While Trezor stated there was “no email breach” and the situation is now under control, it did not confirm whether any users lost funds. The phishing attempt appears to have stemmed from data obtained in earlier hacks involving Trezor user records.
\n\n\n\nCyber intelligence groups had spotted listings on dark web forums advertising technical details of the exploit for $10,000. Trezor acknowledged this as the likely source of the attack.
\n\n\n\nTrezor and other major hardware wallet providers have faced similar issues in the past, as attackers continue to target self-custody users. This latest scam highlights the vulnerability of even trusted communication channels.
\n\n\n\nBy leveraging legitimate Trezor support emails and previously stolen user data, the attackers crafted a sophisticated phishing scheme capable of bypassing many users’ typical security awareness.
\n\n\n\nTrezor urged users to remain vigilant and to avoid interacting with any unexpected emails—even those appearing to originate from its own support channels. As always, the company reminded users:
\n\n\n\nTrezor was the world’s first hardware wallet brand, launched in 2014 by SatoshiLabs. It remains one of the most trusted names in cold storage for crypto—even as attackers continue to target its users.
\n\n\n\nTrezor warns of a phishing scam targeting its users by exploiting support emails via an HTML vulnerability. The attack may involve data from past breaches, with unknown impact.
Author: Tanishq Bodh
Written On: Mon, 23 Jun 2025 23:39:03 GMT
June 24, 2025 – Hardware wallet maker Trezor has issued a warning about a phishing scam targeting its customers, which used a previously undisclosed HTML vulnerability to edit the company’s own support emails and deliver malicious content.
While it remains unclear whether users fell victim to the scam, the incident highlights rising threats aimed at hardware wallet users amid a surge in crypto-related phishing campaigns.
According to Trezor’s advisory earlier today, attackers were able to exploit an HTML string vulnerability to modify automatic responses from Trezor’s support email system.
The phishing method worked as follows:
Important Update
— Trezor (@Trezor) June 23, 2025
We have identified a security issue where attackers abused our contact form to send scam emails appearing as legitimate Trezor support replies.
These scam emails appear legitimate but are a phishing attempt.
Remember, NEVER share your wallet backup — it must…
While Trezor stated there was “no email breach” and the situation is now under control, it did not confirm whether any users lost funds. The phishing attempt appears to have stemmed from data obtained in earlier hacks involving Trezor user records.
Cyber intelligence groups had spotted listings on dark web forums advertising technical details of the exploit for $10,000. Trezor acknowledged this as the likely source of the attack.
Trezor and other major hardware wallet providers have faced similar issues in the past, as attackers continue to target self-custody users. This latest scam highlights the vulnerability of even trusted communication channels.
By leveraging legitimate Trezor support emails and previously stolen user data, the attackers crafted a sophisticated phishing scheme capable of bypassing many users’ typical security awareness.
Trezor urged users to remain vigilant and to avoid interacting with any unexpected emails—even those appearing to originate from its own support channels. As always, the company reminded users:
Trezor was the world’s first hardware wallet brand, launched in 2014 by SatoshiLabs. It remains one of the most trusted names in cold storage for crypto—even as attackers continue to target its users.
Real voices. Real reactions.
Add your reaction to this story:
Our Crypto Talk is committed to unbiased, transparent, and true reporting to the best of our knowledge. This news article aims to provide accurate information in a timely manner. However, we advise the readers to verify facts independently and consult a professional before making any decisions based on the content since our sources could be wrong too. Check our Terms and conditions for more info.
BigONE Exchange Loses $27M in Supply Chain Attack
Hacker Returns Stolen Funds from $40M GMX Exploit
WhiteRock Founder Reportedly Arrested in UAE Over ZKasino Fraud Links
Quick Sync Exploited in Targeted Attack, Token Falls By 99% In 7 Days
BigONE Exchange Loses $27M in Supply Chain Attack
Hacker Returns Stolen Funds from $40M GMX Exploit
WhiteRock Founder Reportedly Arrested in UAE Over ZKasino Fraud Links
Quick Sync Exploited in Targeted Attack, Token Falls By 99% In 7 Days