Trezor: This security flaw puts 66,000 users at risk
Another security vulnerability occurs at a wallet manufacturer. This time the Czech company Trezor is affected. This could put around 66,000 users at risk. Just a month ago, a Ledger hack caused a stir.
Trezor: This security flaw puts 66,000 users at risk
Wallet manufacturer warns users of a security gap. A total of 66,000 people are at risk of becoming the target of a phishing attack. The Czech company recently published a report that revealed many contact details.
No Wallet systems themselves are affected by the security gap. Instead, the problem occurred with a service that the company uses to answer customer inquiries.
“The security incident we discovered impacted customers who have interacted with Trezor support since December 2021,” Trezor explained.
However, compared to the absolute number of users of the hardware wallets, the number of 66,000 people is comparatively small. Most users of Czech devices should therefore not notice any change.
Our internal review of the incident indicates possible access to contact information limited to email and name/nickname.
Accessing this data may result in customers receiving suspicious emails in which unknown individuals impersonate Wallet in order to obtain users’ private keys. Sensitive data of this type should not be shared with anyone else at any time.
Wallet has already sent a broadcast message to all customers who are potentially affected. It warns urgently against disclosing private keys.
“So far, we have not observed an increase in phishing activity as a result of this security incident,” announces Trezor.
Security vulnerability in hardware wallet manufacturer: What happened?
Many details about the security vulnerability remain hidden in Trezor’s report. It is known that the error occurred via a third-party service. This may be the popular support service Zendesk, which the company appears to use.
On January 17th, the company noticed access via unauthorized persons. The access was due to an error in the support service system. Trezor is not to blame for this, at least that is the company’s self-assessment.
As part of the investigation, 41 attempted fraud cases were identified. In not a single case was the fraud successful.
Just last month, an incident involving Ledger caused uncertainty in the market. Ledger is the largest manufacturer of hardware wallets, Trezor is one of its most popular competitors. In the Ledger incident, a software hack caused six-figure damage.
