Trezor, a crypto hardware wallet company, has confirmed reports that some of its users were the target of a phishing attack this weekend.
In a tweet Sunday morning, Trezor said a subscription newsletter hosted on MailChimp was investigating a possible data breach and warned users to avoid opening emails from “[email protected]”.
Trezor quoted in a later post;
“MailChimp, we have confirmed that their service has been compromised by an insider targeting crypto companies. We managed to take the phishing domain offline. We are trying to determine how many email addresses were affected.”
The company warned users as follows;
“We will not contact the newsletter until the situation is resolved. Do not open any email that appears to be from Trezor until further notice. Please make sure to use anonymous email addresses for Bitcoin-related activities.”
Trezor users started sharing screenshots of the phishing attempt they experienced on Saturday. According to the messages, the phishing attack was an attempt to encourage users to download malicious code under the guise of Trezor’s Suite desktop app, alleging a bogus security breach at the company.
Hey @Trezor, I just got an email from you or someone spoofing you that Trezor Suite might be compromised due to a hack. The email contains a link to download a newer version. Is that a legit email or a phishing email? Did you guys get hacked and find out about it today?
— Undisclosed ₿ (@BitcoinUndisc) April 3, 2022
14931
