KANALCOIN NEWS – Anti-virus company from Russia, Kaspersky, provides shocking news. The reason is, the Trezor fake wallet is dangerous in circulation.
A report submitted by cybersecurity on May 10 said that a victim had purchased a fake Trezor model T through a popular classification site. A custom firmware installed on the device has been picked up by Kaspersky researchers.
And as a result, hackers already know personal information. Even before the device is owned by the buyer.
Bitcoin News advises all crypto asset owners to continue to be careful. Because there are many fake Trezor wallets on the market. And made with the aim of stealing crypto assets owned by victims.
Every crypto account owner must be careful of all hardware related digital assets. One of them is this fake Trezor.
Kaspersky continues to disclose findings on May 10, 2023, which is quite alarming. After carrying out a complete check of the fake Trezor that managed to steal the victim’s virtual funds.
And even worse, the victim did not suspect that what he bought was a fake Trezor. Because he bought it from a fairly trusted seller from a fairly popular online market.
The device doesn’t look suspicious. Because it is sealed using a holographic label that is resistant to the usual manipulation of various Trezors and affixed to their products.
“At first glance, the fake Trezor wallet looks just like the real thing. There’s no visible sign of intrusion.” Kaspersky researchers say.
Things got more complicated and serious when there was a transfer of money to another person a few weeks after the owner of the device put money into the crypto wallet. And even worse, these fake crypto wallets can make transactions without having to be connected to a computer.
“When operating the wallet, there was nothing suspicious. All functions worked as they should. The user interface display was no different from the original. Everyone only realized the theft had occurred after conducting further research.” Add Kaspersky.
The fake Trezor was found to have a bootloader version of 2.0.4. The bootloader version was intentionally removed after a case involving counterfeit devices too. There are clearly visible traces of soldering and a different microcontroller.
Kaspersky managed to extract the fake wallet firmware with complex code reconstruction and uncovered the result that the hackers did know the private key beforehand. And attackers can seize funds via alternative wallets that use the same private key and then steal these valuable assets.
Therefore, although physical wallets have long been considered as a solution, users must face the risks associated with complex supply networks and vendors who are not always trusted. And Kaspersky always advises users to be careful about the crypto assets they have.