The crypto wallet provider Trezor has sent a warning to its users. There would be a new phishing attack going around that focuses on stealing their private keys and thus their crypto investment(s).
Phishing attack is active
On February 28, Trezor warned via Twitter users for an active phishing attack. This attack aims to steal funds from investors by tricking them into entering their crypto wallet’s recovery phrase on a fake Trezor website.
The phishing campaign involves attackers impersonating Trezor and approaching victims via phone calls, texts or emails. They claim that there is a security breach or suspicious activity on the victim’s Trezor account.
“Trezor Suite recently suffered a security breach, assume all your assets are vulnerable,” reads the bogus message, inviting users to follow a phishing link to “secure” their Trezor device. However, this turns out to be a big scam.
Trezor therefore asked via Twitter to ignore these messages. She emphasized that she will never contact his customers via calls or SMS, something that happens with the active scam. The company added that Trezor has not found any evidence of a data breach.
Stealing recovery phrase
Reportedly, the scam has been live since about February 27 this year. Users are unknowingly redirected to a domain of the hackers, where they are then asked to enter their recovery phrase. The domain offers a perfectly crafted fake Trezor website that asks users to secure their wallets by clicking a button that says “Start” in it.
After clicking the “Start” button, users are prompted to provide the recovery phrase for their cryptocurrency wallet.
The private keys, also known as the wallet recovery phrase, are the most important element of self-management when holding crypto on a software or hardware wallet that is not managed by a third party, i.e. “being your own bank”. Securing the recovery phrase is much more important than securing the hardware wallet, because once the private keys are in the hands of malicious parties, the owner has no control over his or her crypto asset.
Trezor more often targeted by hackers
Shortly after the metaverse company The Sandbox suffered a data breach on Feb. 26, in which a phishing email was sent to users, news of the latest phishing attack against clients of Trezor came.
This isn’t the first time Trezor wallets have been targeted by phishing attacks. In April 2022, Trezor users were approached by attackers posing as the company and requesting that they download a fake Trezor app.
Finally, in 2020, Ledger suffered a massive data breach in which attackers stole personal information from more than 270,000 Ledger customers and then made it public.
