Trezor's X Account Breach: Unveiling the Dark Side of Crypto Scams
Mar 20, 2024
On March 19th, 2024, Trezor's official X social media account suffered a significant security breach, believed to be a result of a SIM-swap attack, wherein hackers exploited vulnerabilities to promote crypto scams. The compromised account began endorsing a fake token presale for "$TRZR" on the Solana blockchain, prompting concerns from blockchain investigator ZachXBT and crypto security firm Scam Sniffer. The fraudulent posts directed users to send funds to unauthorised Solana wallet addresses controlled by the attackers, alongside links to "wallet drainer" contracts aimed at siphoning digital assets. Despite the removal of these deceptive promotions, an estimated $8,100 was stolen, marking a reputational setback for Trezor, a leading cryptocurrency hardware wallet provider known for its security-centric approach. Criticism ensued, with notable figures like crypto analyst John Holmquist questioning the absence of robust security measures such as two-factor authentication, suggesting potential vulnerabilities in the firm's defences.
Previous
Next