With the growing popularity of hardware cryptocurrency wallets, Russian cybersecurity firm Kaspersky has reminded users of the importance of using genuine encryption devices.
Kaspersky cyber incident expert Stanislav Golovanov reported on May 10 the issue of fake hardware wallets impersonating major wallet company Trezor. The event took place in March 2022.
Fake Trezor Wallets Allow Fraudsters to Steal Bitcoin, According to Blog Post, Through a replaced microcontroller, an attacker could take over control of a user's private keys. The victim reportedly purchased a tampered hardware wallet masquerading as the Trezor Model T, Trezor's advanced encryption wallet . This fake wallet looks exactly like the real Trezor Model T wallet and offers a standard set of wallet features.
“When dealing with the wallet, there is also nothing suspicious: all functions work normally, and the user interface is no different from the original interface,” Golovanov wrote.
However, the fake wallet was tampered with from the inside. According to the Kaspersky team, the attackers managed to gain access to users' crypto assets by replacing the internal firmware. "The actual mechanism of the theft is still unclear," Golovanov noted, adding that the problem was caused by a "typical supply chain attack." To prevent supply chain attacks, Kaspersky cybersecurity experts advise users to only purchase hardware wallets directly from official suppliers. The company noted that the victim purchased the fake Trezor wallet through a " trusted seller on a popular classifieds site."
Golovanov declined to name the seller to Cointelegraph, but mentioned that the purchase was made through a “popular marketplace.” “This is an advertising site with sections dedicated to the sale of general merchandise, jobs, real estate, cars for sale, and services . Such marketplaces are known to have fraudulent sellers reselling counterfeit or infected devices,” noted the cybersecurity expert.
The problems Kaspersky describes are nothing new to the crypto community. Trezor publicly resolved a security incident involving tampering with Trezor Model T devices in May 2022.
According to Trezor's blog post, the problem described is mainly seen on Trezor Model T wallets, and all devices were obtained from suppliers in the Russian market. The company wrote: "Some internal components have been replaced, allowing malicious actors to spoof the device's behavior and make its security features redundant." According to Trezor's official website, the company currently has around 50 officially authorized resellers worldwide. Sellers are located in many jurisdictions including Canada, United States, Singapore, India, Israel, Belarus, Ukraine, and more. In addition to security measures related to the supply chain, Trezor also recommends that its users follow the steps to verify their Trezor wallets, providing official guidelines for the Model One and Model T.
Trezor's software also alerts you to any potential firmware issues by alerting you of the problem on the app screen. "We would like to point out that we have a warning system in Trezor Suite that will alert users if their device is using unofficial firmware,"






















