The company, renowned for designing and marketing Trezor crypto hardware wallets, has provided a detailed account of an incident resulting in the posting of fraudulent presale token announcements on its official X account.

Contrary to initial suspicions of a SIM-swap attack, SatoshiLabs has determined that the security breach was a result of a phishing attack.

It’s highlighted that the company doesn’t employ a mobile device for two-factor authentication, opting for alternative security measures.

Despite these precautions, unauthorized and misleading posts were made by attackers, including requests for users to send funds to an undisclosed wallet address alongside harmful links redirecting users to a bogus token presale site.

Blockchain analyst ZachXBT, with a following of 528,000 on X, alerted his audience to Trezor’s suspected breach in a March 19 X post.

SatoshiLabs’ official X account, which belongs to the hardware wallet manufacturer Trezor, was utilized to publish a series of posts guiding users to fraudulent presale token offerings.

The breach into SatoshiLabs’ X account was detected on March 19, with suspicions raised of a sophisticated and premeditated phishing attack orchestrated by hackers over several weeks.

Once the breach was identified, the deceptive posts were swiftly removed to minimize damage. SatoshiLabs emphasized that the security of its products, including Trezor hardware wallets, remains unaffected.

Investigations suggest that beginning on Feb. 29, the attackers assumed the identities of credible entities within the crypto sphere, maintaining a convincing social media presence and engaging in seemingly authentic discussions.

Under the guise of a reputable X account with a substantial following, the impersonator contacted SatoshiLabs’ public relations team, proposing an interview with the CEO. Subsequently, a meeting was arranged, during which the impersonator shared a malicious link disguised as a Calendly calendar invitation.

Upon clicking the calendar link, prompting for X login credentials, suspicions were raised. Although the meeting was rescheduled, the attacker managed to link their Calendly to SatoshiLabs’ X account in a subsequent session, under the pretense of facing technical issues.

Trezor previously experienced a security breach in January, exposing the contact information of nearly 66,000 users. The wallet maker, which has sold over two million hardware wallets since its inception in 2012, continues to investigate and reinforce its security measures.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Trezor Reveals Phishing, Not SIM Swap, as Cause of Compromised X Account appeared first on Coin Engineer.

SIM Swap attacks are a common occurrence, and criminals gain control of a mobile phone by deceiving service providers and connecting the phone number to a SIM card in the hacker’s possession. The swapped phones can then be used for fraud activity.

In separate incidents, exploiters targeted at least two users, claiming to have fallen victim to a SIM swap attack. The attackers successfully drained over 42 Ether (ETH), totaling nearly $70,000 at current prices.

A user affected by the situation, @darengb, shared the situation as follows:

“If your Twitter account is in your real name, your phone number can be found and this can happen to you “.

The social application Friend.Tech has become one of this year’s most popular crypto platforms, generating consistent income and profits for its creators despite the bear market. As previously reported, the app gathered over 100,000 users within just two weeks of its live launch.

However, security risks remain a significant concern for any crypto platform. Hackers can employ various techniques, from smart contract manipulation to flash loan attacks, to exploit rich users using traditional methods.

You might like: Coinbase Obtains Major Payment Institution Licence in Singapore!

Here are some general recommendations for users and Friend.Tech:

1. Contact Your Mobile Operator: If you suspect unauthorized SIM card changes, immediately contact your mobile operator. Also they can help you regain control of your phone number.
2. Change Passwords: Change passwords for all online accounts, including Friend.Tech and sensitive ones. Utilize strong, unique passwords per account, and a password manager can assist in tracking them securely.
3. Enable Two-Factor Authentication (2FA): Activate 2FA wherever possible for Friend.Tech and crypto accounts, adding an extra layer of security to safeguard your assets, even if your password is compromised.
4. Exercise Caution with Personal Information: Refrain from linking your Friend.Tech or other online accounts to real-world profiles and phone numbers. Using aliases and disposable email addresses can enhance your privacy.
5. Monitor Your Accounts: Routinely monitor your crypto wallets and bank accounts for any unauthorized transactions. Timely detection can minimize potential losses.
6. Educate Yourself: Educate yourself about prevalent security threats like SIM swap attacks. Avoid divulging personal information online or via phone.
7. Utilize Hardware Wallets: Consider using hardware wallets to securely store your cryptocurrencies. Hardware wallets are highly secure since they are not connected to the internet, akin to software wallets or online exchanges.
8. Report the Incident: Report any SIM swap attacks to the police and relevant authorities. This action can aid investigations and identify the culprits.
9. Seek Professional Help: If faced with potential security breaches or attacks, seek assistance from experts to effectively address the situation.

You can freely share your thoughts and comments about the topic in the comment section. Additionally, please don’ t forget to follow us on our Telegram, YouTube and Twitter channels for the latest news.

The post Friend.Tech SIM Swap Attack! appeared first on Coin Engineer.