Blockstream issued an urgent security alert that warns users about a sophisticated Phishing campaign addressed to Jade hardware wallet owners through false electronic emails for firmware update.
The company confirmed that data was not committed, but emphasized that it never sends firmware files through email communications.
Bitcoin developer Jimmy Song first reported the malicious emails, which claim to offer Jade firmware updates while leading users to download suspicious domain files.
Electronic scam emails seem to originate in unrelated entities such as restaurant managers, asking questions about how attackers obtained user email addresses.
The warning occurs when cryptographic phishing attacks increase dramatically, with the losses of August that reach $ 12 million, affecting more than 15,000 victims, an increase of 67% as of July.
The first half of 2025 saw that total losses of cryptographic crimes exceed $ 3.1 billion, with phishing scams that represent $ 410 million in 132 separate attacks.
Sophisticated email campaign Hardware Wallet Trust
Fraudulent emails are based on legitimate communications from blockstream, instructing users to download firmware updates by clicking malicious links.
Security experts warn that the false firmware probably redirects the funds to the addresses controlled by the attackers once installed in hardware devices.
Blockstream thanked Jimmy Song for the initial alert and reiterated his policy to never distribute firmware through email channels.
The company ordered users to follow the official Twitter accounts @blockstream and @blockstreamjade for updates and verified communications.
Phishing alert
We have been aware of the false emails that claim a “jade firmware update”.
1⃣ This was not sent from blockstream.
2⃣ Blockstream will never send an email to firmware files.
3⃣ No data have been committed.
Do not trust. Verify.
Please continue @Blockstream and… pic.twitter.com/59ymaz6ndb– Blockstream (@blockstream) September 12, 2025
Community members noticed inconsistencies within the emails of fraud, including non -coincident version numbers and suspicious sender domains.
A particularly worrying example showed electronic emails originated from “General Manager of Adelphia Restaurant” that directs downloads of the domains “getbento.com”.
The orientation of hardware wallet users represents a significant escalation in Phishing sophistication.
Hardware wallets traditionally provide improved security compared to software alternatives, which makes your commitment particularly harmful to the funds and user’s confidence.
The precise mechanism by which the attackers obtained email addresses from users still are not clear, and community members question possible data infractions or social engineering campaigns.
Blockstream has not revealed the email filtration source or has provided details about the databases of affected users.
Crypto Crime reaches record levels in the midst of advanced attack methods
August 2025 registered the second total monthly cryptocurrencies this year, with $ 310 million stolen in several exploits, according to Certik Research.
Phish incidents dominated losses at $ 293 million, including two mass attacks that robbed $ 238 million in Bitcoin and $ 55 million in Dai Stablecoin.
It was discovered more disturbing, just yesterday, a new multiplatform malware was discovered, called Modstealer.
This sophisticated malware is aimed at 56 wallet extensions based on the browser in Windows, Macos and Linux systems while evading the detection of traditional antivirus through JavaScript -based distribution methods.
Malware is distributed through an advertising campaign as a false work recruiter, similar to this Phishing campaign, aimed at large -scale victims.
In particular, groups sponsored by the state of North Korea were involved in a large part of these criminal activities, which resulted in losses of $ 1.6 billion, which represents 70% of the total losses in H1 2025.
The notorious Lázaro group made the largest hack in the history of Crypto, stealing $ 1.46 billion bybit in February.
Infrastructure attacks dominated the threat panorama, representing more than 80% of stolen funds through private key commitments and front-end exploits.
These attacks averaged ten times larger than protocol -based vulnerabilities, with social engineering and internal access that allow massive infractions.
In an interview with Cryptonews, CEO of Crystal, Navin Gupta, warns that modern scammers exploit psychological manipulation through tactics that include urgency, authority and familiarity.
How are they stealing billions to cryptography scammers? We sat down with @Crystalplaform The CEO Navin Gupta, while breaking psychology, the tactics of AI and the change of mentality #1 that could avoid most fraud.#Cryptoscam #Deepfakehttps://t.co/9wqqvgsue – Cryptonews.com (@cryptonews) June 24, 2025
Personalization with AI also allows attackers to create convincing messages using filtered data and behavior profiles, which makes the detection more and more difficult for victims.
Protection strategies include verifying all communications through official channels, avoiding email -based software discharges and implementing hardware safety keys instead of authentication of two SMS based on SMS.
GUPTA specially advised “Assume that each unreasonable message is a potential attack. That mental change only filters 80% of threat vectors. If someone communicates urgently, secret or adulation, stop. Your best defense is deliberate doubt.“
Users are urged to mark legitimate websites instead of relying on search engines and remains skeptical of unrelated communications that claim urgent safety updates.
The post blockstream alert on the alert of the false email phishing campaign aimed at hardware wallet users first appeared in Cryptonews.