Trezor users are being coerced into disclosing their seed phrases. A new phishing campaign targeting cryptocurrency hardware wallet firm Trezor has been discovered.
These wallets enable cryptocurrency users to keep their funds offline rather than in a “hot wallet” (a mobile or desktop app) or with a third party (an exchange, a custodial service, or a lending/borrowing firm). In comparison to the alternatives, hardware wallets, also known as “cold wallets,” are widely regarded as a much safer way to store cryptocurrencies.
That also implies that anyone who is serious about cryptocurrencies (and has a significant amount) will most likely keep it in cold storage, making Trezor users an appealing target for cybercriminals.
“Securing” a compromised wallet
Trezor users began receiving SMS messages warning them of a “data breach” at the company and urging them to “secure” their devices immediately under this new campaign. The SMS message also includes a hyperlink that the victims should follow.
“Trezor Suite has recently endured a security breach, assume all your assets are vulnerable. Please follow the security procedure to secure your assets: [link],” the message reads.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: