Trezor hardware wallet has been compromised already a few months ago, and now there are new problems. How to protect yourself from them properly?
Unrepairable bug and pshishing scam
Exactly a few months ago the world of cryptocurrency security circulated information about the effective and, most importantly, cheap, physical attack on Trezor’s wallet.
It means nothing else that the physical theft of Trezor wallet, can end up losing the total funds through the extraction of private keys. And it turns out to be only with the help of equipment worth well under a hundred dollars in five minutes. However, it turns out that it’s not completely like the creators said it would take $100,000 to launch such an attack at all.
The creators of the equipment, in its very design assumptions, were already aware of the allegedly irreparable error in the bug we are talking about here. Therefore, it appears that all Trezor wallets produced in the past and hopefully, they no longer have such a bug.
And how to avoid them at all?
Certainly the answer to this question is to protect Trezor’s wallet with a minimum length of thirty-seven random characters.
A new method of scamming information through identically constructed websites, so phishing is the latest way of fraudsters’ actions, from which we want to protect you as much as possible.
It only happened two weeks ago, when one of the Trezor users clicked on a classic website that only seemed to be so. However, it was not a normal browser wallet. He was immediately informed about the latest version of the software, which needs to be updated thoroughly. To do this at all, you need SEED, or 12 or 24 words that encrypt your wallet.
Later on, all the funds were lost.
What was the reason for that? It turned out that the reason for the loss of funds are phishing sites that occur in the form of advertising, which positions the first positions in Google. The addresses of these sites are slightly different from the original address – one time you add a letter more, another time you add a dot and so on.
This ultimately leads to the extortion of information and then often to financial resources. The biggest illusion is the visually constructed identical website, which even contains identical animations.
And how to avoid it?
Nobody and never and nowhere, apart from the device itself, should share SEED – twelve out of twenty-four words.
The address for the browser version of the Trezor wallet should always be entered manually in the address bar.
AdBlock can be installed as an option.
Actually, that’s it. We hope that at least one person will be able to save us from losing our cryptocurrencies. You really need to be careful and watch out, especially for websites that impersonate the original software vendors themselves.