Trezor informed its users that a MailChimp "insider" is behind the latest phishing attack to steal funds stored in their wallets after compromising a mailing list.