Fake cryptocurrency wallet Trezor app circulating in overseas App Store = report

1 year ago 80

Fake Trezor App

Regarding the crypto asset (virtual currency) hardware wallet Trezor, the possibility that fake smartphone apps have been posted on the Apple App Stores in the United States and the United Kingdom has surfaced.

The official wallet app provided by Trezor is called “Trezor Suite Lite”, but the counterfeit app is said to be ranked high in search results under the name “Trezor Wallet Suite”. *After checking, “Trezor Wallet Suite” is not displayed in the Japanese Apple App Store (at the time of writing).

🚨 Security Alerts 🚨

The first search result for “Trezor” in the Apple @AppStore is a malicious application that will request your seed phrase, allowing its operators to steal all of your crypto.

The name of the malicious application is “Trezor Wallet Suite.” You can verify… pic.twitter.com/vWsXTHpkYK

— Rafael Yakobi (@Deliver8tor) June 19, 2023

Rafael Yakobi, a partner at The Crypto Lawyers, said the fake app had been on the Apple App Store for weeks. He warned that users who entered their seed phrase (recovery phrase) on the fake app were at risk of their assets being stolen.

What is a seed phrase

A human-readable version of the wallet’s private key. Consisting of 12 to 24 English words, the seed phrase is required to unlock the wallet. If you lose your seed phrase, you may lose access to your wallet and lose your stored cryptocurrencies.

▶Cryptocurrency Glossary

Trezor is a company that manufactures cryptocurrency hardware wallets. Devices such as the Trezor One and Trezor Model T can be used to store cryptocurrencies offline.

The smartphone app Trezor Suite Lite is designed as a slave device that syncs with the desktop app “Trezor Suite”, and its functionality is limited to “watch-only” (balance check). Users can use Android and iOS devices to track their asset status or receive virtual currency on the go.

connection:Self-managed hardware wallet hits record weekly sales

Cold wallets are getting more attention

Hardware-based wallets, also known as “cold wallets,” are used for tasks such as storing, sending, and receiving cryptocurrencies. These devices keep the “private key” of your wallet separate from the internet, which has the advantage of physically protecting your assets from online hacking attacks.

In November 2022, the bankruptcy of major cryptocurrency exchange FTX and the diversion of customer assets became apparent, and the need for self-management measures increased rapidly. As a result, sales of hardware wallets such as Ledger and Trezor surged in a short period of time.

However, on the other hand, a certain amount of knowledge is required to properly utilize hardware wallets. There are always concerns about the complexity of managing cryptocurrencies on your own and the risks of losing or stealing private keys and seed phrases.

It has also been pointed out that it may be difficult to protect assets if the hardware wallet itself is physically stolen. In a technique known as an “RDP downgrade attack,” an attacker with specialized hardware or knowledge can manipulate (glitch) the voltage of the STM32 microchip, bypass the protections in place, and extract the contents of flash memory. It is

In response, Trezor said it is developing a new security configuration for its hardware wallet and plans to solve the problem of RDP attacks.

What is a hardware wallet

A device that stores a private key. The device itself is not the wallet, but the device stores the private key to access the wallet. Install a dedicated app on your computer, connect an external device to it, and manage it. While it is not connected to a computer, it becomes an offline wallet (cold wallet) that is not connected to the Internet.

▶Cryptocurrency Glossary

connection:Unciphered points out vulnerabilities in hardware wallets, may exploit Trezor products

The post Fake cryptocurrency wallet Trezor app circulating in overseas App Store = report appeared first on Our Bitcoin News.

Read Entire Article