In the late hours of Tuesday, Trezor’s X account was compromised. The hacker used the hardware wallet company account to promote a fake crypto presale with a malicious link attached.
Members of the crypto community quickly realized the suspicious activity from the company and alerted other X users about the scam. Since then, Trezor’s team has regained control of the account.
Crypto Community’s Solidarity, Hackers’ New Prey
In the now-deleted tweets, the hacker announced that Trezor was “willing to support the $SLERF Community.” Taking advantage of the ongoing efforts from crypto projects and exchanges to raise funds for the affected participants of the Slerf presale debacle.
Community alert: Trezor X/Twitter account is currently compromised pic.twitter.com/hNm2OUjEgE
— ZachXBT (@zachxbt) March 19, 2024
The unauthorized post offered the presale of a fake $TRZR token, which required interested users to send SOL to the hacker’s address. Additionally, Trezor supporters would receive a “separate bonus airdrop” if they went to a website linked in the post.
As it’s customary for phishing scams, the link would redirect to a wallet drainer that takes control of the person’s wallet after they try to “claim the airdrop tokens.”
The crypto community shared their thoughts on the hack. A user pointed out that the security breach was a “bad look” for the company as it focuses on crypto security. Others thanked the users who warned about the hack since it potentially saved them and others from falling for it.
It’s worth noting that many users have raised their concerns about the community’s reaction to the Slerf presale drama. They consider that raising funds for the participants affected sets a precedent of “bailing out” bad actors and will only “enable” similar behavior.
Moreover, scammers have been trying to prey on the community’s good faith to help potential victims and newcomers. As seen with the Trezor hack, the scammer seemingly tried to maximize its gains by utilizing the presale meta trend and the Slerf drama.
“Dumb” Hacker Or Smarter Community?
Usually, the recounting of crypto hacks ends with staggering figures being stolen, but for once, the tale is different. As reported by ZachXBT, the hacker managed to steal $8,100 from the unauthorized post, which includes the 25% drainer fee. As part of the loot, the hacker also received a “whooping 0.96 Solana,” as another user pointed out.
Many wondered if the small amount stolen was due to the community intelligently recognizing the scam or the hacker’s inability to perform a big heist. Whatever the case, this is a remarkable feat as the cold wallet company amasses over 200,000 followers that momentarily became potential victims.
— 赤 – 紅色的 (@Ikuma_On) March 20, 2024
Despite this small victory for the community, “It’s $8.1K more than 0,” as one user said. This raises the question of whether the hack was possible due to a lack of proper security measures or an inside job taking place.
No official explanation has been given yet. Nonetheless, Trezor acknowledged the hack in an X post earlier today.
Alert
We experienced a security incident on our X/Twitter account overnight, despite robust protections including a strong password and 2FA. We continue to investigate.
Please remain vigilant and remember, Trezor will NEVER request funds or assets be sent to any address.…
— Trezor (@Trezor) March 20, 2024
The company affirmed that the hack happened despite its “robust protections,” including two-factor authentication (2FA). At the time of writing, Trezor is continuing its investigation. The statement closed with a message for all users to “remain vigilant.”