Hardware Wallet Provider Trezor Targeted in Phishing Attack

A malicious actor pretending to be Trezor sent a false email requesting victims to update their software and change their wallet PIN

article-image

Blockworks exclusive art by axel Rangel

share

key takeaways

  • Trezor said Saturday its newsletter had been breached by an “insider targeting crypto companies”
  • The domain linked to the breach, ending in the extension .us, has since been taken down, the provider said

Cryptocurrency hardware wallet provider Trezor said Saturday it was investigating a data breach of its opt-in newsletter hosted on marketing platform MailChimp.

A scam email warning of a breach began circulating last week, according to affected users. Trezor then sent a warning via Twitter asking its users not to open emails originating from the phishing domain “[email protected].”

Users took to social media to warn against the scam email impersonating Trezor and its security team, which prompted victims to download the “latest version of Trezor Suite” and change their wallet PIN.

Loading Tweet..

The provider has since managed to take down multiple phishing domains targeting users including Trezor.us, according to a follow-up tweet on Sunday.

“MailChimp has confirmed that their service has been compromised by an insider targeting crypto companies,” Trezor said. “We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected.”

The company also said it would not communicate via its newsletter until the situation is resolved.

Questions have been raised by the community, wondering why the provider had not already registered top-level domains (TLD) including extensions .us, .net, and .com to prevent such attacks.

Still, some argue hackers could easily circumvent TLD registration by imitating the domain name and changing a single character, such as “Trez0r,” to dupe victims.

Trezor did not immediately respond to Blockworks’ request for comment.

This type of attack does not represent a threat to the cryptographic security of the hardware wallet, nor is it the first example of a crypto wallet firm being targeted. Rival hardware wallet manufacturer Ledger suffered a data leak of its marketing database in July 2020, which resulted in its users being the target of phishing attacks and other forms of fraud.


Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates (1).jpg

Research

With $13B in tokenized assets, strong institutional partnerships, and a clear first-mover advantage in the RWA space. The platform's methodical approach to regulatory compliance, coupled with its hybrid public-private architecture, positions it uniquely to capture significant market share in the emerging tokenization landscape. While current fee generation primarily stems from metadata transactions, the planned launch of Figure Markets, major exchange listings, and comprehensive market-making initiatives in 2025 could serve as powerful catalysts for growth.

article-image

Perena is built on the premise that as stablecoins proliferate, liquidity could fragment, and stablecoins aren’t useful if they aren’t liquid

article-image

From hackathons to trading tools and DAO governance, AI agents are redefining how we build and innovate

article-image

CME’s large bitcoin contracts are so big that investors are turning to micro bitcoin contracts

article-image

The third-largest stablecoin is going multichain for the first time in its seven-year history

article-image

Nano Labs’ news release notes confidence in bitcoin being “a reliable store of value amidst its rising global adoption”

article-image

Several big companies report third quarter earnings this week, likely moving markets