SatoshiLabs, the company that designs and markets Trezor crypto hardware wallets, has issued a detailed explanation of an incident that led to the posting of fraudulent presale token announcements on its official X account.
The company said the security breach was caused by a phishing attack, not a SIM-swap attack, which it suspected at the time.
SatoshiLabs emphasized that it does not use a mobile device for two-factor authentication, instead opting f.
Despite these precautions, attackers made a series of unauthorized and misleading posts, including requests for users to send funds to an unidentified wallet address alongside harmful links, which sent users to a bogus token presale site.
Independent blockchain sleuth ZachXBT notified his 528,000 followers on X of Trezor’s suspected breach in a March 19 X post.
The official X account of hardware wallet manufacturer Trezor published a series of posts directing users to fraudulent presale token offerings.
SatoshiLabs disclosed that it detected unauthorized entry into its X account on March 19. It now suspects it to be a sophisticated and premeditated phishing attack planned by hackers over several weeks.
Once SatoshiLabs became aware of the breach, the deceptive posts were promptly identified and removed, limiting damage. The company said:
“We want to stress here that the security of all our products remains unaffected. This incident has in no way impacted or compromised the security of Trezor hardware wallets or any of our other products.”
Investigations indicate that starting on Feb. 29, the attackers posed as credible entities in the cryptosphere. They maintained a convincing social media presence and engaged in seemingly authentic discussions.
Related: HECO Chain exploiter anonymizes $145M of Ether on Tornado Cash in 8 days
Under the guise of a well-established X account with thousands of followers, the impersonator contacted SatoshiLabs’ public relations team, suggesting an interview with the CEO. Following this, a meeting was arranged, during which the impersonator shared a malicious link disguised as a Calendly calendar invitation.
A team member was prompted for their X login credentials by clicking the calendar link, raising suspicion. However, the meeting was rescheduled. In the next session — pretending to be facing technical issues — the attacker succeeded in linking their Calendly to SatoshiLabs’ X account.
Trezor suffered a security breach in January that exposed the contact information of nearly 66,000 users. According to the firm’s website, the wallet maker has sold over two million hardware wallets since it launched in 2012.
Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story
We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support. SatoshiLabs, the company that designs and markets Trezor crypto hardware wallets, has issued a detailed explanation of an incident that led to the posting of fraudulent presale token announcements on its official X account. The company said the security breach was caused by a phishing attack, not a SIM-swap attack, which it suspected at the time. SatoshiLabs emphasized that it does not use a mobile device for two-factor authentication, instead opting f. Despite these precautions, attackers made a series of unauthorized and misleading posts, including requests for users to send funds to an unidentified wallet address alongside harmful links, which sent users to a bogus token presale site. Independent blockchain sleuth ZachXBT notified his 528,000 followers on X of Trezor’s suspected breach in a March 19 X post. The official X account of hardware wallet manufacturer Trezor published a series of posts directing users to fraudulent presale token offerings. SatoshiLabs disclosed that it detected unauthorized entry into its X account on March 19. It now suspects it to be a sophisticated and premeditated phishing attack planned by hackers over several weeks. Once SatoshiLabs became aware of the breach, the deceptive posts were promptly identified and removed, limiting damage. The company said: “We want to stress here that the security of all our products remains unaffected. This incident has in no way impacted or compromised the security of Trezor hardware wallets or any of our other products.” Investigations indicate that starting on Feb. 29, the attackers posed as credible entities in the cryptosphere. They maintained a convincing social media presence and engaged in seemingly authentic discussions. Related: HECO Chain exploiter anonymizes $145M of Ether on Tornado Cash in 8 days Under the guise of a well-established X account with thousands of followers, the impersonator contacted SatoshiLabs’ public relations team, suggesting an interview with the CEO. Following this, a meeting was arranged, during which the impersonator shared a malicious link disguised as a Calendly calendar invitation. A team member was prompted for their X login credentials by clicking the calendar link, raising suspicion. However, the meeting was rescheduled. In the next session — pretending to be facing technical issues — the attacker succeeded in linking their Calendly to SatoshiLabs’ X account. Trezor suffered a security breach in January that exposed the contact information of nearly 66,000 users. According to the firm’s website, the wallet maker has sold over two million hardware wallets since it launched in 2012. Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story
We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support. Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyiDisclaimer
Trezor says phishing, not SIM swap, compromised X account
Disclaimer
More like this
Popular
Upcoming Events
