Trezor

Trezor

Trezon, a hardware cryptocurrency wallet, was targeted in a phishing attack through emails as they were sent through one of their opt-in newsletters hosted at MailChimp.

A compromised Trezor hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them.

Trezor hardware wallet owners began receiving data breach notifications prompting recipients to download a fake Trezor Suite software that would steal their recovery seeds.

However, MailChimp confirmed that their service was compromised by an "insider" targeting cryptocurrency companies.

Source: https://www.bleepingcomputer.com/news/security/fake-trezor-data-breach-emails-used-to-steal-cryptocurrency-wallets/

TPRM report: https://scoringcyber.rankiteo.com/company/trezor

"id": "tre03728522",
"linkid": "trezor",
"type": "Breach",
"date": "04/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Hardware Cryptocurrency Wallet',
                        'name': 'Trezor',
                        'type': 'Company'},
                       {'industry': 'Email Marketing',
                        'name': 'MailChimp',
                        'type': 'Company'}],
 'attack_vector': ['Email',
                   'Fake Data Breach Notifications',
                   'Fake Software Download'],
 'data_breach': {'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Recovery Seeds',
                                              'Cryptocurrency Wallets']},
 'description': 'Trezon, a hardware cryptocurrency wallet, was targeted in a '
                'phishing attack through emails as they were sent through one '
                'of their opt-in newsletters hosted at MailChimp. A '
                'compromised Trezor hardware wallet mailing list was used to '
                'send fake data breach notifications to steal cryptocurrency '
                'wallets and the assets stored within them. Trezor hardware '
                'wallet owners began receiving data breach notifications '
                'prompting recipients to download a fake Trezor Suite software '
                'that would steal their recovery seeds. However, MailChimp '
                "confirmed that their service was compromised by an 'insider' "
                'targeting cryptocurrency companies.',
 'impact': {'data_compromised': ['Recovery Seeds', 'Cryptocurrency Wallets']},
 'initial_access_broker': {'entry_point': 'Email'},
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'root_causes': 'Compromised Mailing List'},
 'threat_actor': 'Insider',
 'title': 'Phishing Attack on Trezor Hardware Wallet Users',
 'type': 'Phishing',
 'vulnerability_exploited': 'Compromised Mailing List'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.