Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Blockstream has released an urgent security notification alerting users about a sophisticated phishing scheme aimed at Jade hardware wallet owners via counterfeit firmware update emails.
The firm confirmed that no data has been compromised but stressed that it does not send firmware files through email communications.
Bitcoin developer Jimmy Song was the first to report the fraudulent emails, which purport to provide Jade firmware updates while misleading users into downloading files from dubious domains.
You should inform people about this phishing email. I suspect the firmware redirects funds to another address. @adam3us @Blockstream pic.twitter.com/DZNkTjsQiC
— Jimmy Song (송재준) (@jimmysong) September 12, 2025
The deceptive emails seem to come from unrelated sources, such as restaurant managers, raising concerns about how attackers acquired user email addresses.
This warning arrives amid a significant rise in crypto phishing attacks, with losses in August totaling $12 million, impacting over 15,000 victims, marking a 67% increase from July.
Source: X/@realScamSniffer
The first half of 2025 saw total losses from crypto crime surpass $3.1 billion, with phishing scams responsible for $410 million across 132 distinct attacks.
Sophisticated Email Campaign Exploits Hardware Wallet Trust
The fraudulent emails impersonate legitimate Blockstream communications, urging users to download firmware updates by clicking on harmful links.
Security experts caution that the counterfeit firmware likely reroutes funds to addresses controlled by the attackers once installed on hardware devices.
Blockstream expressed gratitude to Jimmy Song for the initial warning and reiterated its stance of never distributing firmware via email channels.
The company advised users to follow the official Twitter accounts @Blockstream and @BlockstreamJade for authentic updates and communications.
Phishing Alert
We’ve been informed of fake emails claiming a “Jade firmware update.”
1⃣ This was not sent from Blockstream.
2⃣ Blockstream will never email you firmware files.
3⃣ No data has been compromised.
Don’t Trust. Verify.
Please follow @Blockstream and… pic.twitter.com/59ymAZ6NDB— Blockstream (@Blockstream) September 12, 2025
Phishing Alert Community members pointed out discrepancies within the scam emails, such as inconsistent version numbers and dubious sender domains.
One particularly alarming instance showed emails appearing to come from the “General Manager of Adelphia Restaurant,” directing downloads from “getbento.com” domains.
The targeting of hardware wallet users signifies a notable advancement in phishing tactics.
Hardware wallets typically offer greater security compared to software alternatives, making their compromise especially detrimental to user funds and trust.
The exact method by which attackers acquired user email addresses remains uncertain, with community members speculating about possible data breaches or social engineering tactics.
Related Posts
Blockstream has not revealed the source of the email leak or provided information regarding affected user databases.
How do they know your users’ email?
— Masunobom (@masunobom) September 12, 2025
Crypto Crime Reaches Record Levels Amid Advanced Attack Methods
August 2025 marked the second-highest monthly total for crypto crime this year, with $310 million stolen across various exploits, according to CertiK research.
Phishing incidents accounted for the majority of losses at $293 million, including two significant attacks that stole $238 million in Bitcoin and $55 million in DAI stablecoin.
More concerning, a new cross-platform malware, named ModStealer, was discovered just yesterday.
This advanced malware targets 56 browser-based wallet extensions across Windows, macOS, and Linux systems while evading conventional antivirus detection through JavaScript-based distribution techniques.
The malware is disseminated through a fraudulent job recruitment advertisement campaign, similar to this phishing operation, targeting victims on a broad scale.
Notably, North Korean state-sponsored groups have been implicated in a significant portion of these criminal activities, resulting in $1.6 billion in losses, which accounts for 70% of the total losses in H1 2025.
The infamous Lazarus group executed the largest single hack in crypto history, stealing $1.46 billion from Bybit in February.
Infrastructure attacks have dominated the threat landscape, representing over 80% of stolen funds through private key compromises and front-end exploits.
These attacks were, on average, ten times larger than protocol-based vulnerabilities, with social engineering and insider access frequently facilitating massive breaches.
In an interview with Cryptonews, Crystal CEO Navin Gupta cautions that modern scammers leverage psychological manipulation through tactics that include urgency, authority, and familiarity.
How are scammers stealing billions in crypto? We sat down with @CrystalPlatform CEO Navin Gupta as he breaks down the psychology, AI-powered tactics, and the #1 mindset shift that could prevent most fraud.#CryptoScam #Deepfakehttps://t.co/9WQQvGSuED
— Cryptonews.com (@cryptonews) June 24, 2025
How are scammers stealing billions in crypto? We sat down with @CrystalPlatform CEO Navin Gupta as he breaks down the psychology, AI-powered tactics, and the #1 mindset shift that could prevent most fraud.#CryptoScam #Deepfakehttps://t.co/9WQQvGSuEDAI-driven personalization also allows attackers to create convincing messages using leaked data and behavioral profiling, making detection increasingly challenging for victims.
Protection strategies include verifying all communications through official channels, refraining from email-based software downloads, and utilizing hardware security keys instead of SMS-based two-factor authentication.
Gupta specifically advised to “assume every unsolicited message is a potential attack. That mental shift alone filters out 80% of threat vectors. If someone reaches out with urgency, secrecy, or flattery — stop. Your best defense is deliberate doubt.”
Users are encouraged to bookmark legitimate websites rather than depending on search engines and to remain cautious of unsolicited communications claiming urgent security updates.
The post Blockstream Issues Alert Over Fake Email Phishing Campaign Targeting Hardware Wallet Users appeared first on Cryptonews.
