Hardware Wallet Provider Trezor Targeted in Phishing Attack

A malicious actor pretending to be Trezor sent a false email requesting victims to update their software and change their wallet PIN


Blockworks exclusive art by axel Rangel


key takeaways

  • Trezor said Saturday its newsletter had been breached by an “insider targeting crypto companies”
  • The domain linked to the breach, ending in the extension .us, has since been taken down, the provider said

Cryptocurrency hardware wallet provider Trezor said Saturday it was investigating a data breach of its opt-in newsletter hosted on marketing platform MailChimp.

A scam email warning of a breach began circulating last week, according to affected users. Trezor then sent a warning via Twitter asking its users not to open emails originating from the phishing domain “[email protected]

Users took to social media to warn against the scam email impersonating Trezor and its security team, which prompted victims to download the “latest version of Trezor Suite” and change their wallet PIN.

Loading Tweet..

The provider has since managed to take down multiple phishing domains targeting users including Trezor.us, according to a follow-up tweet on Sunday.

“MailChimp has confirmed that their service has been compromised by an insider targeting crypto companies,” Trezor said. “We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected.”

The company also said it would not communicate via its newsletter until the situation is resolved.

Questions have been raised by the community, wondering why the provider had not already registered top-level domains (TLD) including extensions .us, .net, and .com to prevent such attacks.

Still, some argue hackers could easily circumvent TLD registration by imitating the domain name and changing a single character, such as “Trez0r,” to dupe victims.

Trezor did not immediately respond to Blockworks’ request for comment.

This type of attack does not represent a threat to the cryptographic security of the hardware wallet, nor is it the first example of a crypto wallet firm being targeted. Rival hardware wallet manufacturer Ledger suffered a data leak of its marketing database in July 2020, which resulted in its users being the target of phishing attacks and other forms of fraud.

Get the day’s top crypto news and insights delivered to your email every evening. Subscribe to Blockworks’ free newsletter now.

Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from Blockworks Research’s Daily Debrief.

Can’t wait? Get our news the fastest way possible. Join us on Telegram and follow us on Google News.


upcoming event

MON - WED, MARCH 18 - 20, 2024

Digital Asset Summit (DAS) is returning March 2024. This year’s event will be held in our nation’s capital, where industry leaders, policymakers, and institutional experts will come together to discuss the latest developments and challenges in the ever-evolving world of cryptocurrency. […]

upcoming event

MON - WED, SEPT. 11 - 13, 2023

2022 was a meme.Skeptics danced, believers believed.Eventually, newcomers turned away, drained of liquidity and hope.Now, the tide is shifting and it’s time to rebuild. Permissionless II is the brainchild of Blockworks and Bankless. It’s not just a conference, but a call […]

recent research

Cosmos Hub: ATOM Economic Zone


Replicated Security, the Hub’s Validation-as-a-Service offering that went live in March, is the first step in bringing value accrual to ATOM stakers.



Following its deployment on zkSync Era, Rocket Pool has no immediate plans to launch on other chains


“Billions of dollars” are currently stored in apps like Venmo and PayPal and just like crypto exchanges, they are not FDIC insured


Bitcoin price predictions are meaningless, so let’s expend our prediction energy on something that actually matters


A new complaint against Elon Musk and Tesla alleges that Musk manipulated both bitcoin and dogecoin


Kenya’s central bank doesn’t seem enamored by the idea of a CBDC but hasn’t slammed the door shut yet


Both Ethereum and Solana have enjoyed vibrant DeFi environments, but this has not yet been the case for Cosmos