Hardware Wallet Provider Trezor Targeted in Phishing Attack

A malicious actor pretending to be Trezor sent a false email requesting victims to update their software and change their wallet PIN


Blockworks exclusive art by axel Rangel


key takeaways

  • Trezor said Saturday its newsletter had been breached by an “insider targeting crypto companies”
  • The domain linked to the breach, ending in the extension .us, has since been taken down, the provider said

Cryptocurrency hardware wallet provider Trezor said Saturday it was investigating a data breach of its opt-in newsletter hosted on marketing platform MailChimp.

A scam email warning of a breach began circulating last week, according to affected users. Trezor then sent a warning via Twitter asking its users not to open emails originating from the phishing domain “[email protected].”

Users took to social media to warn against the scam email impersonating Trezor and its security team, which prompted victims to download the “latest version of Trezor Suite” and change their wallet PIN.

Loading Tweet..

The provider has since managed to take down multiple phishing domains targeting users including Trezor.us, according to a follow-up tweet on Sunday.

“MailChimp has confirmed that their service has been compromised by an insider targeting crypto companies,” Trezor said. “We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected.”

The company also said it would not communicate via its newsletter until the situation is resolved.

Questions have been raised by the community, wondering why the provider had not already registered top-level domains (TLD) including extensions .us, .net, and .com to prevent such attacks.

Still, some argue hackers could easily circumvent TLD registration by imitating the domain name and changing a single character, such as “Trez0r,” to dupe victims.

Trezor did not immediately respond to Blockworks’ request for comment.

This type of attack does not represent a threat to the cryptographic security of the hardware wallet, nor is it the first example of a crypto wallet firm being targeted. Rival hardware wallet manufacturer Ledger suffered a data leak of its marketing database in July 2020, which resulted in its users being the target of phishing attacks and other forms of fraud.

Don’t miss the next big story – join our free daily newsletter.


Upcoming Events

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

MON - WED, MARCH 18 - 20, 2024

Crypto’s premier institutional conference returns to London in March 2024. The DAS: London Experience:  Attend expert-led panel discussions and fireside chats  Hear the latest developments regarding the crypto and digital asset regulatory environment directly from policymakers and experts   Grow your network […]

recent research

Pyth Cover.jpg


Pyth is a low latency pull-based oracle. In a future that looks increasingly high frequency, with various alt L1s and L2s that have significantly shorter block times than Ethereum, and an explosion of “high-frequency” protocols such as oracle or CLOB perp DEXs, Pyth’s low latency oracle product looks much better positioned to capture a significant amount of market share in comparison to competitors.


Binance settlement “an important part of clearing the way for the next bull market cycle,” crypto hedge fund executive says


Hester Peirce reiterated Tuesday that court cases are not the only path to regulatory clarity for crypto, but her colleagues do not always agree


The indictment followed leaks Monday that a Binance settlement deal was forthcoming


The Binance executive is also reportedly set to make an appearance in a Seattle courtroom Tuesday


Monday developments reaffirmed the US as unfriendly to crypto while also offering a potential bullish outlook for segment firms, industry watchers say


It’s unclear what “actions” the CFTC, DOJ and Treasury will announce Tuesday afternoon