Posted on April 25, 2022 at 7:29 PM
Financial software firm Intuit Inc is facing a class-action lawsuit over the recent phishing attack on Trezor wallets. The lawsuit was filed by victims of the cryptocurrency heist, with a man from Illinois losing $87,000 worth of crypto from his Trezor wallet.
Intuit has been blamed for its failures to secure its Mailchimp marketing product, which ultimately led to the theft of cryptocurrencies from their Trezor wallets.
The class-action lawsuit also named Intuit’s subsidiary Rocket Science Group LLC for the failures. The phishing attack occurred on April 4, seven months after Intuit completed the acquisition of Mailchimp for $12 million.
When Mailchimp announced the hacking incident, it stated that the alteration affected the ‘audience data’ from more than 100 clients, which includes crypto wallet vendor Trezor.
According to the details, the threat actors used a social engineering attack to deliver fake emails to the Trezor clients.
The emails requested them the targets to slick on a link, which is a disguised trojan horse. The link was designed to look like Trezor’s app, as users fell victim to the con. To make it more convincing, the threat actors warned the user about a “data breach” that has infiltrated their accounts.
It asked users to click on the link to prevent any damage or theft of their data and account information. However, when they click on the link, rather than taking them to the genuine www.trezor.io website, it takes them to https://suite.trẹzor.com.
An Exceptional Attack In Its Sophistication
According to the report, the bogus Trezor app has features that make it look too convincing for people to believe it’s a genuine app.
For instance, the little dot under the “e” is strategically placed in a way that most people won’t notice. Most social engineering scammers are now using special Unicode characters to deceive users. They are usually linked to the Unicode domain phishing attack.
The attack features similar tactics used in most phishing hacks. Once the targeted user clicks on the bogus link, they are asked to enter their personally identifiable information (PIAA), which includes their names and passwords. If the user obliges to the request, the malware is unleashed into the user’s computer.
Trezor says the attack is exceptional in its sophistication, indicating that it was carefully planned and executed.
Chief Information Security Officer of Mailchimp, Siobhan Smyth, stated that the platform was notified about the hacking incident on March 26, 2022, through an account administration tool that was unlawfully infiltrated.
Trevor To Boost Its Security Infrastructure
Sources inside Trezor, who preferred to remain anonymous, stated that the attack is probably by a Mailchimp insider that has gone rogue. While an investigation is still ongoing, the lawsuit sowed that a Mailchimp employee was also among those that clicked on the fake link. The employee could be unaware of the situation or it could give the investigators a hint about the perpetrators of the incident.
Meanwhile, the victims whose accounts were compromised are not relenting in their efforts to see that they are compensated or a majority of their funds are recovered from the platform.
Smyth stated that the company sincerely apologizes to users for the incident, recognizing that it raises questions regarding the security of the platform. But he assured users and customers that the company still maintains a strong security structure that withstands all manner of attacks.
“We take pride in our security culture, infrastructure, and the trust our customers place in us to safeguard their data,” Smyth added. He stated that although the security team is confident in the measures in place, it is still working to boost the platform with stronger security protocols to make it impenetrable in the future.
More Hackers Target Companies For Crypto Heist
Although hackers have been stealing cryptocurrencies from DeFi platforms in the past, the amount involved was usually far less than the funds being stolen now. Hackers have netted a total of $2.9 billion from 38 different hacking incidents in roughly 38 weeks. This is close to the $3.2 billion stolen in all of 2021.
Hackers have intensified efforts to steal cryptocurrencies from platforms. They have engaged in large-scale theft, with some stealing as much as $100 million in the recent Beanstalk hacking incident. It was reported that the Trezor hackers stole almost $182 million worth of digital assets, which amounts to the entire ETH coins held in the protocol. This makes it the fifth-largest crypto heist ever.