Trezor Suffers Newsletter Phishing Attack via MailChimp Exploit

Lindelof’s upbeat post after positive test

Crypto hardware wallet company Trezor has confirmed that some of its users were the target of a phishing attack over the weekend. Trezor tweeted that it was investigating “a potential data breach of an opt-in newsletter hosted on MailChimp” and warned users to avoid opening emails from “[email protected]”.

MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.

We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected. 1/

— Trezor (@Trezor) April 3, 2022

“We will not be communicating by newsletter until the situation is resolved,” Trezor advised in a later post. “Do not open any emails appearing to come from Trezor until further notice. Please ensure you are using anonymous email addresses for bitcoin-related activity.”

Fake Security Breach Used as Bait

Trezor users shared warnings and screenshots of the phishing attempt from April 2, some noting it was a bare-faced ruse to induce users to download malicious code under the guise of Trezor’s Suite desktop app by alleging a fake security breach at the company:

Hey @Trezor, I just got an email from you or someone spoofing you that Trezor Suite might be compromised due to a hack. The email contains a link to download a newer version. Is that a legit email or a phishing email? Did you guys get hacked and find out about it today?

— Undisclosed ₿ (@BitcoinUndisc) April 3, 2022

A Trezor Good News Story

In a rare good news story associated with a similar incident in January, a hacker using the handle ‘Kingpin’ was able to bail out a user who’d forgotten the PIN to his Trezor One hardware wallet.

Kingpin later posted a video demonstrating how he managed to retrieve the user’s PIN:

The content and views expressed in the articles are those of the original authors own and are not necessarily the views of Crypto News. We do actively check all our content for accuracy to help protect our readers. This article content and links to external third-parties is included for information and entertainment purposes. It is not financial advice. Please do your own research before participating.

Read More


Please enter your comment!
Please enter your name here