Wir untersuchen einen möglichen Datenschutzverstoß bei einem Opt-in-Newsletter, der auf MailChimp gehostet wird.

Dieses Thema hat 21 Antworten sowie 2 Teilnehmer und wurde zuletzt vor vor 2 Jahren, 9 Monaten von mkin11 aktualisiert.

Ansicht von 21 Antwort-Themen

Autor

Beiträge
- 22. Mai 2022 um 01:34 Uhr #820331
  
  root_s2yse8vt
  Administrator
  
  Up
  0
  Down
  ::
  MailChimp hat bestätigt, dass ihr Dienst von einem Insider kompromittiert wurde, der es auf Kryptounternehmen abgesehen hat. Es ist uns gelungen, die Phishing-Domain offline zu nehmen. Wir versuchen zu ermitteln, wie viele E-Mail-Adressen betroffen sind.
  
  Es kursiert eine betrügerische E-Mail, die vor einer Datenpanne warnt. Öffnen Sie keine E-Mails, die von folgenden Adressen stammen [noreply@trezor.us](mailto:noreply@trezor.us), es handelt sich um eine Phishing-Domäne.
  
  Bis die Situation geklärt ist, werden wir nicht per Newsletter kommunizieren. Öffnen Sie bis auf Weiteres keine E-Mails, die von Trezor zu stammen scheinen. Bitte stellen Sie sicher, dass Sie anonyme E-Mail-Adressen für Bitcoin-bezogene Aktivitäten verwenden.
  
  UPD: Status-Update über den laufenden Angriff: [https://blog.trezor.io/ongoing-phishing-attacks-on-trezor-users-edd840b17304](https://blog.trezor.io/ongoing-phishing-attacks-on-trezor-users-edd840b17304)
- 22. Mai 2022 um 01:35 Uhr #820332
  
  Photolunatic
  Gast
  
  Up
  0
  Down
  ::
  I did not sign in for MailChimp newsletter but purchased a wallet straight from you. The scam came to the same email I gave to Trezor to get confirmation of the order.
  
  I am not a happy bunny and would like some answers.
- 22. Mai 2022 um 01:35 Uhr #820333
  
  lookingaroundblind
  Gast
  
  Up
  0
  Down
  ::
  Its malware.
  
  This is a complete failure on Trezors mods and Reddit admins to control disinfo on their sub.
  
  The issue was clearly reported almost 20 hours ago and each and every thread was massively downvoted to the point it would not show up on mobile app.
  
  
  
  [https://www.reddit.com/r/TREZOR/comments/tv0axk/trezor_malware_phish_yup_its_bad_snake_keylogger/](https://www.reddit.com/r/TREZOR/comments/tv0axk/trezor_malware_phish_yup_its_bad_snake_keylogger/)
  
  
  
  Its been posted countless times, all threads on all subs were downvoted to oblivion. 🙁
- 22. Mai 2022 um 01:35 Uhr #820334
  
  Midar3
  Gast
  
  Up
  0
  Down
  ::
  u/disco_tancuj, you should look into the heavy downvoting attack going on right now to surpress any mention of the scam. Even your post is downvoted into oblivion.
- 22. Mai 2022 um 01:35 Uhr #820335
  
  BitcoinAcc
  Gast
  
  Up
  0
  Down
  ::
  Please do also post this information in the relevant sticky thread over at r/Bitcoin:
  
  WARNING TREZOR USERS: The email from noreply@trezor.us is FAKE. Do not click the link!
  byu/SomeBrokeChump inBitcoin
- 22. Mai 2022 um 01:35 Uhr #820336
  
  anon13145088
  Gast
  
  Up
  0
  Down
  ::
  related phishing addresses (AVOID!):
  noreply@trezornews.io
  noreply@satoshilabs.co
  ţrezor.com
- 22. Mai 2022 um 01:35 Uhr #820337
  
  IAmIntractable
  Gast
  
  Up
  0
  Down
  ::
  My second set of emails came from sitoshilabs.co
- 22. Mai 2022 um 01:35 Uhr #820338
  
  busybeeback
  Gast
  
  Up
  0
  Down
  ::
  You should send out an email saying the other emails are scams.
- 22. Mai 2022 um 01:35 Uhr #820339
  
  Photolunatic
  Gast
  
  Up
  0
  Down
  ::
  Trezor was bosting that they managed to ban those spamming domains but…
  
  spammers managed to secure other domains to spam from
  
  1. https://suite.trezoŕ dot com
  2. noreply at satoshilabs.co
  3. suite[.]xn--rezor-6db[.]com
  4. suite.ţrezor[.]com
  5. noreply@trezornews[.]io
  6. ţrezor[.]com
  7. sitoshilabs[.]co
  
  TREZOR you will not recover from this. Such an amateur level of security.
  Shame on you.
- 22. Mai 2022 um 01:35 Uhr #820340
  
  brianddk
  Gast
  
  Up
  0
  Down
  ::
  This is why `DKIM` is important. Since nothing from `trezor.io` with a valid `DKIM` signature, ignoring the phish should be a no-brainer.
  
  Not that any phish should convince someone to type their seed. But `DKIM` tests should definitely be used regardless.
- 22. Mai 2022 um 01:35 Uhr #820341
  
  pieceofmind199
  Gast
  
  Up
  0
  Down
  ::
  Lots of questions emerging, now we’d like to know how is Trezor protecting its software distribution infrastructure: https://www.reddit.com/r/TREZOR/comments/tuxgdv/how_to_verify_trezor_suite_download_is_authentic/
- 22. Mai 2022 um 01:35 Uhr #820342
  
  brunogeronimo
  Gast
  
  Up
  0
  Down
  ::
  I wrote an article about my investigations on the case, in case someone is interested:
  
  https://bruno.ge/en/trezor/
- 22. Mai 2022 um 01:35 Uhr #820343
  
  LovelyDayHere
  Gast
  
  Up
  0
  Down
  ::
  > MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.
  
  Please post whatever information you can about this alleged MailChimp issue, as it seems very serious and perhaps others can avoid further problems if more aware of the further details, like any relevant MailChimp announcements / communications / info links.
- 22. Mai 2022 um 01:35 Uhr #820344
  
  call_me_at_1800
  Gast
  
  Up
  0
  Down
  ::
  So what does this mean ? are our wallets safe still ? I didn’t get no email thankfully .
- 22. Mai 2022 um 01:35 Uhr #820345
  
  [deleted]
  Gast
  
  Up
  0
  Down
  ::
  I got the fake email this morning, and it’s pretty convincing. Be careful. If you check the email, it comes from the **fake email address** [trezor.us](https://trezor.us). Delete the email, don’t click on the link and you should be safe.
  However, my email address was in the email and I want to know why. I bought my Trezor directly from you and trusted you but I start to have doubts. Trezor?
- 22. Mai 2022 um 01:35 Uhr #820346
  
  Photolunatic
  Gast
  
  Up
  0
  Down
  ::
  Seriously you are having a laugh Trezor.
  Announcement on Twitter as everybody uses it and follows you!
  Such a dumb idea.
  Even your Twitter posts are spammed now!@
  
  There should be a clear message on your main site: trezor.io
  Your reputation is ruined.
- 22. Mai 2022 um 01:35 Uhr #820347
  
  KotKosmonavt
  Gast
  
  Up
  0
  Down
  ::
  Only windows ? Or Mac os too ?
- 22. Mai 2022 um 01:35 Uhr #820348
  
  EfraimK
  Gast
  
  Up
  0
  Down
  ::
  „compromised by an insider targeting crypto companies.“ Just goes to show why it’s safer NOT to provide personally identifying data to companies. When the stakes are high enough, even malicious internal actors are tempted to breach customer trust. Lesson I’ve learned: if I can’t do business without divulging personal info (mobile #, non-disposable email address…) I’ll just have to miss the opportunity. 🙁
- 22. Mai 2022 um 01:35 Uhr #820349
  
  Feisty_Win_5098
  Gast
  
  Up
  0
  Down
  ::
  There is a high probability that the data of the customer who purchased the hardware and the email address of the registered newsletter overlap by 90 percent.Threads that post about such events are still **unable to upvote**. It was an **’excellent’** decision to host the data and the official response to this was quite **’quick’**.
  
  Well done mate!
- 22. Mai 2022 um 01:35 Uhr #820350
  
  JarAC77
  Gast
  
  Up
  0
  Down
  ::
  Trezor, Ledger, now they are officially the same thing
- 22. Mai 2022 um 01:35 Uhr #820351
  
  atlantarunning
  Gast
  
  Up
  0
  Down
  ::
  How does one use an “anonymous email address”?
- 22. Mai 2022 um 01:35 Uhr #820352
  
  mkin11
  Gast
  
  Up
  0
  Down
  ::
  Hi,
  
  I happen to have clicked on the update and both my bitcoin and Ethereum coins in my wallet were withdrawn to unknown addresses in a space of 4 minutes interval.
  
  Can someone advise me on the best possible course of action to take right now?
Autor

Beiträge

Ansicht von 21 Antwort-Themen

Du musst angemeldet sein, um auf dieses Thema antworten zu können.