In the attack, cybercriminals deployed an internal tool to acquire information about 102 Mailchimp clients, one of which is the cryptocurrency cold storage provider Trezor, Mailchimp confirmed to the press on Monday, April 4, as reported by The Verge. After that, they mass-emailed Trezor users over the weekend, claiming their accounts were compromised in a data breach and that they had to update their Trezor Suite, as well as set up a new PIN: Notably, Trezor itself confirmed the breach on Twitter on Sunday, April 3, stating that the emails were part of the phishing campaign targeting crypto companies. The company also detailed what exactly had occurred in a blog post, where it quoted its CTO Tomáš Sušánka as saying: Additionally, Trezor said that users had nothing to worry about unless they entered their seed phrase into the downloaded malicious app.
Not the first hacking experience for Trezor cold wallets
Interestingly, Finbold reported in January on Dan Reich, an electrical engineer who managed to recover his digital assets worth more than $2 million in a Trezor One hardware wallet after losing his PIN. Reich explained the entire process in a detailed YouTube video. Trezor later commented on the video, explaining that it had fixed the exploit he used: As offline physical devices, hardware crypto wallets are considered very difficult to hack using malware and viruses and thus one of the safest ways to hold one’s DeFi assets. However, they’re still vulnerable to elaborate social engineering campaigns that trick users into revealing sensitive information.