Trezor users were definitely targeted in a Mailchimp exploit or a phishing attack that stole funds stored in their wallet after compromising the mailing list so let’s read more in today’s latest blockchain news.
The popular crypto wallet Trezor announced investigating the email phishing campaign that targeted its users and the compromised mailing list was used to send fake notifications on teh data breaches and steal funds from the users’ wallets.
It all started when a few users posted on Twitter to reveal about receiving emails and downloading the app from the trezor.us domain but the official domain name seems to be trezor.io. The company confirmed later that the email address was compromised and belonged to those users that subscribed for the newsletters that are hosted on Mailchimp. The email read:
“We regret to inform you that Trezor has experienced a security incident involving data belonging to 106,856 of our customers and that the wallet associated with your e-mail address [email here] is within those affected by the breach.”
It further asked users to download the latest Trezor Suite and set up a new seed phrase for their wallet but the email contains the “Download latest version” button that directs the users to a phishing site where before entering the seed, they will lose their funds. The report suggested that the fraudsters behind the attack downloaded the original Trezor Suite source code and created their own fake app to look identical to the legitimate one however the fake one also had a banner on teh screen that warned users about phishing attacks.
In a statemetn, Trezor disclosed that the MailChimp insider carried out the attack by sending malicious links to the users:
“MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies. We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected.”
The Trezor users were definitely targeted as the company asserted that it will not be communicated by newsletter until the situation is resolved and urged users not to open any emails that are coming from Tezor until furhter notice. So far, the phsihing domains have been taken down. In the latest developments, BlockFi and Circle as well as Pantera Capital suffered a data breach via a third-party vendor dubbed HubSpot.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]