Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
SatoshiLabs, the organization responsible for Trezor hardware cryptocurrency wallets, disclosed on March 21 that the recent breach of its X (formerly Twitter) account was due to a phishing scam rather than a SIM-swap attack as initially thought.
The hardware wallet also indicated that only its X social media account was affected and assured users of the security of all wallets used for cryptocurrency transactions and storage.
Trezor Confirms No Trezor Account or Funds Were Compromised
Cryptonews recently reported on the breach of Trezor’s X account after well-known blockchain and crypto security analyst ZachXBT informed his 533K followers about the compromise of the hardware wallet’s page.
Community alert: Trezor X/Twitter account is currently compromised pic.twitter.com/hNm2OUjEgE
— ZachXBT (@zachxbt) March 19, 2024
Shortly thereafter, the crypto security firm Scam Sniffer identified the suspicious activity and cautioned crypto traders to avoid the account.
As per SatoshiLab’s comprehensive report via Medium, the unauthorized access to their X account was detected at 11:53 PM on March 19, bypassing several security measures, including two-factor authentication (2FA) and a robust password.
Update on our X account security incident
Earlier this week, we experienced a breach of our X account due to a sophisticated phishing attack.
Immediate actions were taken to secure our account & no product security was compromised.
For more,
https://t.co/ZZOHSNtI9u
— Trezor (@Trezor) March 21, 2024
Nonetheless, the hardware wallet manufacturers stated that all issues have been addressed, and accounts within its ecosystem remain secure.
“We want to emphasize that the security of all our products is intact,” SatoshiLabs stated. “This incident has not affected or compromised the security of Trezor hardware wallets or our other products. Your Trezor device and Trezor Suite are secure.”
It is important to note that the hardware wallet’s X account was utilized to promote a $TRZR presale on the Solana blockchain network during the breach, misleading traders into sending funds to a Solana wallet.
Related Posts
The post also referenced a new Solana memecoin called Slerf to garner additional attention and directed crypto investors to click on a harmful link designed to connect to their wallets and erase all assets and funds stored. These posts were removed shortly thereafter.
Notable Web3 security analyst John Holmquist remarked that the hardware wallet breach was due to failing to implement two-factor authentication (2FA).
Trezor is not having a presale.
Trezor’s account is compromised…
Good time to mention you can use a Trezor as a security key for 2FA to secure your Twitter account?
Absolutely major L from a security company, please take account security more seriously. pic.twitter.com/ZQtgqdRx6G
— Jon_HQ (@Jon_HQ) March 19, 2024
This assertion was inaccurate, however, as SatoshiLab clarified that its X account had 2FA and other security measures in place. It remains unclear if there will be an upcoming investigation to identify the perpetrator(s).
Trezor Asserts Phishing Attack Was in the Works for Weeks
SatoshiLab further emphasized that the breach of the official X account was a sophisticated and calculated phishing attack that had been planned for weeks.
The company’s investigation revealed that the scheme began on February 29, 2024. The malicious actors established a fake entity in the crypto sector that convinced members of crypto communities of its high credibility.
Although the name of the entity was not disclosed in the report, it was noted that the bad actor engaged in authentic crypto discussions to enhance its media presence, increased their follower count to thousands, and contacted SatoshiLab’s PR team for an interview with the wallet firm’s CEO.
This resulted in a meeting being arranged and a malicious link being shared under the pretense of a Calendly invitation. A member of the firm’s PR team clicked the link and was redirected to a page requesting X login credentials, which raised concerns and halted initial plans for an interview, leading to a suggested reschedule.
During the rescheduled meeting, the attacker informed Trezor’s team members of technical difficulties and requested call authorization, which connected the attacker’s Calendly app with SatoshiLab’s X account.
This breach then allowed the malicious actors to promote fraudulent crypto and harmful links on behalf of the hardware wallet. This was what ZachXBT detected, prompting him to alert his followers.
The post Trezor Clarifies Security Breach: Phishing Attack Identified as Cause of Compromised X Account appeared first on Cryptonews.
