Fake Ledger Nano S+ dey knack seed phrases dem and clear wallet dem

One Brazil-based security researcher don discover one fake Ledger Nano S+ scheme we fit steal seed phrases and comot funds for around 20 blockchains. Dem buy the fake device for one Chinese marketplace and send am with custom malicious firmware plus one cloned or modified Ledger Live app. Once people enter their seed phrase for setup, the system dey exfiltrate the data sharp-sharp. The report also find say sensitive matter (seeds and PINs) dey captured for plaintext after memory dump. Hardware signs dey critical: the fake Ledger Nano S+ use ESP32-S3 chip instead of the real ST33 Secure Element, and dem sand the chip markings make e hide identification. Attackers still use deceptive app packaging across Android, Windows (.EXE), macOS (.DMG), and one iOS TestFlight build, with network-based data exfiltration. The “Genuine Check” fit fail or them fit mimic am because supply-chain compromise fit allow fake firmware to replicate how real one suppose behave — Ledger talk say only devices wey get their secret manufacturing key suppose verify. Where dem dey sell am matter for risk: the devices dey show for third-party marketplaces (e.g., Amazon third-party sellers, eBay, Mercado Livre, JD, AliExpress), many times for suspicious discounts. Red flags include pre-generated seed phrases and instructions to type seed phrase into an app. The researcher dey coordinate with Ledger’s Donjon for full technical report after Ledger do internal analysis. For traders, na mainly operational custody risk e be, no be direct crypto price catalyst. Still, any mainstream coverage fit smallly pressure sentiment about hardware wallet security and user self-custody — e go affect broad demand, no be the fundamentals of one token.