledditor highlighted the irony in a security-centric hardware wallet company failing to secure its own social media account.
X user DigitalHustlerX remarked on the difficulty, humor, and shame in the company not following its own security advice.
On January 17, Trezor discovered unauthorized access to a third-party support portal. The company revealed that users who had engaged with Trezor’s support team since December 2021 might have had their data compromised in this breach.
Despite the breach being unconfirmed, Trezor felt obligated to alert potentially affected users about the exposure of their contact details and the consequent phishing risks.
The attacker sent direct email messages to at least 41 users, soliciting sensitive information about their recovery seeds. Additionally, contact details of eight individuals who had created accounts on a trial discussion platform offered by the same third-party vendor were compromised.
To address this, Trezor has contacted all 66,000 individuals potentially affected to inform them of the situation.
Since its founding in 2012, Trezor has sold over two million hardware wallets , as stated on the company’s website. The firm offers three products that enable users to store over 9,000 different coins offline.