Trezor Investigates Data Breach Following Ongoing Phishing Attack
- Trezor has launched an investigation into a potential data breach.
- In the ongoing attack, multiple Trezor users have been contacted by unauthorized actors claiming to be from the company.
- Trezor has confirmed that the source of the breach is Mailchimp, an American email marketing service provider.
Trezor, the cryptocurrency hardware wallet provider, has launched an investigation into a potential data breach that may have compromised a number of users’ email addresses and other personal information.
Members of the Crypto Twitter community warned Trezor users on Sunday about an ongoing email phishing campaign that specifically targets Trezor users via their registered email addresses.
In the ongoing attack, multiple Trezor users have been contacted by unauthorized actors claiming to be from the company. These users received an email that asked them to download an application from the “trezor.us” domain – a domain that is different to the official Trezor domain name, “trezor.io”.
The cybercriminals attempted to trap the recipients of the compromised email addresses into using the fake version of the Trezor Suite software and entering their wallet’s seed phrase – unwillingly giving the attackers full access to their funds.
It was initially suspected by the firm that the compromised email addresses belong to a list of users who signed up for newsletters. These newsletters are hosted on Mailchimp, which is an American email marketing service provider.
After looking into the Mailchimp matter, Trezor announced that “MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.”
Trezor stated in a subsequent post, “We have managed to take the phishing domain offline.”
As Trezor tries to determine the total number of email addresses that have been compromised, users have been advised to not click on any links coming from unofficial sources until further notice. The firm also advised users to use anonymous email addresses for any crypto-related activity.
To further protect users, Trezor has stated that they will not be communicating by newsletter until the situation is resolved.