SatoshiLabs, the company responsible for designing and selling Trezor crypto hardware wallets, has released a comprehensive explanation of an incident that resulted in the posting of fraudulent presale token announcements on its official X account.
According to SatoshiLabs, the breach in security was a result of a phishing attack, not a SIM-swap attack as initially suspected. The company made it clear that it does not use a mobile device for two-factor authentication, opting for an alternative method instead.
Despite taking precautions, unauthorized individuals managed to make a series of misleading posts, including requests for users to send funds to an unidentified wallet address along with harmful links that directed users to a fraudulent token presale site.
Blockchain expert ZachXBT, who has over 528,000 followers on X, alerted his audience about Trezor’s suspected breach in a post on March 19.
SatoshiLabs detected the unauthorized access to its X account on March 19 and now believes it was a well-planned phishing attack carried out by hackers over several weeks.
Once the breach was discovered, the deceptive posts were swiftly identified and removed, minimizing the damage. The company stated:
“Investigations indicate that starting on Feb. 29, the attackers posed as credible entities in the cryptosphere. They maintained a convincing social media presence and engaged in seemingly authentic discussions.”
Under the guise of an established X account with thousands of followers, the impersonator contacted SatoshiLabs’ public relations team, suggesting an interview with the CEO. This led to a meeting being arranged, during which the impersonator shared a malicious link disguised as a Calendly calendar invitation.
One of the team members became suspicious when prompted for their X login credentials after clicking the calendar link. However, the meeting was rescheduled. In the subsequent session, where the attacker pretended to face technical difficulties, they successfully linked their Calendly to SatoshiLabs’ X account.
It is worth noting that Trezor experienced a security breach in January, which resulted in the exposure of the contact information of nearly 66,000 users. Since its launch in 2012, the wallet maker has sold over two million hardware wallets.
Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story