Victim Falls Prey to Counterfeit Trezor Wallet, Bitcoin Stolen
In a recent incident, a victim fell prey to a counterfeit Trezor Model T cryptocurrency wallet that had been tampered with, resulting in the theft of their Bitcoin. The victim had purchased the wallet. It appeared identical to a genuine Trezor Model T, from a reputable vendor on a well-known classifieds website. The incident highlights the growing concern surrounding supply chain attacks on hardware wallets and the need for caution when purchasing crypto gadgets.
Fake Trezor Wallets Pose Threat to Crypto Users, Says Kaspersky
The Russian antivirus firm, Kaspersky, issued a reminder to its customers about the risks associated with counterfeit Trezor hardware wallets. In a blog post, Kaspersky Lab’s cyber incident specialist, Stanislav Golovanov, revealed that attackers can gain access to a user’s private keys by replacing the microcontroller in a fake wallet. The counterfeit wallets are designed to mimic the appearance and functionality of the original, making it difficult for users to detect any anomalies.
While using the counterfeit wallet, the victim did not notice any suspicious behaviour. All the features appeared to function correctly. The user interface was also identical to the genuine wallet, making it even harder to identify the tampering. Kaspersky attributed the compromise to a standard supply chain attack. However, it was unable to provide specific details about how the theft occurred.
Trending Now: OKX Launches Revolutionary Ordinals Marketplace
To prevent such incidents, Kaspersky’s security researchers advised customers to purchase hardware wallets directly from authorized manufacturers to minimize the risk of supply chain threats. In this case, the victim had unknowingly purchased the counterfeit Trezor wallet from a reputable vendor on classifieds website. Kaspersky refrained from disclosing the identity of the reseller involved when asked for comment.
Trezor Urges Users to Follow Guidelines for Authenticity and Security
Trezor, the manufacturer of the affected wallets, acknowledged the security issue. It stated that it was specific to Trezor Model T devices. The company confirmed that all compromised devices had been purchased from Russian suppliers. Trezor has a network of around 50 authorized resellers worldwide but does not currently have any approved resellers in Russia, according to its official website.
In addition to supply chain safeguards, Trezor advised customers to validate their wallets using the instructions provided in the official guidelines for the Model One and Model T. By following these guidelines, users can verify the authenticity of their Trezor wallets and detect any potential firmware issues.
