We’ve written many times in the past about cryptocurrency traders being targeted by mind boggling attack methods, some of that which weren’t that common last year. But now investors have to be much more careful. Recent events reveal that how investors are being targeted, especially through advertisement sites.
Cryptocurrency Attacks
Cryptocurrency, which is easy to steal and cash out is one of the favorite places for attackers. For this reason serious investors often use hardware wallets to protect their crypto investments. So that they can be sure that their assets are safe. There are even companies and investors who store these hardware wallets in some private vaults.
But there is a problem arising. These wallets store private keys away from vulnerable computers and smartphones and make signing transactions much more secure, but there is no such thing as 100% security as you know. Risks such as physical attacks and fake hardware wallets target this group of investors. Recent reports confirm this.
Second Hand Crypto Hardware Wallets
What do you do when you want to buy a cryptocurrency hardware wallet? Usually, what you do is a quick search on the internet. Details such as price, features, shipping options, etc. are standard for other online purchases and buyers check them. Even more affordable prices on second-hand sites for gently used or unboxed devices can be tempting to investors. But there is a problem here. Second-hand hardware wallets or unboxed wallets sold at a more affordable price can cause you to lose all your money.
This recently happened to a user who bought a Trezor Model T on a classifieds site. The seller of the Trezor Model T has implemented a wide range of security measures that should theoretically reliably protect the device from attackers. Both the box and the unit housing are sealed with holographic stickers, the microcontroller flash memory is in read-protect mode.
The bootloader checks the digital signature of the firmware and if an anomaly is detected, it displays a non-genuine firmware message and deletes all data in the wallet. Accessing the device and confirming transactions requires a PIN code, which is used to encrypt the storage where it is stored. Optionally, in addition to the PIN, you can protect your master access key with a password according to the BIP-39 standard