Crypto news

You Won’t Believe How Hackers Used Trezor’s Support Desk Against Its Own Users

BBG News

This morning, Trezor—the brand trusted by crypto fans and nervous Bitcoin hoarders everywhere—decided to spice up everyone’s day with a dash of existential dread. The company admits that, yes, its very own support team was (accidentally) moonlighting as a front for a creative phishing scam. If that’s not innovation, what is? 🥲

Nobody really knows if anyone actually tumbled headfirst into this digital bear trap. Perhaps that’s reassuring, but it also means any poor sucker who did hasn’t piped up yet (probably too busy refreshing their wallet balance, hoping for a magic bounce-back). As for the culprits? They may have just recycled details from old data breaches. Reduce, reuse, scam—nature’s true cycle.

Crypto Wallet Users: It’s Always Your Turn to Suffer

Trezor, famed purveyor of tiny electronic vaults and false hope, is no stranger to hackers barnstorming its defenses. Lately, the whole crypto world seems to be the whackable mole in a hacker arcade, and it’s apparently Trezor’s turn… again.

So, picture the scene: Trezor customers, likely already stressed about their “investments” (read: what’s left after last month’s dip), received dire emails from support:

Important Update

We have identified a security issue where attackers abused our contact form to send scam emails appearing as legitimate Trezor support replies.

These scam emails appear legitimate but are a phishing attempt.

Remember, NEVER share your wallet backup — it must…

— Trezor (@Trezor) June 23, 2025

This wasn’t your average, “Hello, my dearest friend, I am a prince with secret keys” snooze-fest. No, this was diabolically smooth—a respectable social engineering heist. Trezor, channeling the inner voice of every PR department ever, insisted “no email breach” had occurred, because if you squint and tilt your head, technicalities are comforting.

Meanwhile, actual cyber sleuths were waving red flags, analyzing code, avoiding eye contact with the dark web’s resident used car salesmen. The new scam was already being offered for the price of a mid-range family vacation: $10,000. Buy now and receive one free existential crisis!

The masterstroke involved embedding HTML into Trezor’s own help desk emails. Users thought they were requesting help; what they got was a personalized invite to Hunter Biden’s laptop, or something equally suspicious. The email sprouted fake warnings and malicious links, and—just like that—your coins could take a little road trip.

If you’re the kind of person who expects disaster in your inbox, this one blended right in. The subject line was ominous, the body was helpful, and somewhere at the bottom, your last scrap of hope was getting phished.

This is all so thoroughly Web2 (scam-wise), yet even the gleaming hardware wallets got suckered. Last year, Trezor had to break the bad news that 66,000 would-be support seekers had their contact details gobbled up by unseen hands, and now, all that info is floating in internet back-alleys like supermarket flyers nobody wanted. 📬

Step-by-step, here’s the scam kit: Step 1: Buy old Trezor user data. Step 2: Buy the HTML hack. Step 3: Ruin someone’s week with a single “helpful” email. All without ever stepping foot inside Trezor’s actual systems. Truly the DoorDash of cybercrime.

So yes, Trezor fans, if you get an email that seems “a little off”—you’re not paranoid, you’re just paying attention. Maybe this will all blow over, or maybe the scammer is spending your coins on vintage Beanie Babies as we speak.

The bottom line? Everyone’s vulnerable, most people are tired, and there’s nothing like a good phishing scam to keep you humble. 😬

Read More

2025-06-23 22:02

Previous post Elden Ring Nightreign modders are already going ham with custom skins, including Optimus Prime, Stellar Blade’s Eve, and my #1 most-wanted outfit from Dark Souls
Next post ATHENA: Blood Twins: The Complete Currency Guide and Tips