ZachXBT Calls Hardware Wallets “Garbage,” Targets Ledger Over Frequent Updates
On-chain investigator ZachXBT said current hardware wallets are unsuitable for “critical” crypto use, calling them “complete garbage” in a Telegram post. He argued users should not rely on hardware wallets for important transaction signing or to store large balances. Instead, ZachXBT suggested an operational setup using a dedicated iPhone used only for crypto.
ZachXBT’s strongest criticism was aimed at Ledger, naming the company “the worst.” He claimed frequent updates to Ledger Live can “break simple actions,” citing issues with UI/app updates. The post does not present evidence of a new breach or compromise of private-key protections.
Ledger responded by rebranding Ledger Live as “Ledger Wallet.” Ledger said Ledger Wallet v4.8.0 (June 11) included security improvements, interface changes and bug fixes, and it continues to promote hardware-based signing to keep private keys isolated from internet-connected devices.
ZachXBT’s warning aligns with ongoing scam trends: attackers have repeatedly targeted hardware wallet owners via social engineering and fake applications rather than by breaking wallet cryptography. The article references:
- A January hardware wallet social-engineering incident where a victim lost $282M in BTC and LTC after attackers moved funds quickly and converted part into XMR.
- An April fake “Ledger Live” app on the Apple App Store that stole at least $9.5M from 50+ victims after users entered recovery phrases; Apple later removed the app.
Overall, the debate is about “hardware wallets” vs tighter device separation (a dedicated crypto-only phone). Either approach still leaves users exposed to phishing, fake apps, and recovery-phrase theft.
Neutral
ZachXBT’s criticism is likely to influence retail sentiment around hardware wallets, but the article provides no proof of a new Ledger security breach. In prior crypto incidents where fraud succeeded via fake apps and social engineering (e.g., wallet impersonation or recovery-phrase phishing), market impact was usually limited to user-level losses and short-lived attention spikes rather than broad systemic risk.
Short term, traders may see increased caution around “self-custody” tooling, watch for scam-related headlines, and slightly reduce willingness to recommend or rely on specific wallet brands. That can create minor, sentiment-driven volatility in narratives tied to security.
Long term, the debate may push users toward stronger operational security: device separation, stricter app verification, and safer recovery-phrase handling. Exchanges and wallet providers may also accelerate UX and verification improvements. Net effect: no direct fundamental hit to major assets’ cash flows or protocols is described, so the market read-through is mostly informational rather than macro.
Because the core theme is scam risk and operational hygiene—not a demonstrated cryptographic failure—the expected market impact is neutral.