BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Hardware Wallets: Not Invincible Against Cybercriminals

Cybercriminals Exploit Unsuspecting Investors with Infected and Counterfeit Devices, Exposing the Vulnerabilities of 'Secure' Storage

Cryptocurrency investors often turn to hardware wallets as a secure way to store their digital assets, assuming they are inviolable. However, even the most advanced hardware wallets on the market may not be fully shielded and there are still risks associated with using fake or infected devices.

- Advertisement -

Kaspersky shared the details behind the cryptocurrency theft incident involving a hardware wallet, which resulted in the loss of 1.33 BTC worth $29,585.

Hardware wallets, also known as “cold” wallets, store cryptocurrency keys on a USB stick-sized device, which must be connected to a computer to send cryptocurrency or interact with decentralized funding protocols.

These devices are generally considered more secure than “hot” wallets that are connected to the internet at all times as a result.

However, a recent Kaspersky investigation revealed a rare case of asset theft from a hardware wallet, showing how cybercriminals are devising new tactics to maximize their profits.

- Advertisement -

The victim did not make any transactions that day and the “cold” wallet was not connected to the computer. Thus, the victim did not immediately notice the theft and the scammer transferred 1.33 BTC (worth approximately $29,585) without the victim’s knowledge.

Although the copy they studied appeared identical to the original, the device showed signs of malicious tampering when they opened it.

Instead of being ultrasonically bonded together like genuine hardware wallets, each half of the device was filled with glue and held together with double-sided tape.

Additionally, the wallet had a different microcontroller with read protection mechanisms and the flash memory completely disabled, unlike the original.

This led the company’s investigators to conclude that the victim had purchased a hardware wallet that had already been infected.

The attackers made only three changes to the original bootloader firmware and the wallet itself.

They removed control of the protection mechanisms, replaced the randomly generated phrase with one of 20 predefined phrases, and used only the first character of any additional password.

This gave the attackers a total of 1,280 options to get the key to a fake wallet.

Thus, the attackers were able to carry out the operation while the dormant cryptocurrency wallet lay quietly in the owner’s safe.

The cryptocurrency wallet appeared to be functioning as usual, but from the beginning, the fraudsters were in complete control of it.

“Hardware wallets have long been considered one of the safest ways to store cryptocurrency, but cybercriminals have found new ways to profit by selling infected or fake devices to unsuspecting victims. Such attacks are completely preventable. Therefore, we strongly advise users to buy hardware wallets only from official and trusted sources to minimize the risk,” comments Stanislav Golovanov, a cyber incident investigation expert.

To stay safe, we recommend the following:

  • Buy from official sources: Buy hardware wallets only from official and trusted sources, such as the manufacturer’s website or authorized resellers.
  • Check for signs of tampering: Before using a new hardware wallet, inspect it for any signs of tampering, such as scratches, glue, or mismatched components.
  • Verify the firmware: Always verify that the firmware on the hardware wallet is legal and up-to-date. This can be done by checking the manufacturer’s website for the latest version.

READ NEXT

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Tesla BTC stash plunges 66% despite Bitcoin’s 30% rally

Tesla's Bitcoin holdings have lost two-thirds of their value despite the cryptocurrency appreciating more...

Bitcoin miner AI rally draws scrutiny over insider stock sales

Publicly traded Bitcoin miners saw sharp stock gains after pivoting to AI, but insider...

New Webinar: Outpace AI Attacks with Zero Trust

AI-powered attacks, like the Mythos model, now execute in minutes what previously took attackers...

Amazon Stock Drops 13%: Should You Sell or Hold Before Earnings?

Amazon shares fell 13% into a correction amid concerns over $200 billion in capital...

MoonPay’s MoonAgents AI assistant now on Telegram

MoonPay launched support for its AI crypto assistant, MoonAgents, on the Telegram messaging platform...

Must Read

9 Best Trading Platforms for Crypto Beginners

Many newcomers to the crypto space are looking for platforms to buy, sell and exchange cryptocurrencies. While there are hundreds of crypto exchanges around...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading