Trezor Confirms Unauthorized Use of Email Provider Led to Malicious Emails
Hardware wallet provider Trezor has confirmed that the unauthorized use of its third-party email provider led to a spate of malicious emails sent to users over the past 12 hours.
Trezor Says it Has Deactivated the Malicious Link
Trezor assured its users that it had successfully deactivated the malicious link and emphasized that user funds remained safe as long as the recovery seed was not entered. However, for those who did enter their recovery seed, Trezor asked them to transfer their funds to a new wallet immediately.
Recent Hack Might be Linked to Breach of Support Portal
Some speculate that this recent attack may be linked to a security breach of Trezor’s support portal in which the contact information of approximately 66,000 users was exposed on January 17. Despite the breach, the company emphasized that no recovery seed phrases were disclosed as a result of the incident. At the time, the hardware wallet provider also said it has restricted access to unauthorized actors and has been in the process of contacting the affected users.
It is worth noting that this is not the first time Trezor has faced attempts to compromise user funds. While being a reputable name in the cryptocurrency hardware wallet industry, Trezor has faced its fair share of security challenges over the years. In February of the previous year, Trezor warned users about a phishing attack that aimed to steal investor funds by tricking them into entering their recovery phrase on a fake Trezor website. Additionally, in May, cybersecurity firm Kaspersky reported the emergence of a counterfeit hardware wallet posing as Trezor. This fraudulent device utilized a replaced microcontroller to gain control of a user’s private keys, enabling the scammers to steal funds.
Hot Take: Trezor Takes Action Against Malicious Emails
Trezor has taken swift action to address the unauthorized use of its email provider and the subsequent phishing attempt. By deactivating the malicious link and ensuring that user funds are safe as long as recovery seeds are not entered, Trezor has demonstrated its commitment to protecting its users’ assets. While this incident may be concerning, it is important to remember that no recovery seed phrases were disclosed in the breach of Trezor’s support portal. As a reputable hardware wallet provider, Trezor has faced security challenges in the past but has consistently taken steps to mitigate risks and safeguard user funds. Users should remain vigilant and follow best practices for securing their cryptocurrency assets.
By
By
By
By