Eine Menge Leute posten “Trezor geleert”, sollte ich mir Sorgen machen?
Home › Foren › Trezor Wallet › Eine Menge Leute posten “Trezor geleert”, sollte ich mir Sorgen machen?
- Dieses Thema hat 20 Antworten und 1 Teilnehmer, und wurde zuletzt aktualisiert vor 1 Monat, 3 Wochen von DarwinsTheory4Real.
-
AutorBeiträge
-
-
7. März 2024 um 04:33 Uhr #3518888root_s2yse8vtAdministrator::
Ich habe viele Beiträge gesehen und viele Leute gehört, die sagen, dass sie schon eine Weile in Krypto sind und aufgewacht sind, als ihr Trezor leer war. Offensichtlich sagen sie, dass sie nirgendwo Seed ausgesetzt haben oder den Pin irgendwo ausgesetzt haben. Sollte ich besorgt sein? Oder ist da mehr an der Geschichte dran. Vielleicht Betrug? Kann mir das jemand erklären?
-
7. März 2024 um 04:33 Uhr #3518889imflukeGast::
Ensuring the security of your Trezor wallet involves a combination of best practices and awareness of potential vulnerabilities. By acknowledging that human error often presents the greatest risk, you can significantly improve your security posture. To protect your Trezor from attacks, it’s essential to focus on the following measures:
1. Utilize a strong passphrase that is longer than 10 characters, incorporating a mix of uppercase and lowercase letters, numbers, and special characters. Ensure your passphrase is unique and not derived from easily guessable sources, such as book excerpts or song lyrics.
2. Always verify the firmware’s signature on your Trezor’s display against the official signature available on the Trezor website whenever you perform a firmware upgrade. This step is crucial in safeguarding against unauthorized or malicious software updates.
3. Use your Trezor exclusively on your personal computer or a computer that you are confident is secure and free from malware that could record your keystrokes. Ensuring the device you use is clean and secure is essential in preventing unauthorized access to your wallet.
Implementing these strategies will effectively shield you from the majority of technology-driven attacks. However, it’s important to recognize that social engineering attacks present a more nuanced challenge. These types of attacks exploit human psychology rather than technological weaknesses and require a different approach to defense. As such, staying informed and vigilant against these tactics is vital, regardless of the device you are using.
Edit: Apparently, the second point is not needed, as the device’s bootloader checks the signature’s validity.
Edit 2: The third point is less critical on devices that have a direct interface for entering the passphrase.
-
7. März 2024 um 04:33 Uhr #3518890toast_trainingGast::
If you practice good seed / passphrase hygiene , check addresses on device and basic physical security and don’t fuck with shitcoin smart contracts then you are not going to get your Trezor drained. Every genuine report here is where the user fucked up somehow. Remember that one guy last month? Turns out his PIN was the same as his door code and he got drained by his housesitter – that’s the dumb shit people do.
-
7. März 2024 um 04:33 Uhr #3518891TropixgrowsGast::
I feel a bit uneasy every time I see these types of posts.
Seems about half of the time it ends up being stolen by someone they know (physical access to device and info). The other half I never hear anything again. Maybe some are FUD posts from their competition.
I agree, it’s a worry. My trezor sits there packed away but I have pangs of worry that I will plug it in and there will be nothing on it.
-
7. März 2024 um 04:33 Uhr #3518892
-
7. März 2024 um 04:33 Uhr #3518893
-
7. März 2024 um 04:33 Uhr #3518894Vakua_LupoGast
-
7. März 2024 um 04:33 Uhr #3518895
-
7. März 2024 um 04:33 Uhr #3518896crunchyeyeballGast::
It almost always turns out to be poor security practices.
Users will initially swear that their seed was just written down on paper, but later let slip something daft like “*well, I did type it into Metamask*”, or “*I did take a photo of it*”, or “*I did re-enter my seed after that ‘support email’*”.
-
7. März 2024 um 04:33 Uhr #3518897
-
7. März 2024 um 04:33 Uhr #3518898
-
7. März 2024 um 04:33 Uhr #3518899
-
7. März 2024 um 04:33 Uhr #3518900
-
7. März 2024 um 04:33 Uhr #3518901
-
7. März 2024 um 04:33 Uhr #3518902benjaminchodroffGast::
Trezor (or any hardware wallet) does not protect your physical seed phrase backup, or stop you from signing a malicious transaction. I’ve been using Trezor for over seven years and I have zero regrets – but I’ve also been extremely careful with ensuring the seed phrase is locked up and I avoid signing transactions with my cold wallet address.
-
7. März 2024 um 04:33 Uhr #3518903
-
7. März 2024 um 04:33 Uhr #3518904
-
7. März 2024 um 04:33 Uhr #3518905
-
7. März 2024 um 04:33 Uhr #3518906EfraimKGast::
Respectfully, OP, this isn’t the place to ask that question. Arguably, the majority here are Trezor’s fanbase. The replies you get are likely to be severely biased. Do your own research on Google, in other crypto rooms on Reddit and other social media platforms–especially ones that don’t support community censorship (for other than violating the law….). Also check out [posts on Trezor’s own community](https://forum.trezor.io/) .
Be wary of posts or communities disparaging or dismissing others for becoming victims of increasingly complex web3 (and other) fraud. [2023 saw billions taken in web3 scams](https://cointelegraph.com/news/1-8-billion-lost-web3-hackers-fraudsters-2023-immunefi), but the tech-fan communities would have you believe this is the fault of victims. Yet few complain when they’re scammed out of TradFi money but are covered by consumer protection laws. There are still many serious fraud risks the crypto-tech space through its armies of fans and slick marketing teams tries to minimize. But no one is likely to care or make you whole if you become a victim. DYOR. Good luck.
-
7. März 2024 um 04:33 Uhr #3518907
-
7. März 2024 um 04:33 Uhr #3518908DarwinsTheory4RealGast::
I heard a rumor that if an airdrop magically appears, it may be connected to a scam that can access your Trezor if you try to send the airdrop back to the sender.
I don’t know if that’s true. Perhaps someone here can verify.
I like the first answer here (3 steps). Safe is determined by privacy. Keep everything a secret from everyone else. Find a way to do that. And, trust the keys only to someone who has a legal responsibility to keep your information secret.
-
-
AutorBeiträge
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.