Phishing Campaign Targeting Trezor Hardware Users is in Wild

A new phishing campaign targeting Trezor hardware wallet users is in The Wild, which aims to steal cryptocurrency from victims.

Trezor said that their users’ mailing list was stolen by a MailChimp insider, who is maybe now using it to send phishing emails to Trezor users, asking them to download a fake Trezor suite app. This app is aimed at stealing the recovery phrase of users’ wallets, thereby stealing cryptocurrency balances in it.

Trezor Suite App-Based Phishing Campaign

Long-term cryptocurrency holders who wanted their coins to be safe would prefer hardware wallets like Trezor. This method of storage is safe, compared to storing coins in the cloud or in a cryptocurrency exchange. Though it’s the most secure way, there are campaigns targeting Trezor users to steal their cryptocurrency from hardware wallets.

As acknowledged by Trezor last week, a phishing campaign aimed at stealing Trezor wallet’s recovery phrase is in the wild. Trezor noted that their users’ mailing list was compromised from MailChimp’s end, their email partner, where an insider has stolen Trezor’s user email list.

This led the threat actor to send phishing emails to Trezor users with the subject of a fake data breach notification and ask users to download a fake Trezor suite app. And when unsuspecting users click on that app link, they will be redirected to a phishing page hosting the fake app.

Trezor made their suite app open-source, letting anyone use the source code for modifying it as desired. And we expect threat actors to have used this to create a malicious clone version of the Trezor suite app.

When users download and install this, they will be asked to enter their 12-14 word recovery phrase to set up their wallet, which if did, will transport the credentials to hackers C2. And this makes it easy for threat actors to steal the stored cryptocurrency easily, remotely.

Other Trending News:-  News


Please enter your comment!
Please enter your name here