Trezor X account compromised as hackers push phony Solana token

Cybercriminals targeted Trezor, a hardware wallet provider, in a sophisticated hack, stealing at least $8,100.

The breach was first brought to light by renowned on-chain detective ZachXBT, who issued an alert regarding suspicious activities on Trezor’s social media account X. According to reports, fraudulent messages promoting a fake presale of a token dubbed “$TRZR” on the Solana Network were disseminated to Trezor’s followers.

The messages directed users to send funds to a specific Solana wallet address, inadvertently leading them to sites equipped with wallet drainers. The hackers also referenced Slerf, another memecoin on the Solana network, thereby attempting to boost engagement and funnel unsuspecting users towards the malicious contracts.

Trezor acted swiftly to remove the posts and address the situation, but not before the hacker managed to extract an estimated $8,100 from Trezor’s Zapper account.

Scam Sniffer, a platform dedicated to identifying crypto scams, corroborated ZachXBT’s findings shortly after the warning was issued, confirming the breach.

Despite the relatively small amount stolen, the incident has been harshly criticized, especially considering Trezor’s reputation as a security company. Jon Holmquist, a crypto security researcher, described the breach as a “major L for Trezor.”

Founded in 2012 by SatoshiLabs, Trezor has been at the forefront of providing secure hardware wallet solutions for the storage and management of cryptocurrencies and other digital assets. With over two million devices sold globally, the brand is renowned for its Secure Element chip technology. However, recent events have highlighted vulnerabilities, including XSS (cross-site scripting) in older versions of Trezor Connect, CSRF (cross-site request forgery) issues in its Dropbox integration and missing path isolation checks.

This is not Trezor’s first encounter with security threats. Earlier this year, on Jan. 25, Trezor issued a warning about malicious emails being sent to its users from an impersonated Trezor team email. The phishing attempt asked users to upgrade their “network” or risk losing their funds, directing them to a malicious site where they were prompted to enter their seed phrase.

Further investigation revealed that an unauthorized individual had accessed the newsletter subscriber email database, using a third-party service to dispatch the harmful emails.

The breach follows on the heels of Trezor’s announcement of two new products at the Bitcoin Amsterdam conference on Oct. 12 last year – The Trezor Safe 3, the latest in their flagship series of hardware wallets, and Trezor Metal, a premium metal backup device, marking a major expansion of their product lineup despite the challenges faced.