A crypto user learned a costly lesson the hard way when they tried to save on a crypto hardware wallet by buying a discounted device via an unofficial seller, losing millions as a result.
Crypto security specialist SlowMist said that this past weekend, they received an emergency report about someone losing $6.5 million worth of crypto assets that were stolen from a hardware wallet, a special device designed to store private keys and sign transactions.
Third parties can't usually access the funds secured by these wallets unless they have the private keys or seed words, a combination of 12–24 words that give access to the wallet itself.
However, in this case, according to SlowMist, the wallet was bought via the Douyin platform (TikTok is known in China under this name), as criminals had compromised the private keys before selling the device. As a result, once the funds were transferred to the new wallet, it was drained "within hours."
"Cold wallet ≠ Safe. Avoid “Factory sealed” or “Discounted cold wallets” – 99% are tampered," the security specialist warned, urging users to buy these devices from official channels and initialize everything by themselves.
"Don’t gamble your entire fortune on a 'wallet' that’s a few hundred bucks cheaper – that’s not saving money, it’s throwing your life away!" Partner and Chief Information Security Officer at SlowMist, known as 23pds on X, added.
Meanwhile, another X user, Hella, apparently a friend of the victim of the crime, said that the stolen funds were laundered through a darknet marketplace within hours.
It's not the first attempt to tamper with devices and other tools meant to safeguard crypto assets. Moreover, as reported by Cybernews.com earlier this year, Kaspersky security experts found a remote access trojan capable of stealing sensitive information stored on Android smartphones. This suggests that the supply chain was probably compromised while also luring victims with discounts.
Your email address will not be published. Required fields are markedmarked