Hackers build like-for-like open-source app to try and steal crypto

Hacker hacking on a laptop.
(Image credit: GETTY - boonchai wedmakawand)

Phishing attacks have already been proven to be a danger to all kinds of PC users in 2022 but are especially rampant in crypto and NFT spaces. We've already seen scammers use Discord to try to steal cryptocurrencies, and NFTs swindled in the OpenSea phishing scam.

Now the cryptocurrency wallet provider, Trezor has found its users under attack. Reported by Bleeping Computer, Trezor's mailing list was used to target users, and trick them into downloading a fake version of the software designed to steal their crypto assets.

The original Trezor software is open source, so the code is available to download and in this case be manipulated by others. It's likely this spoofed version is just very so slightly changed from the original as it still even has the Trezor banner warning customers to beware of phishing scams.

Once downloaded, the software asks for a recovery phrase that would have been set by the user when setting up their wallet the first time. This recovery phrase acts as a key to get back into the wallet if lost. Once the user enters the key, then it's game over. The recovery phrase is sent back to the scammers who can now claim all your crypto assets for themselves.

Window shopping

Windows 11 Square logo

(Image credit: Microsoft)

Windows 11 review: What we think of the new OS
How to install Windows 11: Safe and secure install
What you need to know before upgrading: Things to note before downloading the latest OS
Windows 11 TPM requirements: Microsoft's strict security policy

It goes without saying that you should always be incredibly careful using recovery keys for anything online. With phishing scams this sophisticated it can be incredibly difficult to tell a legitimate site or program from a fake. Even the websites associated with the download for this particular scam looked legitimate due to the use of special characters. It's always a good idea to double check anything asking for a security key or password, there are absolutely dragons out there. 

Trezor believes this particular dragon targeted one of its newsletters hosted on the automated email platform Mailchimp and was co-opted for nefarious purposes. Trezor also stated in a tweet that Mailchimp confirmed that an insider had targeted crypto companies, but there's yet to be a statement from Mailchimp itself on the issue.

See more

For now it's best to treat every email with a bit of suspicion, and definitely do a few checks before handing over any information, or installing files onto your PC. Logging into the service normally on a different browser or machine is always a smart step if something looks suspicious. Typing links manually instead of clicking on them, and double checking them against the known website is also a good move to avoid trouble.

With all these hacks targeting crypto currencies in particular, it could be that avoiding them all together may also be the best way to stay safe out there in these interesting times. And don't forget to update your passwords!

Hope Corrigan
Hardware Writer

Hope’s been writing about games for about a decade, starting out way back when on the Australian Nintendo fan site Vooks.net. Since then, she’s talked far too much about games and tech for publications such as Techlife, Byteside, IGN, and GameSpot. Of course there’s also here at PC Gamer, where she gets to indulge her inner hardware nerd with news and reviews. You can usually find Hope fawning over some art, tech, or likely a wonderful combination of them both and where relevant she’ll share them with you here. When she’s not writing about the amazing creations of others, she’s working on what she hopes will one day be her own. You can find her fictional chill out ambient far future sci-fi radio show/album/listening experience podcast right here.

No, she’s not kidding.