A modified hardware wallet has been implicated in the theft of $30,000 worth of cryptocurrency, according to Kaspersky security experts.
The loss of 1.33 BTC ($29,585) was related to new tactics, the company explained in a shared report. Information security.
“Hardware wallets have long been considered one of the safest ways to store cryptocurrency, but cybercriminals make money by selling infected or fake devices to unsuspecting victims. We have found a new way to get the
In this case, the victim had not made any transactions on the day the money was stolen and did not have a cold wallet connected to their computer. Therefore, they later found out about the theft.
Read more about crypto theft here: ‘Kekw’ malware in Python package can steal data and hijack crypto
Kaspersky’s investigation revealed that the hardware wallet purchased by the victim had been compromised. It looked just like the original, but it wasn’t well welded and was instead held in place with glue and tape.
Security experts explained that the attackers made three changes to the original firmware of the bootloader and wallet. Disabled the protection mechanism. Replaced the random seed phrase with her one of 20 preset phrases. I used only the first letter of the additional password.
This reportedly gave the attackers 1280 options to access the fake wallet keys. As a result, the attacker was able to operate the disabled crypto wallet without detection, as it appeared to function normally. However, the attacker had complete control over it from the beginning.
Additionally, the microcontroller inside the device was different, had a read protection mechanism, and completely disabled the flash memory. This led Kaspersky researchers to conclude that the victim had unknowingly purchased the already infected hardware his wallet.
To keep cryptocurrencies safe, Kaspersky experts recommend that hardware wallets be purchased only from approved sources, inspected for signs of tampering, firmware verified, and seed phrases protected with strong passwords. advised.
The discovery comes months after an American man was indicted for illegally obtaining $110 million in cryptocurrency from exchange Mango Market and its customers.
