Trezor wallet recently underwent a phishing attack, according to Trezor’s official blog post. They mentioned that they were facing complaints of an invalid Secure Sockets Layer [SSL] certificate.
The certificate warning was said to have raised with respect to phishing attempts on the site. The attack vectors used were speculated to be Domain Name System [DNS] poisoning or a Border Gateway Protocol [BGP] hijacking.
DNS poisoning is an attack that exploits certain vulnerabilities in the DNS protocol, which allows attackers to divert traffic from legitimate servers to fake ones. Notably, this exploit was used to attack the Great Firewall of China in 2010.
BGP hijacking, also known as prefix hijacking, is an attack that takes over groups of IP addresses. This is done by corrupting internet routing tables maintained by the protocol.
The attack caused the fake Trezor wallet to display an alert message that asked the user to restore their recovery seed. According to Trezor, this constituted the “second red flag” as the language used in the alert message was incorrect.
On the third red flag, they said:
“The third red flag was the method of recovery (seed check) — the fake site forces the user to enter both the order number as well as the seed word into the computer.”
They went on to notify users about the necessary security measures to be taken to avoid falling for the attack. They emphasized the fact that users should never enter their recovery seeds on a computer, and only enter it on their Trezor device. They also notified users to check for the “Secure” sign in the address bar of their browser. The team stated:
“Always verify all operations on your Trezor device. You should only trust the device display and what is written on it…never divulge sensitive or private data to anyone. This includes us at SatoshiLabs. We will never ask you for your recovery seed. Trezor Wallet will never ask you for your recovery seed. Only your Trezor device may, but it will do so securely.”
Furthermore, they said that the fake wallet has been taken down by the hosting provider, urging users to remain vigilant and report suspicious sites.
The post Warning! Trezor wallet undergoes phishing attack, team offers security advice appeared first on AMBCrypto.