Peter Zhang
Apr 17, 2026 06:55
Safety researcher exposes counterfeit Ledger gadgets with embedded wi-fi antennas designed to steal crypto. Comes days after $9.5M pretend app losses.
Counterfeit Ledger {hardware} wallets rigged with hidden WiFi and Bluetooth antennas are being offered on Chinese language marketplaces at official retail costs, based on a Brazilian safety researcher who bought one for private use and practically fell sufferer to the scheme.
The invention, posted to Reddit on April 16 beneath the deal with “Past_Computer2901,” reveals a provide chain assault focusing on first-time {hardware} pockets consumers. The pretend gadget handed visible inspection however failed Ledger’s built-in authenticity verification when linked to the authentic Ledger Reside app.
“This is not meant to trigger panic, however relatively to function a critical warning — I am actually nonetheless a bit shaken by the sheer scale of this operation,” the researcher wrote.
Contained in the Counterfeit System
After the gadget failed Ledger’s Real Verify, the researcher disassembled it. What they discovered was alarming: scraped chip markings and wi-fi communication {hardware} embedded inside a unit that ought to function completely offline.
Respectable Ledger merchandise maintain non-public keys air-gapped from internet-connected techniques. The addition of WiFi and Bluetooth capabilities suggests the counterfeit gadget may transmit stolen seed phrases to attackers remotely.
Digging into the firmware revealed extra purple flags. Whereas the gadget initially recognized itself as a Nano S Plus 7704 with a valid-looking serial quantity, the boot sequence uncovered the precise producer: Espressif Programs, a Shanghai-based semiconductor firm with no connection to Ledger’s provide chain.
Cointelegraph reached out to Espressif for remark however obtained no fast response.
The Assault Vector
The rip-off particularly targets consumers unfamiliar with Ledger’s ecosystem. A QR code included within the packaging directs customers to obtain a malicious model of Ledger Reside relatively than the official app from ledger.com.
This pretend app shows a spoofed “Real Verify” that seems to validate the counterfeit {hardware}. Customers who proceed by means of the setup course of finally enter their seed phrases, giving attackers full entry to empty funds at any time.
A part of a Broader Wave
The counterfeit {hardware} discovery comes simply days after a separate Ledger-related assault made headlines. On April 14, blockchain investigator ZachXBT reported {that a} pretend Ledger Reside app distributed by means of Apple’s App Retailer had stolen $9.5 million from greater than 50 victims earlier than Apple eliminated it.
That assault used a bait-and-switch technique to bypass App Retailer evaluation, initially showing as a authentic productiveness app earlier than updating to imitate Ledger’s official software program.
Collectively, these incidents spotlight how scammers are investing important assets to compromise customers who select self-custody over centralized exchanges. The counterfeit {hardware} operation required manufacturing customized PCBs, embedding wi-fi parts, growing modified firmware, and creating convincing packaging — a considerable operation suggesting organized felony involvement.
Defending Your self
The researcher’s recommendation is easy: buy {hardware} wallets completely from official producer web sites, obtain companion apps solely from verified sources, and deal with any gadget that fails authenticity checks as compromised.
“In case your gadget fails the Real Verify — cease utilizing it instantly,” they warned.
For the Ledger Nano S Plus, which retails between $59 and $85, the pricing on the Chinese language market matched official charges — which means consumers had no discount-based warning indicators to tip them off earlier than buy.
Picture supply: Shutterstock