The hardware wallet manufacturer Trezor is alerting its users that there is a crypto fraud going on, using a phishing attack. Basically, the attackers’ plan is to trick investors into entering their recovery seed phrase on a fake Trezor website.
Summary
Trezor Wallet: likely crypto fraud from phishing attack
Trezor‘s famous hardware crypto-wallet announced on Twitter that there is probable crypto fraud in the form of a phishing attack affecting wallet users.
🚨 Beware of the active phishing scam!
The attackers contact the victims via phone call, SMS and/or email to say that there’s been a security breach or suspicious activity on their Trezor account.
➡️ Please ignore these messages as they are not from Trezor. ⬅️
More info in🧵👇 pic.twitter.com/nzfSzfwcZ1
— Trezor (@Trezor) February 28, 2023
Basically, it appears that attackers are contacting their victims via phone calls, SMS and/or e-mail, trying to get them to enter their crypto-wallet recovery seed phrase on a fake Trezor website. The most frequently used excuse is precisely a “security breach” on their Trezor account.
In this regard, the hardware crypto-wallet states that they found no evidence of database breach, and that they would never contact their users via calls or SMS.
Trezor Wallet: “seed recovery phrase is your most cherished treasure”
The only way to cause crypto fraud against Trezor Wallet users is precisely to steal the recovery seed phrase. That is why the company itself reiterates in its tweet:
“Recovery seed is your dearest treasure!”
And indeed, the wallet’s seed recovery phrase, also known as the private key, is the most important part of cryptocurrency self-custody. It is what defines the user as the “owner of his money.”
Especially for a hardware wallet such as Trezor, the security of the recovery phrase is much more important than the security of the hardware wallet itself, since once the private keys are stolen, the owner loses all his cryptocurrencies.
This phishing attack, which appears not to have caused any crypto fraud yet, is not the first in Trezor’s history.
Indeed, back in April 2022, the same wallet had already announced to its users another attack, which came from the MailChimp newsletter service.
Essentially, an insider had compromised the service by targeting not only Trezor but cryptocurrency companies in general.
Precisely to avoid creating victims among its users, Trezor had decided to suspend its newsletters at least until the situation was later resolved.
Other cases of phishing attacks on CoinMarketCap and OpenSea
During the past year, two other giants in the crypto world allegedly suffered phishing attacks, and they are not hardware wallets.
In the case of CoinMarketCap, the attackers had created an account of their own project on the website, but renamed it to CoinMarketCap and added a link that led to a website pretending to be the original CoinMarketCap site.
On the fake website, carefully created by the attackers, tokens were being sold. At the same time, the hackers then also hacked the platform’s CryptTown social network, and created a series of verified accounts with which they posted messages about the sale of tokens.
In this way, users believed that such tokens were promoted and created by the “official” website, and the crypto fraud managed to collect 12 ETH and 192 BNB, with a total value at that time of $130,000.
As for OpenSea, last February 2022, the phishing attack against its users had lasted 3 hours and had been able to rob 32 victims.
Indeed, the vulnerability that enabled the attack was a flaw in the Wyvern protocol, an open source standard that underlies so many smart contracts and NFT platforms.
From here, hackers were reportedly able to steal some NFTs from the Cool Cats and Doodle collection totaling 254 works.
