Trezor, a prominent provider of hardware wallets renowned for its security solutions in the crypto industry, found itself in the crosshairs of cybercriminals in a recent sophisticated hack, resulting in the theft of at least $8,100.
The breach came to light after ZachXBT, a respected on-chain detective, raised an alarm about suspicious activities on Trezor’s social media account. Reports indicated that fraudulent messages endorsing a fake presale of a token named “$TRZR” on the Solana Network were circulated to Trezor’s followers.
These messages prompted users to transfer funds to a specific Solana wallet address, redirecting them to sites equipped with wallet drainers. To bolster engagement, hackers also referenced Slerf, another memecoin on the Solana network, in an attempt to lure unsuspecting users towards malicious contracts.Although Trezor swiftly removed the posts and addressed the situation, the hackers managed to siphon an estimated $8,100 from Trezor’s Zapper account before being thwarted.
Scam Sniffer, a platform dedicated to identifying crypto scams, corroborated ZachXBT’s findings, further affirming the severity of the breach.Criticism of Trezor’s security lapse has been widespread, especially given its esteemed reputation in the industry. Jon Holmquist, a crypto security researcher, characterized the incident as a significant setback for Trezor.
Founded in 2012 by SatoshiLabs, Trezor has long been hailed for its pioneering hardware wallet solutions, boasting over two million devices sold worldwide and leveraging Secure Element chip technology. However, recent events have underscored vulnerabilities, including XSS and CSRF issues in its integrations.This isn’t Trezor’s first brush with security threats either. Earlier this year, the company issued a warning about malicious emails impersonating the Trezor team, attempting to phish users’ seed phrases.
