Security Breach Summary
On March 19, Trezor’s Twitter account was hacked and used to promote a fake cryptocurrency presale. The hacker posted a link to a website that stole users’ funds.
Trezor’s Response
Trezor regained control of the account and published a preliminary report addressing concerns. They emphasized that the breach was not due to a lack of security measures, but rather a sophisticated phishing scam.
The Phishing Scam
The hacker posed as a credible entity from the crypto industry and contacted Trezor’s PR team. Over several days, they built trust and scheduled a call.
During the call, the hacker sent a malicious link disguised as a Calendly invite. When a Trezor team member clicked the link, it redirected them to a page that requested their Twitter login credentials.
The hacker gained access to the account and posted the fake presale posts.
Impact of the Breach
The hacker stole a small amount of funds: $8,100 from the wallet drainer and 0.96 SOL (around $162) from the fake presale address.
Conclusion
Trezor’s security measures remain intact. The breach was the result of a sophisticated phishing scam that bypassed their defenses. The crypto community’s vigilance and the suspicious nature of the unauthorized posts helped prevent a larger heist.
