7 Ways Your Crypto Hardware Wallet May Be Hacked

Ensuring that your assets are secure is vitally important when you own cryptocurrency, as you aren’t relying on a third party to safe keep your funds. And while a hardware wallet is the safest way to secure your assets, it does not make you totally immune to hacking. There are rare occasions in which your hardware wallet may be hacked or exploited if you are not following safety best practices. It is for this reason we have highlighted with you below 7 ways in which your crypto hardware wallet may be hacked, so you can be aware of what to look out for.


An email arrives in your inbox, seemingly from your wallet manufacturer asking for information. The email looks completely legitimate, but it is not! Hackers make phishing emails that look identical to legitimate manufacturer emails, using the same formats, designs and logos which makes it difficult to identify if you are quickly scanning through your emails.

Please ensure you double check and verify the web URLs and email addresses, and look out for unusual spelling and accents within the names. 

Coinstop and any of our manufacturing partners will NEVER ask for your recovery phrase. Do NOT share your recovery phrase with anyone.

For reference, our official addresses are:





Hackers have been known to replace the top results in search engines with links to their websites. Without realising, you may click on the first results from your preferred search engine, only to be redirected to the hackers site. For this reason, we recommend you confirm the URLs of the sites you are visiting. A good practice to get in the habit of is bookmarking verified sites that you normally need to input sensitive information, and only access them via that bookmarked link. 


A more elaborate technique involves hackers changing an URL when you type it in the browser address bar. You start typing the URL, it gets changed to a different one (a scam website), and you’re suddenly led to a different, but seemingly identical website. The site may look completely identical to the one you intended to access so you may not realize you’re dealing with a scam page until it is too late.


Be careful with browser extensions! There are some that offer to improve your experience when on trading websites, when really they are recording everything you type in regards to your wallet. Before installing, double check it is safe to use and you are obtaining the extension through official channels.


A fake security warning relating to your wallet may be sent to you. You unsuspectingly press on the URL in the warning, give away your private key and other wallet information, and suddenly someone has access to your wallet.


It’s not unusual for services to rely on SMS 2FA (two-factor-authentication) for an extra layer of security for users. However, hackers have found ways to intercept the SMS 2FA, gaining access to the code. This could then grant them access to various accounts, including that of Coinbase. Instead of using SMS 2FA, use something like the Google Authenticator app or even your hardware wallet.


Security protocol for WiFi routers can be taken advantage of to allow hackers to see data going through your WiFi network. Public WiFi (airport, cafe, station, etc.) users are particularly vulnerable to this, so we recommend only accessing important sites from your private home network.

If you would like further one-on-one support, we offer in-depth remote consultations. You can book here