Hardware wallet provider Trezor has explained the malicious emails sent to its users.
In a post to X, Trezor explained that it had discovered an unauthorized email impersonating the Trezor team from a third-party email provider it uses.
The malicious email, sent from the address “[email protected],” asks users to upgrade their “network” or face the loss of their funds, providing them with a malicious link leading to a web page where they must enter their seed phrase.
Trezor found that an unauthorized person had accessed the newsletter subscriber email address database and used a third-party email service to send a malicious email.
The project team has already managed to “deactivate the malicious link” and stated that the user’s funds will remain safe unless they enter their recovery seed.
It is noteworthy that attackers took advantage of a vulnerability in the MailerLite digital marketing platform just a few days before the incident. Posing as well-known cryptocurrency companies, unknown people were able to steal about $600,000. The scammers pretended to be representatives of CoinTelegraph, Token Terminal, Wallet Connect, and De.Fi in emails. The emails contained malicious links leading to sites created to steal crypto assets.