A Metamask and Trust Wallet Vendor Was Hit by Ransomware Attack

In a Monday blog post, Transak, a platform that has partnered with popular crypto wallets like MetaMask, Trust Wallet, Coinbase, and Ledger to offer on-ramp and off-ramp services to users, revealed that it has suffered a security breach that affected about 1.14% of its total user base (57,000 users). 

Transak is a fiat-to-crypto payment gateway that enables users to buy and sell crypto using various payment methods, including bank transfers, card payments, etc. 

Trust Wallet Compromised via Employee Laptop

According to the platform, the hacker gained access to its security through an employee’s laptop via a targeted phishing attack. Then the hacker leveraged the stolen data to access Transak’s third-party KYC vendor’s system, used for document scanning and verification. 

Consequently, the attacker obtained unauthorized access to the vendor’s dashboard and stole the user data stored within it.

Concerning the severity of the attack, Transak added in its blog post, “After our thorough checks, we can confidently confirm that no financially sensitive information, including email addresses, phone numbers, passwords, credit card details, Social Security Numbers, or any other financial data, was compromised in any way. Our financial systems’ security measures remain robust, and we continue to protect all critical data, ensuring the highest level of privacy and security for our users.”

The firm also stated that users’ assets are safe since Transak is “a fully non-custodial platform.”

Stormous Group Takes Credit for Transak Crypto Data Breach

Following Transak’s security breach, the notorious ransomware group, Stormous, came forward to claim responsibility for the crypto hack. Transak reported that the security breach compromised only the names and basic identity details of a small user subset, whereas the attackers asserted broader data exposure.

Stormous alleged that it obtained 300GB of sensitive user data, including IDs, financial documents, and Know Your Customer (KYC) verification selfies.

They also published select stolen information and threatened Transak to pay a ransom of $30,000 to avoid leaking additional data. However, Transak still maintains that the security breach affected only non-sensitive data of a limited user base. 

Transak advised impacted users to remain vigilant for potential suspicious activity and assured that they are actively addressing the issues. The company has engaged with relevant data protection authorities, including the UK’s Information Commissioner’s Office (ICO) and regulatory bodies in the EU and US, to ensure compliance and resolution.

In a similar report, blockchain protocol, Radiant Capital, suffered a security breach and lost more than $51 million to hackers.