Blockstream Issues Alert Over Fake Email Phishing Campaign Targeting Hardware Wallet Users

Blockstream issued an urgent security alert warning users about a sophisticated phishing campaign targeting Jade hardware wallet owners through fake firmware update emails. The company confirmed no data was compromised, but emphasized it never sends firmware files via email communications. Bitcoin developer Jimmy Song first reported the malicious emails, which claim to offer Jade firmware updates while directing users to download files from suspicious domains. You guys should warn people about this phishing email. I'm guessing the firmware sends funds to some other address. @adam3us @Blockstream pic.twitter.com/DZNkTjsQiC — Jimmy Song (송재준) (@jimmysong) September 12, 2025 The scam emails appear to originate from unrelated entities like restaurant managers, raising questions about how attackers obtained user email addresses. The warning comes as crypto phishing attacks surge dramatically, with August losses reaching $12 million, affecting over 15,000 victims, a 67% increase from July. Source: X/@realScamSniffer The first half of 2025 saw total crypto crime losses exceed $3.1 billion, with phishing scams accounting for $410 million across 132 separate attacks. Sophisticated Email Campaign Exploits Hardware Wallet Trust The fraudulent emails masquerade as legitimate Blockstream communications, instructing users to download firmware updates by clicking on malicious links. Security experts warn that the fake firmware likely redirects funds to attacker-controlled addresses once installed on hardware devices. Blockstream thanked Jimmy Song for the initial alert and reiterated its policy of never distributing firmware through email channels. The company directed users to follow official Twitter accounts @Blockstream and @BlockstreamJade for verified updates and communications. Phishing Alert We’ve been made aware of fake emails claiming a “Jade firmware update.” 1⃣ This was not sent from Blockstream. 2⃣ Blockstream will never email you firmware files. 3⃣ No data has been compromised. Don’t Trust. Verify. Please follow @Blockstream and… pic.twitter.com/59ymAZ6NDB — Blockstream (@Blockstream) September 12, 2025 Community members noted inconsistencies within the scam emails, including mismatched version numbers and suspicious sender domains. One particularly concerning example showed emails originating from “General Manager of Adelphia Restaurant” directing downloads from “getbento.com” domains. The targeting of hardware wallet users represents a significant escalation in phishing sophistication. Hardware wallets traditionally provide enhanced security compared to software alternatives, making their compromise particularly damaging to user funds and confidence. The precise mechanism by which attackers obtained user email addresses remains unclear, with community members questioning potential data breaches or social engineering campaigns. Blockstream has not disclosed the source of the email leak or provided details about affected user databases. How do they know your users email?l — Masunobom (@masunobom) September 12, 2025 Crypto Crime Reaches Record Levels Amid Advanced Attack Methods August 2025 recorded the second-highest monthly crypto crime total this year, with $310 million stolen across various exploits, according to CertiK research. Phishing incidents dominated losses at $293 million, including two massive attacks stealing $238 million in Bitcoin and $55 million in DAI stablecoin. More disturbing, just yesterday, a new cross-platform malware , called ModStealer, was discovered. This sophisticated malware targets 56 browser-based wallet extensions across Windows, macOS, and Linux systems while evading traditional antivirus detection through JavaScript-based distribution methods. The malware is distributed through a fake job recruiter ad campaign, similar to this phishing campaign, targeting victims on a large scale. Notably, North Korean state-sponsored groups were involved in a large part of these criminal activities, resulting in $1.6 billion in losses, which represents 70% of the total losses in H1 2025 . The notorious Lazarus group conducted the largest single hack in crypto history, stealing $1.46 billion from Bybit in February . Infrastructure attacks dominated the threat landscape, accounting for over 80% of stolen funds through private key compromises and front-end exploits. These attacks averaged ten times larger than protocol-based vulnerabilities, with social engineering and insider access frequently enabling massive breaches. In an interview with Cryptonews, Crystal CEO Navin Gupta warns that modern scammers exploit psychological manipulation through tactics that include urgency, authority, and familiarity. How are scammers stealing billions in crypto? We sat down with @CrystalPlatform CEO Navin Gupta as he breaks down the psychology, AI-powered tactics, and the #1 mindset shift that could prevent most fraud. #CryptoScam #Deepfake https://t.co/9WQQvGSuED — Cryptonews.com (@cryptonews) June 24, 2025 AI-powered personalization also enables attackers to craft convincing messages using leaked data and behavioral profiling, making detection increasingly difficult for victims. Protection strategies include verifying all communications through official channels, avoiding email-based software downloads, and implementing hardware security keys instead of SMS-based two-factor authentication. Gupta particularly advised to “ assume every unsolicited message is a potential attack. That mental shift alone filters out 80% of threat vectors. If someone reaches out with urgency, secrecy, or flattery — stop. Your best defense is deliberate doubt. ” Users are urged to bookmark legitimate websites rather than relying on search engines and remain skeptical of unsolicited communications claiming urgent security updates. The post Blockstream Issues Alert Over Fake Email Phishing Campaign Targeting Hardware Wallet Users appeared first on Cryptonews .