Trezor Warns Wallet Users of Phishing Attack Linked to Ledger Hack

Wednesday, 16/12/2020 | 18:09 GMT by Aziz Abdel-Qader
  • Trezor suggests that attackers appear to be using data obtained from the hack of a competitor’s e-commerce database.
Trezor Warns Wallet Users of Phishing Attack Linked to Ledger Hack
Trezor

The creators of hardware wallet, Trezor have issued an urgent alert, saying that a Phishing attack against some of its users has occurred over the last few days. Trezor team said that a number of its customers received fake communications regarding their hardware wallets.

The crypto wallet provider confirmed that its customer data has not been leaked. Instead, Trezor suggests that attackers appear to be using data obtained from the hack of a competitor’s e-commerce database. It added that the timing and scope of this phishing scheme suggest that the hackers who obtained the data are blindly sending texts to customers, and created phishing links for them to enter their seeds.

Trezor is apparently referring to cryptocurrency hardware wallet firm, Ledger, which was hacked in June when attackers managed to break into their database and steal data belonging to roughly a million customers. The information exposed to hackers included names, shipping addresses and phone numbers.

“The attackers may have bought competitors’ customer data from a dark market, where breached data is often sold, allowing them to send malicious links to any contacts listed in that data. The scammer is sending links to a fake version of the Trezor website, a replica of wallet.trezor.io, which has been modified to ask visitors for their recovery seed, completely exposing their coins. Once the user enters their seed on the fake webpage, the attacker simply replicates their wallet and sends the funds to an address they own,” the crypto firm further explains.

Trezor Plays Down the Risks

Moreover, Trezor makes clear that it will never ask for important information such as recovery seed, identification numbers or passwords over text messages. To help in securing users against possible breaches of data, Trezor added they routinely anonymize all customer data and remove all records from its e-commerce system after 90 days of placement orders.

Open a Trading Account Today With These Recommended Brokers

While hardware wallets are often used as a Cold Storage method, they are not exempt from data breaches. Earlier this year, Kraken Security Labs disclosed a glaring flaw in the Trezor’s flagship hardware wallets, which allows attackers to steal the data stored within the devices.

Kraken cybersecurity researchers claim that the physical theft of encrypted seed can happen within 15 minutes of gaining access to the crypto wallet. While this flaw could only be exploited if there is physical access to the device, Kraken noted that it could only be fixed by overhauling the underlying design of Trezor’s products.

Trezor’s response was to point out that they are aware of this voltage glitching in the STM32 microchip, which allows an attacker with specialized hardware knowledge to obtain the encrypted recovery seed from the device.

More interestingly, Trezor attempted to underplay the significance of the issue, saying that the main threat and concern for crypto users were online and remote attacks, adding that any hardware is hackable.

The creators of hardware wallet, Trezor have issued an urgent alert, saying that a Phishing attack against some of its users has occurred over the last few days. Trezor team said that a number of its customers received fake communications regarding their hardware wallets.

The crypto wallet provider confirmed that its customer data has not been leaked. Instead, Trezor suggests that attackers appear to be using data obtained from the hack of a competitor’s e-commerce database. It added that the timing and scope of this phishing scheme suggest that the hackers who obtained the data are blindly sending texts to customers, and created phishing links for them to enter their seeds.

Trezor is apparently referring to cryptocurrency hardware wallet firm, Ledger, which was hacked in June when attackers managed to break into their database and steal data belonging to roughly a million customers. The information exposed to hackers included names, shipping addresses and phone numbers.

“The attackers may have bought competitors’ customer data from a dark market, where breached data is often sold, allowing them to send malicious links to any contacts listed in that data. The scammer is sending links to a fake version of the Trezor website, a replica of wallet.trezor.io, which has been modified to ask visitors for their recovery seed, completely exposing their coins. Once the user enters their seed on the fake webpage, the attacker simply replicates their wallet and sends the funds to an address they own,” the crypto firm further explains.

Trezor Plays Down the Risks

Moreover, Trezor makes clear that it will never ask for important information such as recovery seed, identification numbers or passwords over text messages. To help in securing users against possible breaches of data, Trezor added they routinely anonymize all customer data and remove all records from its e-commerce system after 90 days of placement orders.

Open a Trading Account Today With These Recommended Brokers

While hardware wallets are often used as a Cold Storage method, they are not exempt from data breaches. Earlier this year, Kraken Security Labs disclosed a glaring flaw in the Trezor’s flagship hardware wallets, which allows attackers to steal the data stored within the devices.

Kraken cybersecurity researchers claim that the physical theft of encrypted seed can happen within 15 minutes of gaining access to the crypto wallet. While this flaw could only be exploited if there is physical access to the device, Kraken noted that it could only be fixed by overhauling the underlying design of Trezor’s products.

Trezor’s response was to point out that they are aware of this voltage glitching in the STM32 microchip, which allows an attacker with specialized hardware knowledge to obtain the encrypted recovery seed from the device.

More interestingly, Trezor attempted to underplay the significance of the issue, saying that the main threat and concern for crypto users were online and remote attacks, adding that any hardware is hackable.

About the Author: Aziz Abdel-Qader
Aziz Abdel-Qader
  • 4984 Articles
  • 31 Followers

More from the Author

CryptoCurrency