A recent incident involving an investor who lost $6.9 million after purchasing a counterfeit cold wallet on Douyin highlights the rising issues of cryptocurrency fraud.
Tampered Cold Wallet
An investor unknowingly bought a compromised cold wallet on Douyin, the Chinese counterpart of TikTok. According to SlowMist, the wallet was advertised as factory-sealed and offered at a discounted price. However, it was already tampered with prior to purchase, and the associated private key was accessible to scammers. Consequently, the victim's entire crypto portfolio was drained within hours of activation.
Funds Laundered Through Syndicate
The stolen funds were quickly laundered through a syndicate known as Huiwang or Huione Group, based in Cambodia. This group is notorious for operating a web of illicit businesses, including crypto exchanges and darknet markets. Despite SlowMist successfully tracing the stolen funds, recovering them is virtually impossible due to the speed and sophistication of the laundering network.
Rise in Device-Based Crypto Theft
The situation with compromised cold wallets highlights a concerning trend in cybersecurity. Companies like Kaspersky and SlowMist have repeatedly warned users about the risks of purchasing cryptocurrency wallets from unreliable sources. In a recent incident, a Chinese printer manufacturer was found distributing crypto-stealing malware, underscoring the need for careful verification of purchasing sources.
This incident serves as a reminder for investors about the importance of securing their crypto assets. Experts emphasize that wallets should only be purchased from trusted sources, avoiding suspicious offers.
