As we all know, cold wallets or hardware wallets are devices capable of storing digital assets with almost absolute reliability and it is also very rare to record an attack directly on these wallets. . However, the hackers chose to take a detour instead of hitting it directly. The victim this time is the popular cold wallet brand Trezor.
Cold wallets are considered safe storage for cryptocurrencies
Over the weekend, many users reported receiving a suspicious email from a unit claiming to be “Trezor”. In terms of content, the email informs that the security team at the company has discovered a vulnerability serious enough to put the wallet owner’s assets at risk. At the end of the email, the attackers ask the user to download an “update” of the application to change the wallet password.
The content of the fake Trezor email, looks quite professional and neat
Through the form of presentation, it can be seen that this is a fairly professional email with neat words, no typos and relatively convincing content. However, a point of suspicion has arisen when the domain name of the emails is “@trezor.us”, more doubtful, if the user is brave enough to click on the link inside the email despite the risks. can be hacked right after the click, this link has a domain name ending with “.com”?
Software “update” download website
Normally, professional organizations and companies will all use the same domain name, not “.us” and “.com” like this. In addition, the official domain name of the company Trezor has the extension “.io”. Thus, it can be concluded that there is a group of hackers who are conducting a phishing attack against users who own Trezor cold wallets.
Very quickly after reports from users, Trezor found the problem. In the official announcement on Twitter, the famous cold wallet company confirmed that there was an issue of user information leakage. Specifically, Trezor partnered with an advertising email service company called Mailchimp, and the hacker somehow managed to get a list of email addresses of customers who signed up to receive news from Trezor.
In the latest announcement, Trezor also announced that it will stop communicating with customers via email until the investigation is complete. At the same time, the company also advises users not to click on any links attached to the website email with roots in Trezor, at least for the time being.
Spoofing attack is a fairly common method used by many hackers as the first step of an attack
In fact, phishing attack is not a new form, but it is relatively effective because the people behind often use the names of big brands to lure prey into traps. In addition to the field of cryptocurrencies, we have witnessed many different fake attacks in recent years with various forms such as disguised as reputable news sites or hiding in the shadow of blockbuster titles to “force” users to click on malicious links, and the consequences of this innocence are unpredictable.
at Blogtuan.info – Source: genk.vn – Read the original article here