Blockstream issued an urgent security alert warning users about a sophisticated phishing campaign targeting Jade hardware wallet owners through fake firmware update emails.
The company confirmed no data was compromised, but emphasized it never sends firmware files via email communications.
Bitcoin developer Jimmy Song first reported the malicious emails, which claim to offer Jade firmware updates while directing users to download files from suspicious domains.
The scam emails appear to originate from unrelated entities like restaurant managers, raising questions about how attackers obtained user email addresses.
The warning comes as crypto phishing attacks surge dramatically, with August losses reaching $12 million, affecting over 15,000 victims, a 67% increase from July.
Source: X/@realScamSniffer
The first half of 2025 saw total crypto crime losses exceed $3.1 billion, with phishing scams accounting for $410 million across 132 separate attacks.
Sophisticated Email Campaign Exploits Hardware Wallet Trust
The fraudulent emails masquerade as legitimate Blockstream communications, instructing users to download firmware updates by clicking on malicious links.
Security experts warn that the fake firmware likely redirects funds to attacker-controlled addresses once installed on hardware devices.
Blockstream thanked Jimmy Song for the initial alert and reiterated its policy of never distributing firmware through email channels.
The company directed users to follow official Twitter accounts @Blockstream and @BlockstreamJade for verified updates and communications.
Community members noted inconsistencies within the scam emails, including mismatched version numbers and suspicious sender domains.
One particularly concerning example showed emails originating from “General Manager of Adelphia Restaurant” directing downloads from “getbento.com” domains.
The targeting of hardware wallet users represents a significant escalation in phishing sophistication.
Hardware wallets traditionally provide enhanced security compared to software alternatives, making their compromise particularly damaging to user funds and confidence.
The precise mechanism by which attackers obtained user email addresses remains unclear, with community members questioning potential data breaches or social engineering campaigns.
Blockstream has not disclosed the source of the email leak or provided details about affected user databases.
Crypto Crime Reaches Record Levels Amid Advanced Attack Methods
August 2025 recorded the second-highest monthly crypto crime total this year, with $310 million stolen across various exploits, according to CertiK research.
Phishing incidents dominated losses at $293 million, including two massive attacks stealing $238 million in Bitcoin and $55 million in DAI stablecoin.
More disturbing, just yesterday, a new cross-platform malware, called ModStealer, was discovered.
This sophisticated malware targets 56 browser-based wallet extensions across Windows, macOS, and Linux systems while evading traditional antivirus detection through JavaScript-based distribution methods.
The malware is distributed through a fake job recruiter ad campaign, similar to this phishing campaign, targeting victims on a large scale.
Notably, North Korean state-sponsored groups were involved in a large part of these criminal activities, resulting in $1.6 billion in losses, which represents 70% of the total losses in H1 2025.
The notorious Lazarus group conducted the largest single hack in crypto history, stealing $1.46 billion from Bybit in February.
Infrastructure attacks dominated the threat landscape, accounting for over 80% of stolen funds through private key compromises and front-end exploits.
These attacks averaged ten times larger than protocol-based vulnerabilities, with social engineering and insider access frequently enabling massive breaches.
In an interview with Cryptonews, Crystal CEO Navin Gupta warns that modern scammers exploit psychological manipulation through tactics that include urgency, authority, and familiarity.
AI-powered personalization also enables attackers to craft convincing messages using leaked data and behavioral profiling, making detection increasingly difficult for victims.
Protection strategies include verifying all communications through official channels, avoiding email-based software downloads, and implementing hardware security keys instead of SMS-based two-factor authentication.
Gupta particularly advised to “assume every unsolicited message is a potential attack. That mental shift alone filters out 80% of threat vectors. If someone reaches out with urgency, secrecy, or flattery — stop. Your best defense is deliberate doubt.”
Users are urged to bookmark legitimate websites rather than relying on search engines and remain skeptical of unsolicited communications claiming urgent security updates.
The post Blockstream Issues Alert Over Fake Email Phishing Campaign Targeting Hardware Wallet Users appeared first on Cryptonews.
