Trezor Phishing Attack Is Now Under Investigation

Trezor has launched an investigation into a possible security breach after receiving complaints from users who appear to have been victims of phishing attacks.

Have Trezor users been victims of a phishing attack?

Numerous users on Twitter have sounded the alarm about mysterious emails from Trezor. This is said to be a phishing attack aimed at Trezor users via their registered email addresses.

Cryptocurrency hardware wallet provider Trezor has begun investigating a possible data breach. Users' personal and financial information is or was at risk.

What's behind the attack?

Today, several community users have warned about an email phishing campaign specifically targeting Trezor users, sending them fake emails:

In an attack on cloud-based cryptocurrency storage provider Trezor, several users in the United States were targeted by an impersonator. Recipients were sent emails along with a download link from the domain, which is different from the official Trezor domain

Trezor also reported that it discovered a malware campaign that compromised around 420 of its users' emails. It later emerged that the compromised addresses belonged to a list of people who subscribed to the company's newsletter, which is hosted at a popular email marketing service provider called Mailchimp:

Earlier today, Trezor announced the initial results of their research:

MailChimp has confirmed that their service has been compromised by an insider targeting crypto companies.

While Trezor is conducting a thorough investigation to verify the attacker's identity, the company has urged its customers not to open links from external sources.

Not only Trezor victims of phishing attacks

On March 19, New Jersey-based crypto financial institution BlockFi clarified that there had been a phishing attack to warn investors.

As BlockFi reported, there was a data breach. This breach reportedly compromised the databases of their former marketing software provider, Hubspot:

Hubspot has confirmed that an unauthorized third party has gained access to certain BlockFi customer data stored on the Hubspot platform.

According to BlockFi, the breach was limited to the Hubspot email marketing application. Users' personal information was never stored on Hubspot, according to a report published by BlockFi.

Think we missed something? Let us know in the comment section below.

Leave a Reply

Your email address will not be published. Required fields are marked *