Phishing: The Root of Compromised X Account

SatoshiLabs, the company responsible for Trezor X, has provided a detailed explanation of an incident in which fraudulent presale token announcements were posted on their official X account. The company explained that this breach was the result of a phishing attack, not a SIM swap attack as previously suspected. SatoshiLabs wanted to emphasize that they do not use SMS for two-factor authentication (2FA) and instead employ more secure authentication methods. Despite these precautions, attackers were able to make unauthorized and misleading posts on their X account. These posts included requests for users to send funds to an unknown wallet address along with harmful links that directed users to a fake token presale.

An independent blockchain investigator named ZachXBT informed his 528,000 followers on X about a potential breach by Trezor on March 19. The official X account of Trezor, a hardware wallet manufacturer, had published a series of malicious posts that promoted fraudulent presale token offerings. SatoshiLabs discovered unauthorized access to their X account on the same day, suspecting that it was a sophisticated phishing attack planned by hackers over several weeks. Once SatoshiLabs became aware of the breach, they quickly identified and removed the deceptive posts to minimize potential harm. They made it clear that the security of their products, including Trezor hardware wallets, had not been compromised.

The breach of SatoshiLabs’ X account was the result of an intricate phishing scheme carried out over a few weeks. Investigations revealed that the attackers impersonated a credible entity in the cryptocurrency community and created a convincing social media presence. They engaged in authentic discussions to appear legitimate. Under the guise of an established X account with a large number of followers, the impersonator contacted SatoshiLabs’ PR team to suggest an interview with the CEO. During this process, a malicious link disguised as a Calendly calendar invitation was shared. When a team member clicked on this link, they were prompted for their X login credentials, raising suspicions. The meeting was then rescheduled. In the subsequent session, the attacker successfully linked their Calendly account to SatoshiLabs’ X account by feigning technical issues.

It’s worth noting that Trezor had experienced a security breach in January that exposed the contact information of almost 66,000 users. As stated on their website, the wallet manufacturer has sold more than two million hardware wallets since its launch in 2012.

Beckie Dunkelberger

Beckie Dunkelberger

8 thoughts on “Phishing: The Root of Compromised X Account

  1. This is a complete failure of security measures! How could SatoshiLabs let this happen?

  2. It’s unfortunate that hackers are taking advantage of the cryptocurrency community. We must stay united against these threats! 🤝🛡️

  3. It’s unfortunate that hackers are using such deceptive tactics. We need better cybersecurity measures to combat these schemes.

  4. Phishing attacks like this show how crucial it is to employ multiple layers of security and authentication methods. Keep innovating, SatoshiLabs!

  5. SatoshiLabs needs to take responsibility for this breach and take stronger measures to prevent future attacks.

  6. I’m glad SatoshiLabs took immediate action to remove the deceptive posts. It’s essential to minimize the potential harm caused by cybercriminals.

  7. I appreciate ZachXBT for notifying his followers about this potential breach. Community support is crucial in fighting against cyber threats. 🤝💪

  8. Kudos to SatoshiLabs for their transparency and addressing the issue promptly! Trust is key in the crypto world.

Leave a Reply