Most reaction was that people think my friend stole it. I dont really wanna believe that because it wouldn't make sense to me.
IMO this is what probably happened, your friend ran with the money.
According to your story
- your friend informed you first that the coins were transfered
- your friend was the only one with access to the private key
- the trezor was connected to his laptop
The other possibility ist that your friend used a MEW phishing site, not the original one.
The safest way to use MyEtherWallet is to use it through the trezor interface or use the offline version from github:
https://github.com/kvhnuke/etherwalletLast year there was DNS poisoning attack targeting Trezor users:
https://blog.trezor.io/psa-phishing-alert-fake-trezor-wallet-website-3bcfdfc3ecedBut I don't think that's what happened to you.
Why didn't you use a multisig wallet / multisig contract?