Security researchers have discovered that Chinese e-commerce platforms are selling counterfeit Ledger hardware wallets.

According to ME News, on April 17 (UTC+8), a Brazilian security researcher warned that a Ledger Nano S Plus device he purchased from a Chinese e-commerce platform was a sophisticated counterfeit designed to steal users' crypto assets. The device was priced the same as the official store, and the packaging and product page appeared legitimate, but it failed the "authentication verification" after connecting to the official Ledger Live app. Disassembly revealed that the device's hardware and firmware had been tampered with, including embedded WiFi and Bluetooth antennas, and the chip markings had been scratched off. Researcher analysis of the firmware showed that the device, upon startup, displayed the manufacturer as Shanghai-listed Espressif Systems. The researcher advised users to only download LedgerLive from ledger.com, only purchase hardware from ledger.com, and to immediately stop using the device if it failed the authenticity verification. Earlier this month, more than 50 victims had lost a total of $9.5 million due to the leakage of seed phrase by fake Ledger Live apps listed on the Apple App Store. (Source: ME)