Pakistan Tech News

Weekly Must-ReadsView All
Popular Topics
Trending NowView All

A major new crypto wallet phishing campaign is targeting Trezor users

2 minute read
A major new crypto wallet phishing campaign is targeting Trezor users
Total
0
Shares
0
0
0

A new phishing campaign targeting cryptocurrency hardware wallet company Trezor has been detected.

These wallets allow cryptocurrency users to store their funds offline, rather than in a “hot wallet” (mobile or desktop app), or with a third party (exchange, custody service, or lending/borrowing company). Hardware wallets, also known as “cold wallets” are generally seen as a more secure way to store cryptocurrency, compared to the alternatives.

This also means that anyone who is serious about cryptocurrency (and has a large amount) is likely to keep them in cold storage, making Trezor users an attractive target for cybercriminals.

Securing the hacked wallet

In this new campaign, Trezor users have begun receiving SMS messages warning them of a “data breach” at the company, and urging them to “secure” their devices immediately. The SMS also comes with a hyperlink that victims must visit.

Trezor Suite recently suffered a security breach, assume all your assets are at risk. Please follow security measures to secure your assets: https://www.techradar.com/news/major-new-crypto-wallet-phishing-campaign-targets-trezor-usersthe message says.

Anyone who visits the link will see a fake Trezor site with the message “Your assets may be at risk!” and a start button where users can “lock” their assets. The first step in this process is to introduce the seeds of recovery.

Read more

> Mailchimp suffers another major data breach following an employee hack

> Coinbase cryptocurrency exchange hacked, sensitive data stolen

> These are the best endpoint protection services out there right now

The recovery seed, which is a string of 12 or 24 words, is used to recover the wallet, if the old device is stolen or damaged. Whoever has the initial phrase can recover the wallet and have full access to the funds. So, if the victim ends up entering this information on a phishing page, they give the attackers full access to their wallet, which they can later use to wipe out any and all funds in the account.

Trezor was alerted to the new campaign and took to Twitter to warn its customers that they were being impersonated, and it does not fail the trick. The company also said that it is not aware of any new data breaches, so the attackers likely obtained emails from Trezor users in the previous MailChimp incident.

  • Check out the best firewalls now

Via: BleepingComputer

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Leave a Reply

Your email address will not be published. Required fields are marked *

Prev
Alienware’s latest peripheral has landed, but the screen might be overkill
Alienware's latest peripheral has landed, but the screen might be overkill

Alienware’s latest peripheral has landed, but the screen might be overkill

Alienware launched a new line of PC peripherals today, expanding the size of its

Next
ChatGPT is exciting, but Microsoft’s influence is worrying
ChatGPT is exciting, but Microsoft's influence is worrying

ChatGPT is exciting, but Microsoft’s influence is worrying

The dream of AI has made its way into our daily lives, and ethical discussions

You May Also Like