According to 【BlockBeats】 news on June 14, Slow Fog Technology CISO @23pds disclosed:
A crypto investor lost over 50 million RMB worth of crypto assets overnight due to purchasing an 'unopened cold wallet' on Douyin. The assets were quickly laundered through 'Huiwang' services and cannot be recovered.
🔍【Behind the scenes truth】
According to security analysis, the cold wallet's private key generation process has been implanted with a backdoor. Even if users do not connect to the internet after receiving it, they are still 'monitored offline,' ultimately leading to the leakage of the private key.
🧨 Why do these types of scams keep succeeding?
1️⃣ Fake 'brand new' but actually refurbished: beautifully packaged, even with a seal, but the private key generation is controlled by pre-set programs.
2️⃣ Low-price temptation trap: gimmicks like 'limited-time flash sale' and 'clearance sale' lower vigilance and specifically deceive non-professional users.
3️⃣ Not verified by official channels: Many users even fail to verify the authenticity of the original factory firmware downloaded from the official website.
✅【Wushang Reminder】Make sure to do these three things:
🔒 Only purchase cold wallets through official channels (Ledger, Trezor, Keystone, etc. all have official websites and authorized distributor lists)
🔍 Immediately verify firmware integrity and fingerprint verification through the entire process after unboxing
📴 Before first use, be sure to reset the device and generate a new private key. Do not trust any 'pre-set mnemonic phrases' or 'factory-backed up' claims.
⚠️ In summary:
Do you think buying a 'cold wallet' makes you safe?
If it's not from an official channel, it might be even 'hotter' than a hot wallet.