The malicious Trezor app has been downloaded over 1000 times and may have already caused some serious problems to unsuspecting users.
Leading hardware wallet Trezor has warned its users of a malicious app that has been uploaded on the Google play store. Through a tweet posted on Monday, Trezor indicated the malicious application has no affiliation or relation whatsoever with SatoshiLabs or Trezor. Meanwhile, the company reminded its users never to share their seed phrase with anyone unless the Trezor device requests it.
Warning to all Trezor owners using Android devices!
This app is malicious and has no relation to Trezor or SatoshiLabs. Please, don't install it.
Remember that you should never share your seed with anyone until your Trezor device asks you to do it! pic.twitter.com/6C3iKfPDnR
— Trezor (@Trezor) January 18, 2021
The malicious Trezor app has notably been downloaded over 1000 times thus likely having caused intended damage to some unsuspecting users.
Google has been blamed for not putting the necessary measures to curb malicious applications on its platform. Ostensibly, the malicious Google app had over 360 reviews all deemed to be faked. As a precautionary measure, Trezor provided a secure Google link to allow users to download the real application.
Trezor App and the Crypto Space Security
Trezor is a major crypto project that has securely facilitated digital asset adoption. With the increased crypto adoption, Trezor has been continually attacked, particularly targeting high net worth investors.
Previously, a hacker was identified to have compromised Trezor’s database. Notably, the compromised database was feared to have leaked the user’s physical address, thus putting Trezor’s customers at risk.
With the ongoing crypto bull run, the crypto industry is shifting to a major financial system that requires a top-notch security system.
News outlet Cointelegraph previously reported that a similar malicious application had been uploaded on the Google Play Store. The trend is alarming as an unsuspecting user can submit to the scam and ends up losing their investment.
In another incident, Trezor reported a DDoS attack on its online shop. Although the attack that happened at the tail end of last month did not affect users’ security system, it demonstrated the extent to which attackers are willing to go.
With most crypto projects still global and less regulated by individual jurisdictions, crypto scams and theft tend to take longer due to their sophisticated nature. Mind you, most digital assets are non-reversible and do not share participants’ details. As a result, collective efforts from different crypto projects are required to bring down a scam and recover stolen funds.
The process can be tedious and time-consuming and other times bear no fruits. This should apparently be a wake-up call to all crypto investors to be responsible for their investment.
Notably, security experts recommend crypto users to store their digital assets away from hot wallets mostly in exchanges. Particularly because they do not have control of security keys that enables them to retrieve their assets in case of an attack.
next