In the early hours of Tuesday, Trezor’s X account was compromised. The hacker used the hardware wallet company’s account to promote a fake crypto presale with a malicious link attached.
Members of the crypto community quickly noticed the company’s suspicious activity and warned other X users about the scam. Trezor’s team has since regained control of the account.
Solidarity of the crypto community, new prey for hackers
In now-deleted tweets, the hacker announced that Trezor was “willing to support the $SLERF community.” Leveraging the ongoing efforts of crypto projects and exchanges to raise funds for affected participants of the Slerf pre-sale disaster.
Community Alert: Trezor X/Twitter account is currently compromised pic.twitter.com/hNm2OUjEgE
-ZachXBT (@zachxbt) March 19, 2024
The unauthorized post offered to pre-sell a fake $TRZR token, which required interested users to send SOL to the hacker’s address. Additionally, Trezor supporters would receive a “separate air bonus” if they visited a website linked in the post.
As is customary with phishing scams, the link would redirect to a wallet drainer who would take control of the person’s wallet after they attempted to “claim the airdrop tokens.”
The crypto community shared their thoughts on the hack. A user pointed that the security breach was a “bad look” for the company as it focuses on cryptographic security. Others thanked users who alerted them to the hack, as it potentially saved them and others from falling for it.
It’s worth noting that many users have expressed their concerns about the community’s reaction to the Slerf pre-sale drama. They consider that fundraising for affected participants sets a precedent for “rescuing” bad actors and will only “enable” similar behavior.
Additionally, scammers have attempted to take advantage of the community’s good faith to help potential victims and newcomers. As seen in the Trezor hack, the scammer apparently tried to maximize his earnings by using the pre-sale trend target and the drama Slerf.
“Dumb” hacker or smarter community?
Typically, reports of crypto hacks end with staggering numbers being stolen, but for once, the story is different. As reported by ZachXBT, the hacker managed to steal $8,100 from the unauthorized postage, which includes the 25% drain fee. As part of the loot, the hacker also received a “0.96 Solana whoop,” according to another user pointed outside.
Many wondered whether the small amount stolen was due to the community’s clever recognition of the scam or the hacker’s inability to pull off a major heist. Whatever the case, this is a remarkable feat as the cold wallet company has amassed over 200,000 followers who have momentarily become potential victims.
— 赤 – 紅色的 (@Ikuma_On) March 20, 2024
Despite this small victory for the community, “It’s $8,100 more than 0”, as one user said. This raises the question of whether the hack was possible due to a lack of adequate security measures or an inside job occurring.
No official explanation has been given yet. However, Trezor acknowledged the hack in an X post earlier today.
🚨 Alert 🚨
We had a security incident on our X/Twitter account overnight, despite robust protections including a strong password and 2FA. We continue investigating.
Please remain vigilant and remember, Trezor will NEVER request funds or assets to be sent to any address.…
– Trezor (@Trezor) March 20, 2024
The company stated that hack happened despite its “robust protections” including two-factor authentication (2FA). At the time of writing, Trezor was continuing its investigation. The statement ended with a message for all users to “remain vigilant.”
Bitcoin is trading at $63,400 in the hourly chart. Source: XUSDT on Trading.view.com
Featured image from Unsplash.com, chart from TradingView.com
Disclaimer: The article is provided for educational purposes only. It does not represent NewsBTC’s opinion on buying, selling or holding any investments and, naturally, investing carries risks. We advise that you conduct your own research before making any investment decisions. Use the information provided on this website at your own risk.