Trezor Warns Wallet Users of Phishing Attack Linked to Ledger Hack
- Trezor suggests that attackers appear to be using data obtained from the hack of a competitor’s e-commerce database.

The crypto wallet provider confirmed that its customer data has not been leaked. Instead, Trezor suggests that attackers appear to be using data obtained from the hack of a competitor’s e-commerce database. It added that the timing and scope of this phishing scheme suggest that the hackers who obtained the data are blindly sending texts to customers, and created phishing links for them to enter their seeds.
Trezor is apparently referring to cryptocurrency hardware wallet firm, Ledger, which was hacked in June when attackers managed to break into their database and steal data belonging to roughly a million customers. The information exposed to hackers included names, shipping addresses and phone numbers.
“The attackers may have bought competitors’ customer data from a dark market, where breached data is often sold, allowing them to send malicious links to any contacts listed in that data. The scammer is sending links to a fake version of the Trezor website, a replica of wallet.trezor.io, which has been modified to ask visitors for their recovery seed, completely exposing their coins. Once the user enters their seed on the fake webpage, the attacker simply replicates their wallet and sends the funds to an address they own,” the crypto firm further explains.
Trezor Plays Down the Risks
Moreover, Trezor makes clear that it will never ask for important information such as recovery seed, identification numbers or passwords over text messages. To help in securing users against possible breaches of data, Trezor added they routinely anonymize all customer data and remove all records from its e-commerce system after 90 days of placement orders.
Open a Trading Account Today With These Recommended Brokers
While hardware wallets are often used as a Cold Storage Cold Storage Cold storage is a computer system or mode of operation that is designed for the retention of inactive data, in this case private keys for cryptocurrencies. This helps put up resilient barriers against theft by hackers and malware, and is often a necessary security protocol especially dealing with large amounts of Bitcoin.In order to “own” a cryptocurrency, one must be in control of a cryptocurrency’s private keys. As such, private keys are long strings of random characters that can be used to send cryptocoins.Benefits of Cold StorageMany cryptocurrency experts recommend that you don’t keep your coins on an exchange at all rather, keeping them in a cold wallet of your own. Overall, cold storage helps control for a number of threats such as theft.This includes signing transactions with private keys in an offline environment. However, transactions initiated online are temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer. This itself creates risks that must be accounted for.These private keys can be stored in several different ways. By extension, when they are stored inside of a device that is connected to the internet, they are said to be in a hot wallet.When they are stored in a device (i.e. a hardware wallet) that is not connected to the internet, or on a piece of paper (a paper wallet), they are said to be in cold storage.Because cryptocurrencies that are kept in cold storage do not have an active connection with the internet, cold storage is considered to be a much safer method of keeping coins secure. After all, you can’t hack into a piece of paper.When searching for a cryptocurrency exchange, it is imperative to make sure that the exchanges you use keep their cryptocurrencies in cold storage. This vastly reduces the risk of losing the funds that you keep on an exchange to a hacker. Cold storage is a computer system or mode of operation that is designed for the retention of inactive data, in this case private keys for cryptocurrencies. This helps put up resilient barriers against theft by hackers and malware, and is often a necessary security protocol especially dealing with large amounts of Bitcoin.In order to “own” a cryptocurrency, one must be in control of a cryptocurrency’s private keys. As such, private keys are long strings of random characters that can be used to send cryptocoins.Benefits of Cold StorageMany cryptocurrency experts recommend that you don’t keep your coins on an exchange at all rather, keeping them in a cold wallet of your own. Overall, cold storage helps control for a number of threats such as theft.This includes signing transactions with private keys in an offline environment. However, transactions initiated online are temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer. This itself creates risks that must be accounted for.These private keys can be stored in several different ways. By extension, when they are stored inside of a device that is connected to the internet, they are said to be in a hot wallet.When they are stored in a device (i.e. a hardware wallet) that is not connected to the internet, or on a piece of paper (a paper wallet), they are said to be in cold storage.Because cryptocurrencies that are kept in cold storage do not have an active connection with the internet, cold storage is considered to be a much safer method of keeping coins secure. After all, you can’t hack into a piece of paper.When searching for a cryptocurrency exchange, it is imperative to make sure that the exchanges you use keep their cryptocurrencies in cold storage. This vastly reduces the risk of losing the funds that you keep on an exchange to a hacker. Read this Term method, they are not exempt from data breaches. Earlier this year, Kraken Security Labs disclosed a glaring flaw in the Trezor’s flagship hardware wallets, which allows attackers to steal the data stored within the devices.
Kraken cybersecurity researchers claim that the physical theft of encrypted seed can happen within 15 minutes of gaining access to the crypto wallet. While this flaw could only be exploited if there is physical access to the device, Kraken noted that it could only be fixed by overhauling the underlying design of Trezor’s products.
Trezor’s response was to point out that they are aware of this voltage glitching in the STM32 microchip, which allows an attacker with specialized hardware knowledge to obtain the encrypted recovery seed from the device.
More interestingly, Trezor attempted to underplay the significance of the issue, saying that the main threat and concern for crypto users were online and remote attacks, adding that any hardware is hackable.
The crypto wallet provider confirmed that its customer data has not been leaked. Instead, Trezor suggests that attackers appear to be using data obtained from the hack of a competitor’s e-commerce database. It added that the timing and scope of this phishing scheme suggest that the hackers who obtained the data are blindly sending texts to customers, and created phishing links for them to enter their seeds.
Trezor is apparently referring to cryptocurrency hardware wallet firm, Ledger, which was hacked in June when attackers managed to break into their database and steal data belonging to roughly a million customers. The information exposed to hackers included names, shipping addresses and phone numbers.
“The attackers may have bought competitors’ customer data from a dark market, where breached data is often sold, allowing them to send malicious links to any contacts listed in that data. The scammer is sending links to a fake version of the Trezor website, a replica of wallet.trezor.io, which has been modified to ask visitors for their recovery seed, completely exposing their coins. Once the user enters their seed on the fake webpage, the attacker simply replicates their wallet and sends the funds to an address they own,” the crypto firm further explains.
Trezor Plays Down the Risks
Moreover, Trezor makes clear that it will never ask for important information such as recovery seed, identification numbers or passwords over text messages. To help in securing users against possible breaches of data, Trezor added they routinely anonymize all customer data and remove all records from its e-commerce system after 90 days of placement orders.
Open a Trading Account Today With These Recommended Brokers
While hardware wallets are often used as a Cold Storage Cold Storage Cold storage is a computer system or mode of operation that is designed for the retention of inactive data, in this case private keys for cryptocurrencies. This helps put up resilient barriers against theft by hackers and malware, and is often a necessary security protocol especially dealing with large amounts of Bitcoin.In order to “own” a cryptocurrency, one must be in control of a cryptocurrency’s private keys. As such, private keys are long strings of random characters that can be used to send cryptocoins.Benefits of Cold StorageMany cryptocurrency experts recommend that you don’t keep your coins on an exchange at all rather, keeping them in a cold wallet of your own. Overall, cold storage helps control for a number of threats such as theft.This includes signing transactions with private keys in an offline environment. However, transactions initiated online are temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer. This itself creates risks that must be accounted for.These private keys can be stored in several different ways. By extension, when they are stored inside of a device that is connected to the internet, they are said to be in a hot wallet.When they are stored in a device (i.e. a hardware wallet) that is not connected to the internet, or on a piece of paper (a paper wallet), they are said to be in cold storage.Because cryptocurrencies that are kept in cold storage do not have an active connection with the internet, cold storage is considered to be a much safer method of keeping coins secure. After all, you can’t hack into a piece of paper.When searching for a cryptocurrency exchange, it is imperative to make sure that the exchanges you use keep their cryptocurrencies in cold storage. This vastly reduces the risk of losing the funds that you keep on an exchange to a hacker. Cold storage is a computer system or mode of operation that is designed for the retention of inactive data, in this case private keys for cryptocurrencies. This helps put up resilient barriers against theft by hackers and malware, and is often a necessary security protocol especially dealing with large amounts of Bitcoin.In order to “own” a cryptocurrency, one must be in control of a cryptocurrency’s private keys. As such, private keys are long strings of random characters that can be used to send cryptocoins.Benefits of Cold StorageMany cryptocurrency experts recommend that you don’t keep your coins on an exchange at all rather, keeping them in a cold wallet of your own. Overall, cold storage helps control for a number of threats such as theft.This includes signing transactions with private keys in an offline environment. However, transactions initiated online are temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer. This itself creates risks that must be accounted for.These private keys can be stored in several different ways. By extension, when they are stored inside of a device that is connected to the internet, they are said to be in a hot wallet.When they are stored in a device (i.e. a hardware wallet) that is not connected to the internet, or on a piece of paper (a paper wallet), they are said to be in cold storage.Because cryptocurrencies that are kept in cold storage do not have an active connection with the internet, cold storage is considered to be a much safer method of keeping coins secure. After all, you can’t hack into a piece of paper.When searching for a cryptocurrency exchange, it is imperative to make sure that the exchanges you use keep their cryptocurrencies in cold storage. This vastly reduces the risk of losing the funds that you keep on an exchange to a hacker. Read this Term method, they are not exempt from data breaches. Earlier this year, Kraken Security Labs disclosed a glaring flaw in the Trezor’s flagship hardware wallets, which allows attackers to steal the data stored within the devices.
Kraken cybersecurity researchers claim that the physical theft of encrypted seed can happen within 15 minutes of gaining access to the crypto wallet. While this flaw could only be exploited if there is physical access to the device, Kraken noted that it could only be fixed by overhauling the underlying design of Trezor’s products.
Trezor’s response was to point out that they are aware of this voltage glitching in the STM32 microchip, which allows an attacker with specialized hardware knowledge to obtain the encrypted recovery seed from the device.
More interestingly, Trezor attempted to underplay the significance of the issue, saying that the main threat and concern for crypto users were online and remote attacks, adding that any hardware is hackable.