Do not open any emails appearing to come from Trezor until further notice
Popular cryptocurrency hardware wallet Trezor has issued a notice to all users not to open any emails appearing to come from Trezor until further information. Trezor confirmed that their direct mail provider MailChimp’s service had been compromised by an insider targeting crypto companies. They managed to take a phishing domain offline but still need to determine how many affected email addresses there are.
Summary
- A phishing attempt at MailChimp compromised popular hardware wallet Trezor.
- Trezor suspends all direct mail activity.
- Do not open any email originating from [email protected], and it is a phishing domain.
- Please ensure you are using anonymous email addresses for bitcoin-related activity. It’s another one of those cybersecurity tips to familiarize yourself with.
Trezor is a hardware crypto wallet providing advanced security for handling bitcoin and other cryptocurrencies’ private keys. Unlike traditional cold storage methods, Trezor makes secure payments without exposing users’ private keys to a potentially compromised computer.
Phishing domain
Vitally, this exploit is not the fault of Trezor. Instead, they investigate a potential data breach of an opt-in newsletter hosted on MailChimp. Additionally, a scam email warning of a data breach is circulating. Trezor users are advised not to open any email originating from [email protected] as it’s a phishing domain and ignore any emails from Trezor until further notice.
Trezor quickly took down the phishing domain, but it is still unclear how many users’ details could have been captured by the scam. The announcement came on Twitter at around 1 pm on April 3, 2022, and is still under investigation.
The bad actors have also tried to communicate with Trezor users through direct mail, but this is believed to be fake. We advise users to keep a close eye on the official Trezor Twitter for updates.
Check crypto & NFT assets on DappRadar
If you use a hardware wallet like Trezor you can use the standard hardware wallet address or the custom domain name attached to it to access your balances on Ethereum, BNB Chain, and Polygon using the DappRadar Portfolio Tracker. More importantly, Trezor users can quickly check to see if their balances are safe across those three networks amid this exploit.
Step 1: Go to this link and enter your hardware wallet address, ENS, or similar.
Step 2: Sit back and let the Portfolio Tracker import all your token and NFT assets.
Step 3: Check your portfolio.
The above does not constitute investment advice. The information given here is purely for informational purposes only. Please exercise due diligence and do your research. The writer holds positions in various cryptocurrencies, including BTC, ETH, and RADAR.