The importance of using genuine hardware wallets in the world of cryptocurrencies has been emphasized once again, following a recent incident reported by Russian cybersecurity firm Kaspersky.
In a blog post, Kaspersky’s cyber incident expert Stanislav Golovanov highlighted a case from March 2022 where fraudulent hardware wallets posing as Trezor, a major wallet manufacturer, were used to steal Bitcoin. The fake wallets had a replaced microcontroller, allowing the attackers to gain control of users’ private keys.
The victim had unknowingly purchased a tampered hardware wallet that appeared identical to Trezor’s advanced crypto wallet, the Trezor Model T. The counterfeit wallet functioned normally, making it difficult to detect any suspicious activity.
The tampering occurred internally, with the attackers replacing the firmware to gain access to users’ crypto assets. Golovanov described the incident as a “typical supply chain attack,” though the exact mechanism of the theft remains unclear.
To prevent such supply chain attacks, Kaspersky’s cybersecurity experts advised users to purchase hardware wallets exclusively from the official vendor. In this particular case, the victim had acquired the fake Trezor wallet from a “trusted seller” on a popular classifieds website, which is known to have fraudulent sellers offering counterfeit or compromised devices.
This incident is not an isolated one, as Trezor had previously addressed a security issue involving tampered Trezor Model T devices in May 2022. The compromised devices were mainly obtained from vendors in the Russian market, with malicious actors replacing internal components to bypass the device’s security features.
Trezor currently maintains about 50 authorized resellers worldwide, spanning various jurisdictions. They recommend users follow authentication steps and refer to official guides to verify the authenticity of their Trezor wallets. Additionally, Trezor’s software includes warning systems to alert users if their device is using unofficial firmware.
As the crypto market continues to grow, it is crucial for users to exercise caution, only purchasing hardware wallets from trusted sources, and regularly checking for any potential security vulnerabilities or updates provided by the official wallet manufacturers.