There were phishing attacks targeting one of the popular crypto hardware wallets, Trezor.
Related: Satoshi Labs has stopped deliveries of Trezor hardware wallets to Russia
The company released reports informing that the email marketing company MailChimp confirmed their service being exploited by an insider whose target became crypto products and services. Users posted screenshots of emails they had received from someone that used Trezor's name. The emails told them to download an updated version of the wallet as the previous one was hacked. This way, they would be able to steal data and use it. Doubting that the email was legit, receivers shared the news on Twitter.
MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.
— Trezor (@Trezor) April 3, 2022
We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected. 1/
Trezor informs that the team took the fake domain offline, and started to find out the number of the user addresses that were affected. The company said they wouldn't communicate by the newsletter until the issue is settled. Trezor told users not to open any mail messages that will come from their name until an official notice.
It added that users need to make certain that they use anonymous addresses for BTC-related activity. A later tweet from the company said that the domains trezor(.)us and suite(.)xn--trzor-o51b(.)com have been taken down.