Legal Notice: Nothing on the website constitutes professional and/or financial advice. All the content on the website is for informational purposes only. We have prepared all information herein from sources we believe to be accurate and reliable. However, such information is presented as is,” without warranty of any kind – whether expressed or implied. You acknowledge and agree that there are numerous risks associated with purchasing cryptocurrencies.

CDS Crypto News Trezor attributes the compromise of Account X to phishing rather than SIM swap

Crypto News

Trezor attributes the compromise of Account X to phishing rather than SIM swap

SatoshiLabs disclosed their suspicion that the breach was the result of a meticulously planned and sophisticated phishing attack orchestrated by hackers over the course of several weeks.

sevval22/03/20241 Mins read142

Crypto News– SatoshiLabs, the company behind Trezor crypto hardware wallets, has provided a detailed account of an incident involving the posting of fraudulent presale token announcements on its official account, X.

Trezor attributes the compromise of Account X to phishing rather than SIM swap

The company clarified that the security breach resulted from a phishing attack, contrary to initial suspicions of a SIM-swap attack.

Emphasizing their reliance on more secure authentication methods instead of mobile-based two-factor authentication, SatoshiLabs outlined the measures they employ.

Despite these precautions, unauthorized and misleading posts were made by attackers, urging users to transfer funds to an unidentified wallet address along with harmful links redirecting to a fake token presale site.

Independent blockchain investigator ZachXBT alerted his 528,000 followers about Trezor’s suspected breach in a post on X on March 19.

🚨Update on our X account security incident🚨

Earlier this week, we experienced a breach of our X account due to a sophisticated phishing attack.

Immediate actions were taken to secure our account & no product security was compromised.

For more,
👉 https://t.co/ZZOHSNtI9u
— Trezor (@Trezor) March 21, 2024

Trezor’s official account, X, was used to disseminate posts promoting fraudulent presale token offerings. SatoshiLabs confirmed unauthorized access to its X account on March 19, suspecting a sophisticated phishing attack orchestrated by hackers over several weeks.

The impersonator, posing as the legitimate X account holder with thousands of followers, reached out to SatoshiLabs‘ public relations team proposing an interview with the CEO. During a subsequent meeting, the impersonator shared a malicious link disguised as a Calendly calendar invitation.

Upon clicking the link, a team member was prompted to provide their X login credentials, raising suspicion. Although the meeting was rescheduled, the attacker, feigning technical difficulties, managed to link their Calendly to SatoshiLabs’ X account in the next session.

Trezor experienced a security breach in January, exposing the contact details of nearly 66,000 users. According to the company’s website, over two million hardware wallets have been sold since its launch in 2012.