2024-3-26 15:58 |
This post aims to address concerns surrounding a breach of our official X (formerly, Twitter) account earlier this week. Despite stringent security protocols, including strong passwords and two-factor authentication, we detected unauthorized activity on our X account at 11:53 PM on Tuesday 19 March. The breach appears to have arisen from a sophisticated and calculated phishing attack that was in the works for weeks.
We want to stress here that the security of all our products remains unaffected. This incident has in no way impacted or compromised the security of Trezor hardware wallets or any of our other products. Your Trezor device and Trezor Suite remain safe to use.In the spirit of full transparency and to address any concerns around our commitment to security, we felt it necessary to share a preliminary report on the incident. Please note, that the investigation is ongoing.
SummaryWhat we knowSteps takenAn appealFAQsSummaryDespite our robust security measures recommended by the platform, including the use of strong passwords and two-factor authentication (2FA), our X account (https://twitter.com/Trezor) was compromised on the evening of Tuesday 19 March (We want to clarify that we do not make use of SMS for 2FA, and instead employ more secure methods of authentication). The attackers pushed out a series of unauthorized and misleading posts, including asking users to send funds to an unknown wallet address, with nefarious links to a fraudulent token presale.
We were alerted to the breach at 11:53 PM, and the fraudulent posts were quickly identified and removed shortly after their appearance, mitigating the extent of the damage.
What we knowThe breach of our X account has unfolded to be a sophisticated phishing attack, planned over the course of weeks.From our investigation, we have understood that the attackers engaged in a calculated scheme that began on February 29, 2024, posing as a credible entity from the crypto space, complete with a well-crafted social media presence and a seemingly genuine interest in dialogue.The impersonator, using an X handle with thousands of followers, approached our PR team over X, under the guise of scheduling an interview with our CEO.Over several days, the conversation advanced with credible back-and-forth communication.This set the stage for a call, that culminated in the sharing of a malicious link, disguised as a Calendly invite.Our team member, upon clicking the link, was redirected to a page requesting X login credentials, a red flag that prompted immediate suspicion and cessation of the interaction.The meeting was rescheduled.At the time of the meeting, the attacker feigned technical issues and urged our team member to “authorize” joining the call. The authorization was however a prompt to connect the attacker’s Calendly app with our X account. In the urgency of the moment, our team member confirmed the connection. The breach has been traced in X’s authentication logs.As the Calendly app was under the attacker’s possession, they were able to send the fraudulent tweets on our behalf.Internal steps takenOur initial focus was on mitigating the impact of the incident.We swiftly deleted the unauthorized posts and revoked all active sessions, including those of third-party apps, to prevent further unauthorized access.We have also initiated a comprehensive security audit to fully investigate the breach, focusing on identifying the method used by the attackers to bypass our security measures.An appealTrezor, as the world’s pioneering hardware wallet, has been serving the Bitcoin and cryptocurrency space since 2013. We want to affirm that the core of what we’ve built over these years is unwavering security. In light of the recent incident, it is crucial to understand that the security of all our products and our internal systems remains intact.
We realize there are some concerns. However, the breach of our X account should not reflect on the integrity of our products. Here’s why,
Trezor wallets are designed to keep your digital assets offline and safe from online vulnerabilities.Our security architecture ensures that critical operations, like transaction signing, occur within the secure confines of your Trezor device, never exposing your private keys.The trust in our products is built upon rigorous, industry-leading security practices, which include regular audits and continuous testing.This is why we have opted to keep our software and hardware open-source and public, ready for any kind of testing if need be.This is what has helped us earn the trust of over 1.5 million customers globally.
FAQsWhat measures are being taken to secure Trezor’s social accounts?We have always taken utmost care across all of our communication channels. Even before the current incident, we had put in place stringent security protocols, including strong passwords and two-factor authentication. Our investigation has revealed the sophisticated nature of the attack that was in the works for weeks. Going ahead, we will continue to implement enhanced security protocols for all our external communications channels.
Can such breaches affect the security of my Trezor wallet?No.
Your funds remain safe. However, as always, such incidents serve as reminders to exercise caution when dealing with unauthorized links. Do not enter your recovery seed anywhere unless in your Trezor device upon recovery. Also, please note, that under no circumstance will any Trezor representative seek your recovery seed, over email, customer support, website, or any form of communication. And, there are no plans for any kind of token sale, whatsoever.
Unfortunately, in the global business landscape, collaboration with third-party platforms (X, in this case) remains essential, though it comes with inherent challenges. We continue to re-evaluate our security protocols concerning third-party apps.
Update: Addressing concerns around our recent X (Twitter) account breach was originally published in Trezor Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.
origin »Medium (MDM) íà Currencies.ru
|
