SatoshiLabs Reveals Sophisticated Phishing Attack Behind Fraudulent Token Presale Listings
Summary:
SatoshiLabs, the creators of Trezor X, experienced a security breach where fraudulent presale token advertisements were published on their official X account. The company disclosed that it was a sophisticated phishing attack, not the suspected SIM swap attack. Notably, this breach didn't affect the security of Trezor hardware wallets or other products. An investigation revealed that the fraudulent event was a result of an elaborate impersonation scheme over several weeks, involving a disguised malicious link shared during a fake interview with SatoshiLabs’ CEO. This security breach follows a similar attack in January that exposed almost 66,000 users' contact information.
SatoshiLabs, producer of Trezor X, has recently provided an explicit description of an event characterized by the fraudulent advertising of presale tokens on its primary X account. This security infringement, the company revealed, was a product of an intricate phishing maneuver, and not the suspected SIM swap assault. SatoshiLabs underscored their disuse of SMS for dual-factor authentication (2FA), championing secure verification techniques. However, these measures were unable to avert a succession of unauthorized and false postings, thereby urging individuals to transmit funds to an unconfirmed wallet address and malicious links pinpointing a sham token presale.
Blockchain detective, ZachXBT, made his considerable following of 528,000 on X cognizant of Trezor's potential breach through a post on the platform dated March 19. The official X account of the hardware wallet company, Trezor, produced a range of illicit posts associated with counterfeit presale token pitches. SatoshiLabs shared that they discovered the illicit access to their X account on that same day, March 19, potentially a product of a well-crafted and deliberate phishing campaign conceived over multiple weeks.
After deciphering the breach, the deceitful posts were swiftly detected and eradicated, consequently mitigating potential harm. In a statement made by the firm, they stress that the recent breach "didn’t compromise the security of Trezor hardware wallets or any other product offering."
The infiltration of the X account of SatoshiLabs can be traced back to an intricate phishing plan spanning over several weeks. Delving further into the matter, it was learned that the attacker had posed as a reliable entity in the crypto world from as far back as February 29. The impostor made direct contact with SatoshiLabs’ PR team while projecting the image of being a credible X account with significant followers, proposing an interview with the CEO.
Upon agreeing to the interview, the imposter shared a dangerous link disguised as a Calendly calendar invitation. This link prompted one team member for their X login credentials, raising immediate red flags. The interview was rescheduled, and during the follow-up meeting, the attacker, feigning technical glitches, managed to integrate their Calendly with SatoshiLabs’ X account.
Earlier this year, in January, Trezor experienced a security violation exposing the communication details of close to 66,000 of its users. As per the data available on Trezor's website, since its commencement in 2012, the wallet maker has sold more than two million hardware wallets.
Published At
3/22/2024 1:44:43 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.