|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Cryptocurrency News Articles
Trezor X Account Hit by Phishing Attack, Not SIM Swap
Mar 22, 2024 at 07:10 pm
Trezor, the hardware wallet provider, has clarified that a phishing attack, not a SIM swap, compromised its official Twitter account, leading to fraudulent token presale announcements. Despite robust security measures, attackers gained access to the account, posting malicious links and requesting funds. Trezor emphasizes that the security of its hardware wallets remains unaffected and has taken steps to mitigate further damage.
SatoshiLabs Details Trezor X Account Phishing Attack
SatoshiLabs, the manufacturer of Trezor crypto hardware wallets, has provided a comprehensive account of an incident involving fraudulent token presale announcements posted on its official Twitter account.
Phishing Attack, Not SIM Swap
The company clarified that the security breach was attributed to a phishing attack, contrary to its initial suspicion of a SIM-swap attack. SatoshiLabs emphasized that it does not employ mobile devices for two-factor authentication, utilizing more secure methods instead.
Unauthorized Posts and Harmful Links
Despite these safeguards, attackers managed to post a series of unauthorized and misleading tweets, soliciting funds from users to an unidentified wallet address. Additionally, harmful links were included, redirecting users to a bogus token presale website.
Blockchain Sleuth's Notification
Independent blockchain sleuth ZachXBT alerted his 528,000 Twitter followers of Trezor's suspected breach on March 19th.
Unauthorized Access to Twitter Account
SatoshiLabs confirmed unauthorized entry into its Twitter account on March 19th. Investigations revealed a sophisticated and premeditated phishing attack orchestrated by hackers over several weeks.
Prompt Removal of Deceptive Posts
Upon discovering the breach, SatoshiLabs swiftly identified and removed the deceptive posts, mitigating potential damage. The company stated: "We want to stress here that the security of all our products remains unaffected. This incident has in no way impacted or compromised the security of Trezor hardware wallets or any of our other products."
Attackers' Sophisticated Tactics
Investigations indicated that the attackers posed as reputable entities in the cryptocurrency community starting on February 29th. They maintained a credible social media presence and engaged in seemingly genuine discussions.
Impersonation and Malicious Link
Impersonating a well-established Twitter account with thousands of followers, the attacker contacted SatoshiLabs' public relations team, proposing an interview with the CEO. A meeting was subsequently scheduled, during which the impersonator shared a malicious link disguised as a Calendly calendar invitation.
Compromised Login Credentials
Clicking the calendar link prompted a team member to enter their Twitter login credentials, raising suspicion. However, the meeting was rescheduled. In the next session, the attacker, feigning technical difficulties, successfully linked their Calendly account to SatoshiLabs' Twitter account.
Previous Security Breach
In January, Trezor experienced a security breach that exposed the contact information of approximately 66,000 users. According to the company's website, it has sold over two million hardware wallets since its inception in 2012.
Conclusion
SatoshiLabs' detailed account of the phishing attack highlights the importance of vigilance in cybersecurity. The company's emphasis on secure authentication methods and prompt response to the breach underscore its commitment to safeguarding its users' assets.
Disclaimer:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- Australia's new digital ID scheme falls short of global privacy standards. Here's how it can be fixed
- Oct 30, 2024 at 08:15 am
- The federal government is still developing the system, with a pilot expected to run next year. Known as the “Trust Exchange”, it is part of the Trusted Digital Identity Framework, which is designed to securely verify people’s identities using digital tokens.
-
- Maga (TRUMP) Coin Shows Renewed Bullish Signs a Week Before the 2024 United States Presidential Election
- Oct 30, 2024 at 08:15 am
- As of this writing, the Donald Trump-inspired meme coin is trading at $4.49, noting a 35% uptick over the past week. Its technical setup hints at the possibility of an extended rally. This analysis explores why.
-
- Shiba Inu (SHIB) Price Shows Signs of Breakout, But Crypto Experts Believe This Low-cost Token (ETFS) Has More Potential to Grow 30,000% First
- Oct 30, 2024 at 08:15 am
- The Shiba Inu price has been an impressive uptick as the crypto market gains stability. Crypto experts have even begun making significant projections as high as 50% for Shiba Inu price in the coming days.
-
- Tether Mints $1B USDT on Tron Blockchain, but Tokens Are Still Under "Authorized But Not Issued" Status
- Oct 30, 2024 at 08:15 am
- The newly minted tokens are already available to use, however, they are still under the “authorized but not issued”, meaning that the new billion USDT won’t impact Tether's market capitalization.