The official X account of Trezor, a prominent hardware wallet manufacturer, has been compromised, leading to the dissemination of a series of fraudulent posts promoting dubious pre-sale token offerings. This suspected breach is believed to be the result of a SIM swap attack, as suggested by independent blockchain investigator ZachXBT in a post to his 528,000 X followers on March 19. Cryptocurrency security service Scam Sniffer also quickly flagged the suspicious activity.
Numerous fraudulent posts from Trezor's account endorsed fake pre-sale tokens named "Trezor $TRZR" on the Solana network. These posts urged users to send funds to a specified Solana wallet address and included links redirecting users to malicious wallet addresses. Furthermore, hackers reportedly siphoned approximately $8,100 from Trezor's Zapper account, as noted by ZachXBT in subsequent comments.
The fraudulent posts also made reference to a purported meme coin called Slerf on the Solana blockchain, likely employed as a lure to entice further interaction. However, many of these posts were swiftly removed within minutes of being published. This incident, characterized as a significant setback, drew criticism from cryptocurrency commentator John Holmquist, who questioned Trezor's adherence to robust security measures such as two-factor authentication (2FA) for its X accounts.
Concerns were also raised by X users regarding Trezor's inability to safeguard its own social media accounts despite being a hardware wallet company specializing in security. Some users expressed disappointment and irony at the situation, with one remarking on the paradox of a security-focused entity failing to heed its own advice.
Cointelegraph attempted to reach out to SatoshiLabs, the parent company of Trezor, for comment on the breach but did not receive an immediate response. This incident follows a security breach in January that exposed the contact details of nearly 66,000 Trezor users. Despite these setbacks, Trezor remains a significant player in the hardware wallet market, having sold over 2 million devices since its inception in 2012, offering users the ability to securely store a wide range of tokens offline.
















