Amid the rising popularity of hardware cryptocurrency wallets<\/a>, the Russian cybersecurity firm Kaspersky has reminded users about the importance of using authentic crypto devices.<\/p>\n Kaspersky cyber incident expert Stanislav Golovanov on May 10 reported<\/a> on an issue with fake hardware wallets impersonating major wallet firm Trezor. The incident occured in March 2022.<\/p>\n According to the blog post, the fake\u00a0Trezor wallet allowed fraudsters to steal Bitcoin (BTC<\/a>) via a replaced microcontroller, which enabled attackers to take over control of the user\u2019s private keys<\/a>.<\/p>\n The victim reportedly purchased a tampered hardware wallet that posed as Trezor\u2019s advanced crypto wallet Trezor Model T. The fake wallet appeared to be exactly the same as a genuine Trezor Model T wallet, providing a standard set of wallet functions.<\/p>\n \u201cWhen handling the wallet, nothing felt suspicious either: all the functions worked as they should, and the user interface was no different from the original one,\u201d Golovanov wrote.<\/p>\n The fake wallet was tampered from the inside, though. According to the Kaspersky team, attackers managed to access users\u2019 crypto assets by replacing the inner firmware. \u201cThe actual mechanism of the theft remains unclear,\u201d Golovanov noted, adding that the issue was caused by a \u201ctypical supply chain attack.\u201d<\/p>\n To prevent supply chain attacks, Kaspersky\u2019s cybersecurity experts advised users to only buy hardware wallets directly from the official vendor. The firm noted that the victim bought the fake Trezor wallet through a \u201ctrusted seller through a popular classifieds website.\u201d<\/p>\n Golovanov declined to specify the name of seller to Cointelegraph, but mentioned that the purchase was made through a “popular marketplace.”<\/p>\n “This is an advertisement website with sections devoted to general goods for sale, jobs, real estate, cars for sale, and services. Such marketplaces are known to have fraudulent sellers who resell fake or infected devices,” the cybersecurity expert noted.<\/p>\n The issue described by Kaspersky isn\u2019t something new for the crypto community. Trezor publicly addressed<\/a>\u00a0the security incident involving tampered Trezor Model T devices in May 2022.<\/p>\n According to Trezor\u2019s blog post, the described issue was mostly present on Trezor Model T wallets, with all devices being obtained from vendors on the Russian market. The firm wrote:<\/p>\n \u201cSome internal components had been replaced, allowing the malicious actors to spoof the device\u2019s behavior and make its security features redundant.\u201d<\/p><\/blockquote>\n According to Trezor\u2019s official website, the firm currently has<\/a> about 50 officially authorized resellers across the world. The sellers are located in many jurisdictions, including Canada, the United States, Singapore, India, Israel, Belarus, Ukraine and others.<\/p>\n Related: <\/em><\/strong>To catch a scammer: Kraken builds fake crypto account to \u2018bait\u2019 fraudsters<\/em><\/strong><\/a><\/p>\n In addition to security measures related to the supply chain, Trezor also advises<\/a> its users to follow steps to authenticate their Trezor wallets, providing<\/a> official guides for Model One and Model T.<\/p>\n Trezor\u2019s software also signals any potential firmware issues by alerting the issue on the app screen.<\/p>\n \u201cWe would like to point out that we have a warning system in the Trezor Suite that alerts users if their device uses an unofficial firmware,\u201d a spokesperson for Trezor told Cointelegraph.<\/p>\n Magazine<\/em><\/strong>: $3.4B of Bitcoin in a popcorn tin \u2014 The Silk Road hacker\u2019s story<\/em><\/strong><\/a><\/p>\n<\/div>\n![](\"https:\/\/s3.cointelegraph.com\/uploads\/2023-05\/101fbaf3-3404-46ac-a70d-5bb97681f619.jpeg\")
![](\"https:\/\/s3.cointelegraph.com\/uploads\/2023-05\/13937404-f9c5-4c2b-9ca2-0c8969c60afc.png\")