CryptoPotato
CryptoPotato
  • Crypto News
  • Margin Trading
  • Guides
    • Bitcoin & Crypto Guides 101
    • Bitcoin For Beginners
    • Editorials
  • DeFi & NFT
  • Buy
  • Language
  • Crypto News
  • Bitcoin For Beginners
  • Cryptocurrency Guides 101
  • Editorials
  • Bitcoin & Crypto Margin Trading
  • DeFi & NFT News
  • Bitcoin Price Analysis
  • CryptoPotato Crypto Fund
  • Ethereum (ETH) Price Analysis
  • Ripple (XRP) Price Analysis
  • Market Updates
  • Interviews
  • Buy Bitcoin with Card
  • bitcoin
    BTC$22,827.00
  • ethereum
    ETH$1,569.03
    • Market Updates
    • BTC Analysis
    • ETH Analysis
    • XRP Analysis
    • Interviews
    • Opinions
    CryptoPotato
    CryptoPotato
    • Crypto News
    • Margin Trading
    • Guides
      • Bitcoin & Crypto Guides 101
      • Bitcoin For Beginners
      • Editorials
    • DeFi & NFT
    • Buy
    • Language
    • Crypto News
    • Bitcoin For Beginners
    • Cryptocurrency Guides 101
    • Editorials
    • Bitcoin & Crypto Margin Trading
    • DeFi & NFT News
    • Bitcoin Price Analysis
    • CryptoPotato Crypto Fund
    • Ethereum (ETH) Price Analysis
    • Ripple (XRP) Price Analysis
    • Market Updates
    • Interviews
    • Buy Bitcoin with Card
    Home » Crypto News » Trezor Users Targeted in a MailChimp Exploit

    Trezor Users Targeted in a MailChimp Exploit

    Author: Chayanika Deka

    Last Updated Apr 4, 2022 @ 09:36

    Trezor informed its users that a MailChimp “insider” is behind the latest phishing attack to steal funds stored in their wallets after compromising a mailing list.

    Popular cryptocurrency wallet company, Trezor announced investigating the email phishing campaign that targeted its users this weekend.

    The compromised mailing list was used to send fake notifications of data breaches and tried to steal funds from wallets.

    Phishing Attack

    It all started when several users took to Twitter to reveal about receiving emails to download an app from the “trezor.us” domain. However, the official Trezor domain name happens to be – “trezor.io.” The company later confirmed that the email addresses which were compromised belonged to those users who subscribed for newsletters hosted on Mailchimp, an email marketing service provider.

    The face email read,

    “We regret to inform you that Trezor has experienced a security incident involving data belonging to 106,856 of our customers and that the wallet associated with your e-mail address [email here] is within those affected by the breach.”

    It further asks users to download the latest Trezor Suite to set up a new seed phrase on their hardware wallet. The email also contains the “Download Latest Version” button, which directs users to a phishing site where, upon entering the seed, they will lose all the funds.

    ADVERTISEMENT

    Reports also suggest that the fraudsters behind the attack also downloaded the original Trezor Suite’s source code (since it’s open-source) and created their own modified fake app to look identical to the legitimate one. The fake suite, ironically, also had a banner at the top of the screen that warned users about phishing attacks.

    Trezor’s Confirmation

    In a statement, Trezor disclosed that a MailChimp “insider” had carried out the phishing attack by sending malicious links to users.

    “MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies. We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected.”

    The crypto wallet company also asserted that it will not be communicating by newsletter until the situation is resolved and urged its users not to open any emails appearing to come from Trezor until further notice. So far, it also informed that the phishing domains – trezor(.)us and suite(.)xn--trzor-o51b(.)com – have been taken down.

    The latest development comes just two weeks after crypto lending platform, BlockFi, along with Circle, Pantera Capital, NYDIG, suffered a data breach through a third-party vendor – HubSpot. The fraudster targeted individuals in the cryptocurrency industry.

    SPECIAL OFFER (Sponsored)
    Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

    PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.

    You Might Also Like:

    • Theta1
      Renowned Computer Engineer Cracks Trezor Wallet Containing $2 Million Worth of Crypto
    • Scam_Alert
      Beware: User Loses 3 Bored Ape NFTs on New Animation Phishing Site
    • opensea_guide2_cover
      OpenSea Compensates Affected Users with Over $1.8 Million Following Exploit
    Tags: Phishing Trezor
    Enjoy reading? Share with your friends
    Facebook Twitter LinkedIn Telegram

    About The Author

    Chayanika Deka
    More posts by this author

    Chayanika has been working as a financial journalist for three years. A graduate in Political Science and Journalism, her interest lies in regulatory implications with a focus on technological evolution in the crypto realm. Contact:Linkedin

  • bitcoin
    BTC$22,827.00
  • ethereum
    ETH$1,569.03
  • Join Our Community

    FacebookTwitter YouTubeTelegram


    Editorials
    How Long Will the Ethereum LSD Narrative Last? Talking 2023 Trends with Nansen’s Martin Lee

    How Long Will the Ethereum LSD Narrative Last? Talking 2023 Trends with Nansen’s Martin Lee

    Everything That’s Going on With Pi Network: From Start to Latest Controversial Listing

    Everything That’s Going on With Pi Network: From Start to Latest Controversial Listing

    What is Ethereum Liquid Staking and Why It Is Crucial As Shanghai Upgrade Approaches?

    What is Ethereum Liquid Staking and Why It Is Crucial As Shanghai Upgrade Approaches?

    The Lesson in Alameda-FTX About Government Regulation and Crypto (Opinion)

    The Lesson in Alameda-FTX About Government Regulation and Crypto (Opinion)

    5 Bullish and 2 Bearish Cases for DeFi Going Into 2023 (Opinion)

    5 Bullish and 2 Bearish Cases for DeFi Going Into 2023 (Opinion)

    From Google and Microsoft to Binance: Interview with Head of Product Mayur Kamat

    From Google and Microsoft to Binance: Interview with Head of Product Mayur Kamat

    13 Biggest Crypto Scandals and Controversial Stories of 2022

    13 Biggest Crypto Scandals and Controversial Stories of 2022

    Join Our Newsletter
    Become a CryptoPotato VIP
    One Weekly Email Can Change Your Crypto Life.
    Sign-up FREE to receive our extended weekly market update and coin analysis report
    We NEVER send spam. You can unsubscribe at any time.
    Invalid email address
    Thanks for subscribing!
    Footer Logo
    About
    Advertise on CryptoPotato
    About Us | Contact Us | Careers
    Editorial Policy
    Terms of service | Privacy Policy | GDPR
    More Sections
    IEO List | Evaluations
    Airdrops
    Scholarship
    Disclaimer
    Disclaimer: Information found on CryptoPotato is those of writers quoted. It does not represent the opinions of CryptoPotato on whether to buy, sell, or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk. Full disclaimer
    © Copyright CryptoPotato 2016 - 2021
    Scroll to top
    One Weekly Email Can Change Your Crypto Life.

    Sign-up FREE to receive our extended weekly market update and coin analysis report

    We never send SPAM. You can unsubscribe at any moment
    Invalid email address
    Thanks for subscribing!