Warning to those Hardware Wallet Owners

[Cookdata]

I was about to drop the same, it's always windows OS, it's the most targeted OS version by hackers and scammers today, and it remains so because people are still falling victim to their tricks, it's such a shame, I wish a day will come where a secured OS will take it over from windows OS, Linux could be a better option but its complicated to use if compre to windows OS.

You don't want Microsoft to make money from HP, Dell, Acer and Lenovo companies anymore?

The windows already won most of the hardware companies heart, have you think of any other hardware companies apart of from Mac, most of them are focus on windows operating system, this is why by share the windows dominate the PC market, unlike other operating system.
I can tell you, one of the reason why some people don't go for MacOS is because it's not too simple to use even if they have money, they will go for quality Dell product. I'm sure you will see windows software deployed quickly by developers before you see other operating system software produced for end users.

If only everyone can build their software from source code, the rate at which people download fake apps with malware on device will reduce but not everyone is familiar with command lines, it will discourage alot of people.

[mindrust]

Do not use Windows, do not use a hardware wallet unless your business depends on it, problem solved. Honestly, no consumer level bitcoin investor needs an hardware wallet. People who owns a saas website/casino/exchange may need a hw wallet but nobody else does. If you are an investor, you need a sturdy laptop that can run linux and that's it. It is much better than having a hw wallet, much safer and less complicated. Ledger and trezor are solutions for a problem which doesnt exist. Buy more btc with that money instead of wasting it on those junk.

[taufik123]

Everyday we keep seeing new updates on some of the route in which scam and have are taking place

This forum really helped people to be aware of and to avoid malware, but this is phishing and it is not new at all. Although, the most common one for Trezor and Ledger Nano users are the one that will require someone to put his seed phrase on a scammer website which can be used to steal the person's coins, but this one is about malware. Just avoid  phishing attack is enough against this kind of attack.

There are more phishing cases that occur that target some of the devices with the most users, such as what happened to Bitget Mobile Wallet which was attacked with phishing that entered the list of Dapps in the Bitget Application, this was actually displayed directly without being detected at first and made many people trapped and connected their wallets with phishing Dapps made by scammers.

But now scammers are targeting Trezor and Ledger wallet hardware users and not all users are alert and know how this phishing model works,
it could be those who are caught off guard connecting or entering passphrases by mistake.

Phishing is an old method, but this method continues to be developed and simplified with various kinds of loopholes that are used by scammers.

[PrivacyG]

Generally speaking, no.

The hardware wallets themselves—at least at this point in time—are not vulnerable to attack, so it’s not possible to extract the private key. Ledger does offer the option, via Ledger Recovery, to split the key into so-called shards and send them to third parties, who can then restore it for you if the worst comes to the worst. However, the process has not (yet) been hacked, so it is currently not possible for the shards to be extracted by any other software except Ledger Live itself.

The attacks are always the same... the user is asked to enter the mnemonic code, which is then intercepted, and they lose their coins.

This is particularly why I asked the question.

Almost all 'hacks' are actually only reminders that you should keep PRIVATE information such as PRIVATE Keys to your self.  They can replicate things, they can try things but the worst enemy of their Bitcoin is most of the time their actual owner.  Because if they spent 5 more seconds reading the red, bold warning that they should never share the Seed with ANYONE, they would not fall victims to these Scams.

[m2017]

What if this attacker is simply a scammer trying to fool his customers by selling them a dummy program? If the program were effective (generating money out of thin air), why wouldn't he use it himself?

I'd love to hear comments from technically experienced users about this program.

"The license agreement blocks usage on Russian-based machines." - Is this a hint about the origin of this malicious program?

P.S. Actually, it would be more correct to move this topic to the "hardware wallets" section, wouldn't it?

[Somegory]

Do not use Windows, do not use a hardware wallet unless your business depends on it, problem solved. Honestly, no consumer level bitcoin investor needs an hardware wallet. People who owns a saas website/casino/exchange may need a hw wallet but nobody else does. If you are an investor, you need a sturdy laptop that can run linux and that's it. It is much better than having a hw wallet, much safer and less complicated. Ledger and trezor are solutions for a problem which doesnt exist. Buy more btc with that money instead of wasting it on those junk.

This is somewhat new.

Are you saying that running a crypto wallet on a Linux operating system is more safer than a airgapped device?
Well make sure that the Linux OS never get connected to the internet for the long term until you are ready to sell your coins.

Because I am very sure that there are some exploits for Linux OS too, they aren't just as many as that of windows operating system, but saying that Linux OS is safer than hardware wallet is craaaazzzzyyy.

Never heard of such before, you are the first.

[FinneysTrueVision]

I can tell you, one of the reason why some people don't go for MacOS is because it's not too simple to use even if they have money, they will go for quality Dell product.

macOS isn’t perfect, but it has far less annoyances than Windows and is quite easy to adapt to. Regardless of the operating system, people should not be entering their seed phrase into any application.

The seed should only be typed on the hardware device itself. Even official mobile apps from hardware wallet manufacturers are not safe, like a user who recently lost millions of dollars when he typed his seed into Ellipal’s app thinking he was pairing his cold wallet, but instead he restored his seed as a hot wallet.

[mindrust]

Do not use Windows, do not use a hardware wallet unless your business depends on it, problem solved. Honestly, no consumer level bitcoin investor needs an hardware wallet. People who owns a saas website/casino/exchange may need a hw wallet but nobody else does. If you are an investor, you need a sturdy laptop that can run linux and that's it. It is much better than having a hw wallet, much safer and less complicated. Ledger and trezor are solutions for a problem which doesnt exist. Buy more btc with that money instead of wasting it on those junk.

This is somewhat new.

Are you saying that running a crypto wallet on a Linux operating system is more safer than a airgapped device?
Well make sure that the Linux OS never get connected to the internet for the long term until you are ready to sell your coins.

Because I am very sure that there are some exploits for Linux OS too, they aren't just as many as that of windows operating system, but saying that Linux OS is safer than hardware wallet is craaaazzzzyyy.

Never heard of such before, you are the first.

You must have been living under a rock then.

Also where did I ever mention any internet connection in my post, can you highlight it?

Don’t reply with bullshit about the topics which you don’t know much about or at least show some effort and read the post carefully… unless you want people to make fun of you.

Internet connection isn’t as scary as you think either… as long as the OS/wallet is safe. It is definitely safer on a linux distribution.

People who hold a few hundred bucks in btc buy hw wallets while most early adopters that own tens, hundreds of btc keep them in a piece of paper or old laptop. Go figure. Damn lemmings.

[Lakai01]

[...]
Almost all 'hacks' are actually only reminders that you should keep PRIVATE information such as PRIVATE Keys to your self.  They can replicate things, they can try things but the worst enemy of their Bitcoin is most of the time their actual owner.  Because if they spent 5 more seconds reading the red, bold warning that they should never share the Seed with ANYONE, they would not fall victims to these Scams.

You’re absolutely right about this, and ultimately, as an end user, you only have yourself to blame if you carelessly enter your private key into software you’ve just downloaded.

But to be fair, it must also be said that the scam versions are very well made, and as a layperson, you can’t tell the difference. These tools also play on customers’ fears (“Enter your private key quickly, or you’ll lose access to your coins!”), which naturally makes inexperienced users particularly vulnerable.

Unfortunately, “Be your own bank” doesn’t come without its downsides, and you have to be aware of what happens when you hand over the vault key.

[YellowSwap]

[...]
Almost all 'hacks' are actually only reminders that you should keep PRIVATE information such as PRIVATE Keys to your self.  They can replicate things, they can try things but the worst enemy of their Bitcoin is most of the time their actual owner.  Because if they spent 5 more seconds reading the red, bold warning that they should never share the Seed with ANYONE, they would not fall victims to these Scams.

You’re absolutely right about this, and ultimately, as an end user, you only have yourself to blame if you carelessly enter your private key into software you’ve just downloaded.

But to be fair, it must also be said that the scam versions are very well made, and as a layperson, you can’t tell the difference. These tools also play on customers’ fears (“Enter your private key quickly, or you’ll lose access to your coins!”), which naturally makes inexperienced users particularly vulnerable.

Unfortunately, “Be your own bank” doesn’t come without its downsides, and you have to be aware of what happens when you hand over the vault key.

This is the reply I was looking for.

Even if you downloaded the wrong software, it won't steal your private key just like that, so the software must ask you to do a stupid thing (inserting your keys with your hands by yourself).

This is the only explanation I can think about.

It is a shame that people are using things that they don't fully understand, it's like first time shooter trying to use one hand to shoot a shot gun, the possibility of getting himself kill is very high.

Anything asking for your recovery seed or private key should wake you up from your slumber instantly, even if the app or software are so identical to the original, no one should be asking you for your private keys or recovery seed.

[Lucius]

Users errors, this is the only way that hardware users can fall victim to this scam.
~snip~

People are the weakest link in the security chain, because anything malicious needs the cooperation of users to succeed in its intent. It doesn't even matter what OS someone uses, it all comes down to what you click on and how naive you are to download an infected file to your computer.

Blocking the usage on a Russian-based machine sounds like a weird term. What's the goal of that? To avoid trouble from the government, or are there other reasons?
~snip~

Maybe the hacker is a Russian who doesn't want to steal from his fellow countrymen, or maybe they are the best hackers in the world (NK) who don't want to steal from their Russian friends. I don't see any other reason why such malware wouldn't work on any OS it was programmed for, regardless of the language interface.

[NotATether]

Of course they are blocking the CIS countries. Otherwise the Russian police would kick their ass. 🙂

Blocking the usage on a Russian-based machine sounds like a weird term. What's the goal of that? To avoid trouble from the government, or are there other reasons?

But anyway, if there's malware inside your computer that can kill legitimate processes and act as a replacement for that, I expect there'll be more trouble than just losing your funds. It doesn't help that Windows is terrible with updates, too. Personally, I only use apps like Ledger Live to update firmware and stuff, so I guess I have a long time to prepare for attacks like this.

See the above. The Russian police only really care about crimes happening in their own country, or neighboring "friendly" countries. So no hacker dares to infect computers in that region.

The region check implemented is simply a locale check; it checks whether the Russian locale is being used on Windows, and if not, then it aborts.

[SeriouslyGiveaway]

Unfortunately, “Be your own bank” doesn’t come without its downsides, and you have to be aware of what happens when you hand over the vault key.

"Be your own bank" is very great but with newbies, they must learn knowledge, and practice for experience gradually with time. With newbies, it's kind of risky if they use non custodial wallets but don't know how to do that safely and they can be favorite targets of scammers and hackers. This saying does not mean to keep newbies away from non custodial wallets, that should be their choices after a while of learning and early practice.

Newbies can start with exchange accounts, but always choose Tier-1 exchanges for minimize risk, and experience with wallets, addresses, transactions, block explorers, and security too. With time, they can continue learning about security, wallets and how to do better in wallet management and security so that it will come to right time for them using non custodial wallets safely.

[korakwinband]

https://www.talkimg.com/images/2026/03/26/UvrC7J.png

https://x.com/DarkWebInformer/status/2035830713535111501?s=20

A cyber investigator recently revealed that threat actors are selling malicious Windows wallet sniffers targeting Trezor and Ledger users. So this is a warning for those who has either hardware wallets. Expect that in the next couple of months there could be a lot of phishing on your end and there are buyers of this sniffer underground. Be careful not to trust, verify everything first as you might be the next victims.

Thanks for the heads up coinrifft... in my opinion, wallet sniffers developed for windows and the increasing phishing campaigns pose a real threat to wallet owners. i think, first of all, only the firmware and application should be downloaded from the manufacturers official site, seed and private keys should never be stored in the digital medium and should not be transferred by copy and paste. my opinion in this regard is that i always verify transactions by physically confirming them from the device screen. dnot click on suspicious emails and files. use antimalware and clipboard keystroke protection. we should check and announce technical indicators as they are shared...
 
                                                                                                                                                                                                      korakwinband

[PX-Z]

...A good hardware wallet needs nothing else to function normally, you can grab them the same way you grab your smartphone and do your things.

Hardware wallets should be able to have a operating screen where transaction will be made without connecting to computer, you should also be able to upgrade the device without having to connect to a computer.

Choose your hardware wallet devices carefully.

Make sure it's fully open source, airgapped, have it's own screen for making transactions.

You cannot make an airgapped device broadcast a transaction, if you can, then it's not an airgapped device anymore.

You can only make a wallet in an airgapped device sign an unsigned transaction from the online device, then broadcast it in the same device that was connected online.