Ethical Hacking News
Attackers have exploited a vulnerability in Trezor's automated support system to send phishing emails, posing as legitimate assistance and seeking to steal user credentials and assets. Cryptocurrency users are urged to exercise caution when interacting with automated support systems or responding to unsolicited messages claiming to be from legitimate sources.
Trezor has been targeted by a phishing campaign that used its support platform to steal user credentials and assets. The attackers exploited a vulnerability in the automated support system's email reply feature to send deceptive emails from the official platform. Users were tricked into clicking on links that appeared authentic but actually led to phishing sites asking for wallet seeds, putting their assets at risk. Trezor has issued a warning and is taking steps to prevent similar abuse by implementing additional security measures. The incident highlights the ongoing threat of phishing campaigns targeting cryptocurrency users and the importance of robust security measures for online platforms and wallet providers.
Trezor, a leading provider of hardware wallets for cryptocurrency storage, has fallen victim to a phishing campaign that has seen its support platform abused by attackers seeking to steal user credentials and assets. According to the company's latest announcement, a malicious actor attempted to use Trezor’s automated support system to send deceptive emails from the official platform, posing as legitimate assistance.
The feature in question allows users to submit support requests using any email address and subject line, and the system then replies automatically, sending a case number and using the submitted ticket title as the email subject. Attackers have exploited this vulnerability by submitting tickets with titles containing urgent phishing messages, such as "[URGENT]: vault.trezor.guide - Create a Trezor Vault now in order to secure assets who may potentially be at risk."
These emails are crafted to appear authentic, as they come from the legitimate help@trezor.io address. However, upon clicking on the link provided, recipients are redirected to a phishing site that asks for their wallet seed. This poses a significant threat to users, as anyone with access to another user's seed phrase can restore a wallet on another device, giving them full control over the assets.
Trezor has issued a warning to its users, urging them never to share their wallet seed with anyone. The company is also taking steps to prevent similar abuse in the future by implementing additional security measures that will protect its support platform from malicious actors.
This incident highlights the ongoing threat of phishing campaigns targeting cryptocurrency users. In recent months, Trezor has experienced several instances of supply chain attacks and data breaches, demonstrating the importance of robust security measures for online platforms and wallet providers.
In April 2022, email marketing firm MailChimp suffered a security breach that allowed attackers to send phishing emails to Trezor wallet holders. This incident underscored the need for vigilance among users when interacting with automated support systems or responding to unsolicited messages claiming to be from legitimate sources.
Similarly, in February 2023, a massive phishing campaign impersonating Trezor flooded users with malicious emails and SMS, prompting them to visit a phishing page to "secure their device." The incident demonstrated the importance of staying informed about potential threats and verifying the authenticity of messages before taking any action.
Lastly, in January 2024, Trezor's support site suffered a data breach caused by unauthorized access to its third-party support ticketing portal. This incident exposed the sensitive information of roughly 66,000 Trezor users who interacted with the platform’s support since late 2021. The breach highlighted the need for robust security measures and adequate user verification processes.
In light of these incidents, it is crucial for cryptocurrency users to exercise caution when interacting with automated support systems or responding to unsolicited messages claiming to be from legitimate sources. Users should never share their wallet seed with anyone and verify the authenticity of messages before taking any action. Additionally, providers of online platforms and wallet services must prioritize robust security measures to protect their users' sensitive information.
Attackers have exploited a vulnerability in Trezor's automated support system to send phishing emails, posing as legitimate assistance and seeking to steal user credentials and assets.
Related Information:
https://www.ethicalhackingnews.com/articles/Trezors-Support-Platform-Abused-for-Crypto-Theft-Phishing-Campaign-Exposes-Users-to-Malicious-Emails-ehn.shtml
https://www.bleepingcomputer.com/news/security/trezors-support-platform-abused-in-crypto-theft-phishing-attacks/
Published: Tue Jun 24 13:07:34 2025 by llama3.2 3B Q4_K_M
