Danny @Trezor

Me after realizing I’m the bank now.

@rsquare @safe @Trezor Thanks Rahul, excited to have Safe 7 in @safe. Two times Safe!

How to level up your @safe setup? Use it with @Trezor safe 7 via TrezorConnect. Having diversity across your signing devices is critical to your secure setup.

@shefiorg @Trezor

Yesterday in class with @trezor: 🔐 The girls securing the bag — literally.

@FP_Block @Trezor @EthCC Let's talk hardware🤝See you there!

We’re excited to have Danny Sanders (@Dantoshi), CCO at @Trezor, joining us as a speaker at our event during @EthCC in Cannes. Trezor has played a foundational role in defining hardware wallets and advancing the self custody movement in crypto. As the industry matures, secure asset ownership remains one of the most important pieces of infrastructure.

Hi, we are currently seeing a new wave of phishing emails as well as physical letters. We will never contact you via letter. Follow these tips to protect yourself: trezor.io/learn/security… Although we have no record of our users' physical addresses being leaked, we have confirmed that the attackers are using a combination of data from various leaks of databases from different crypto services. It's possible that some KYC information may have been compromised, and the attackers are trying their luck. In any case, it's difficult to determine this without further information.

@sesi_the_man @Trezor is this real? @Dantoshi

This arrived recently, at my home. Ironic that so many of the people who profess cYpHeRpUnK values and scream the loudest that "trusted third parties are security holes" are the same people who invest in and promote the companies that make these kinds of attacks possible.

Trezor Safe 7 now integrates with Safe {Wallet} via Trezor Connect. 🎉 Sign and track transactions on desktop or mobile, and manage your onchain assets with hardware‑level security. Try it today. @SafeLabs_

Shame on you @Financien. Painting Bitcoin as a poisoned apple to kids? The only one selling fairytales about money here is you. 🍎🪞 #WeekVanHetGeld

@Lahannin “More polish, make no mistakes”

@Dantoshi did someone say "include a Polish(ed) dark mode"?

Real me on dispatch vs. Claude's better version of me 🥰

@exodus @Trezor @Ledger Match made in heaven 🫶🏻 Top tier Hardware Wallets 🤝 Exodus.

Not your keys, not your coins. Pair your Exodus wallet with @Trezor or @Ledger -- your private keys stay completely offline, while you manage everything through Exodus. Here's how 👇

Best cold wallet?

Bought one of the new Trezor Safe 7 devices recently and set it up the other day The onboarding process was easily the best hardware wallet set up I’ve done in a long time. Has my stamp of approval

@beausecurity @Trezor Thank you for the kind words and love to hear that you enjoyed the set up / onboarding flow. A lot of work is going into make that feel seemless. 🙏

@Dantoshi This is why I Trezor. you guys got your priorities right.

Bitcoin is for the people, crypto is for the machines.

We are looking for our first DevRel Manager at @Trezor! A lot of great stuff is cooking and we need someone awesome to build out relationships within ecosystems and developer communities. Apply below or dm for more info!

@bitrefill Transparency first 👏. It’s crazy out there 😬

March 1st incident report On March 1, 2026, Bitrefill was the target of a cyberattack. Based on indicators observed during the investigation - including the modus operandi, the malware used, on-chain tracing and reused IP + email addresses (!) - we find many similarities between this attack and past cyberattacks by the DPRK Lazarus / Bluenoroff group against other companies in the crypto industries. The initial access originated through a compromised employee laptop, from which a legacy credential was exfiltrated. That credential provided access to a snapshot containing production secrets. From there, the attackers were able to escalate their access to our broader infrastructure, including parts of our database and certain cryptocurrency wallets. We first detected the incident after noticing suspicious purchasing patterns with certain suppliers. We realized that our gift card stock and supply lines were being exploited. At the same time we found some of our hot wallets being drained and funds transferred to attacker-controlled wallets. The moment we identified the breach, we took all of our systems offline as part of our containment response. Bitrefill operates a global e-commerce business with dozens of suppliers, thousands of products, and multiple payment methods across many countries. Safely switching all these things off and bringing them back online is not trivial. Since the incident, our team has been working closely with top industry security researchers, incident response specialists, on-chain analysts and law enforcement to understand what happened and how we can prevent it from happening again. A sincere thank you to @zeroshadow_io, @SEAL_Org, @RecoverisTeam and @fearsoff for their rapid response and support throughout this ordeal. What about your data Based on our investigation and our logs we don’t have reason to think that customer data was the target of this breach. There is no evidence that they extracted our entire database, only that the attackers ran a limited number of queries consistent with probing to understand what there was to steal, including cryptocurrency and Bitrefill gift card inventory. Bitrefill was designed to store very little personal data. We are a store, not a crypto service provider. We don’t require mandatory KYC. When a customer chooses to verify their account - e.g. to access higher purchasing tiers or certain products - that data is kept exclusively with our external KYC provider, with no backups in our system. Still, based on database logs, we know that a subset of purchase records was accessed and we want to be transparent about that. Around 18,500 purchase records were accessed by the attackers. Those records contained limited customer information, such as email addresses, crypto payment address, and metadata including IP address. For approximately 1,000 purchases, specific products required customers to provide a name. That information is encrypted in our database. However, since the attackers may have gotten access to the encryption keys, we are treating this data as potentially accessed. Customers in this category have already been notified directly by email. At this time, based on the information currently available, we do not believe customers need to take specific action. As a precaution, we recommend remaining cautious of any unexpected communications related to Bitrefill or crypto. If this assessment changes, we will of course immediately inform those affected. What we are doing We have already significantly improved our cybersecurity practices, but vow to continue to draw learnings from this experience to make sure user and company balances and data remain maximally safe. Specifically we’re: -Continuing thorough cybersecurity reviews and pentests with multiple external experts and implementing recommendations; -Further tightening internal access controls; -Further improving logging and monitoring for faster detection and more effective response; and -Continuing to refine and test our incident response procedures and automated shutdown procedures. The bottom line Getting hit by a sophisticated attack sucks (a lot). We’ve been in business for over 10 years and it’s the first time we’ve been hit this hard. But we survived. Bitrefill was designed to limit the impact if something like this ever happened. Bitrefill remains well funded, has been profitable for several years and will absorb these losses from our operational capital. Almost everything is back to normal: payments, stock, accounts. Sales volumes are also back to normal, and we are eternally thankful to our customers for your continued confidence in us. We will continue to do our best to continue deserving your trust. Thank you!

@Dantoshi Sure. It was a Trezor 🤝

🚨 A UK man's wife just stole 2,323 Bitcoin worth $172M using their home security camera. The man claims that she used their own CCTV system to capture his 24-word recovery phrase as he typed it. One small misstep, and $172M gone forever. Your "smart" home is the dumbest place to access crypto: - Security cameras record everything - Smart TVs have built-in cameras - Alexa is always listening - Baby monitors stream 24/7 - Even your doorbell is watching You bought a hardware wallet to protect against hackers. But every IoT device in your house is a potential witness to your seed phrase. Your hardware wallet has no idea it's being watched. The 3-minute security sweep: ✅ Turn off the cameras before entering seed phrases ✅ Disable smart assistants during crypto access ✅ Use a dedicated offline room with no IoT devices ✅ Never type seeds where devices can "see" or "hear" ✅ Assume every smart device is compromised Your connected home is someone else's security camera feed. Disconnect to protect your crypto 🔌 Source: @CoinDesk

@VerticalRidge That's too kind and amazing to hear!

@Dantoshi gm Danny. I don't say thank you enough. Your Trezors have saved my life many times over.

Exchanges...😂