In May 2023, a new phenomenon of hardware wallet supply chain attacks emerged in the market: scammers tampered with the firmware of the Trezor hardware wallet and sold tampered devices to unsuspecting users. The devices have security vulnerabilities in the mnemonic phrase, such as scammers pre-generating multiple sets of mnemonic phrases on the devices. Similar incidents have been discovered, particularly in Russia, where tampered devices are sold on unauthorized market platforms.
Suppose you don’t perform a thorough security check upon receiving a hardware wallet and directly proceed to create and use the wallet. In that case, scammers can easily steal your encrypted tokens by leveraging the known mnemonic phrases.
This "hardware wallet supply chain attack" incident reveals a new form of cryptocurrency theft much more concealed than the well-known thefts caused by improper storage of mnemonic phrases and private keys. It poses a significant threat to users who need to become more familiar with the workings of hardware wallets. This emphasizes the importance of remaining vigilant and not underestimating any potential threats.
So, how can you avoid such incidents?
- Purchase from Official Channels: Always purchase hardware wallets from official channels or authorized distributors. This ensures that the device you receive is genuine and unaltered.
- Inspect the Packaging: Many hardware wallet manufacturers use anti-tampering labels or seals on their product packaging. If the packaging of the device you receive has been opened or damaged, or if the anti-tampering label has been torn or broken, it may be a warning sign.
Scams Exposed
Security Alert | Beware of Unknown Authorization Records in TRON (TRX) Wallets
Scammers have recently created unknown authorization records using fake tokens in TRON (TRX) wallets. We have received feedback from some users who discovered these unauthorized USDT records in their TRX wallets’ authorization records during routine checks. These records cannot be canceled by wallet owners. Although these fake token authorization records exist in users’ wallets, scammers cannot transfer valuable tokens from the wallets through this authorization. Therefore, it will not affect your actual tokens. Click here to learn more about this scam.
The imToken security team reminds you to remain vigilant and regularly check your wallet's authorization records, paying attention to any unfamiliar authorization records that appear in the wallet. When encountering abnormal authorization records, carefully verify and take appropriate precautions. If you have any questions regarding authorization records, please email support@token.im to contact the official imToken customer support team.
Security Alert | Beware of Wallet Permission Change Transactions
Recently, TRX wallet permission change scams have become increasingly active. Scammers deceive users by inducing them to make payments on virtual goods purchasing websites (such as purchasing Telegram accounts or SMS verification codes). In reality, you unknowingly sign a transaction to change your TRX wallet permissions. Once the signature is successful, the scammers can manipulate your TRX wallet permissions, resulting in the loss of control over your wallet.
To prevent such scams, you must remain vigilant about all third-party payment links. If the source of a link needs to be clarified or you have doubts about its authenticity, kindly email support@token.im to contact the official imToken customer support. Remember, permission changes are critical operations that can result in losing wallet control! In this regard, only sign transactions you are fully aware of.
To safeguard the security of user tokens, the latest imToken version has implemented measures to address these issues. If you click on a link related to permission changes, imToken will promptly notify you of potential risks and prohibit you from proceeding. This setting prevents you from falling victim to scams and ensures the security of your tokens.
Risk Control
In May, imToken identified and marked 578 tokens and 1688 addresses as risky and banned 445 DApps.
Asset protection is a collective responsibility, and your role in it cannot be overstated. By promptly reporting any risky tokens or DApps you encounter to support@token.im, you actively contribute to preventing token loss within our community. Your actions create a ripple effect, prompting swift intervention and raising awareness among other imToken users.
End
To protect your digital tokens, especially in the face of recent hardware wallet supply chain attacks and wallet permission change transactions, we strongly recommend increasing your security awareness and exercising caution.
imToken remains deeply committed to the security of user tokens and continues to release Wallet Security Monthly Reports to keep you informed about the latest security measures and help you stay one step ahead of scammers. If you have any cases or materials related to wallet security, we welcome you to send them to support@token.im and we will respond appropriately.
The strength of any industry lies in its community, and the digital token landscape is no exception. By fostering a culture of collaboration, we can collectively address the challenges posed by the ever-evolving security risks. Let's seize this opportunity to enhance user token security by reporting suspicious DApps and tokens, sharing best practices, and staying informed about emerging threats.
imToken Official Social Media Channels
- Website: https://token.im
- Weibo: https://weibo.com/imToken
- Twitter: https://twitter.com/imTokenOfficial
- Discord: https://discord.com/invite/imToken