Phishing Analysis: Trezor

Visual Capture

Detection Info

https://brdge-io-trzoe.pages.dev/

Detected Brand

Trezor

Country

Unknown

Confidence

100%

HTTP Status

200

Report ID

a3fbf038-642…

Analyzed

2026-04-04 08:23

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T161C1FC2AB75C37B4064503AA66D64BF9F71748BCD2245765A9ADC00CB3853CC8BE74CA
CONTENT ssdeep	96:TLZlUKPdF8ZEI6cCbw83xLhjdGRS5a4po/mZwQ/3hAEg:nZlU8d20s83ZzQ8mM3O

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	ab1cb13e732e611c
VISUAL aHash	0139312161e1f1e1
VISUAL dHash	ebd3c3c34b4363c3
VISUAL wHash	017b7921f1e1f1e1
VISUAL colorHash	39000c00000
VISUAL cropResistant	ebd3c3c34b4363c3

Code Analysis

Risk Score 50/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 OTP Stealer

📊 Risk Score Breakdown

Total Risk Score

75/100

Contributing Factors

Active Phishing Kit

Detected kit types: OTP Stealer

🔬 Comprehensive Threat Analysis

Threat Type

Two-Factor Authentication Stealer

Target

Trezor users

Attack Method

Phishing webpage

Exfiltration Channel

Form submission (backend endpoint not detected - likely JavaScript-based)

Risk Assessment

MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: OTP Stealer

🏢 Brand Impersonation Analysis

Impersonated Brand

Trezor

Official Website

N/A

Fake Service

Credential harvesting service

⚔️ Attack Methodology

Primary Method: Two-Factor Authentication Bypass

Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.