SlowMist’s chief information security officer emphasized the importance of avoiding risky decisions with crypto storage, warning users not to stake their entire fortune on a wallet that merely saves a few hundred dollars.
A crypto user reportedly suffered a loss of nearly $7 million after purchasing a discounted cold wallet via Douyin, the Chinese counterpart of TikTok. Attackers used the wallet—later discovered to be compromised—to siphon the user’s funds shortly after setup.
In an X post on Saturday, blockchain security firm SlowMist revealed that someone had already compromised the private key during the wallet’s creation, which led to draining the user’s funds within hours of activation.
Buying a cold wallet at a discounted price may seem economical, but SlowMist warned that scammers often alter wallets marketed as “factory sealed” or “on sale.” They use the lower price as bait to lure unsuspecting buyers.
Douyin features an e-commerce platform called Douyin Shop, where third-party vendors list and sell a wide range of products.
Crypto Laundered Within Hours
An X user named Hella, a former colleague of Jihan Wu—the co-founder of crypto mining giant Bitmain—shared that the victim was a close friend who called late at night in a conversation that “sent chills down my spine.”
According to a Google-translated X post shared on Saturday, Hella described the wallet as “a meticulously crafted hot trap” and noted that scammers funneled the stolen cryptocurrency through Huiwang, causing it to vanish within a few hours.
Huiwang, also referred to as the Huione Group, is a Cambodia-based conglomerate tied to a network of illegal operations. These include the payment service Huione Pay PLC, the digital asset exchange Huione Crypto, and the darknet marketplace Haowang Guarantee.
Hella warned that buyers should purchase cold wallets only from trusted sources, noting that most wallets found online are counterfeit.
Stolen Funds Likely Lost Forever
SlowMist successfully traced the stolen assets, but Hella noted that there was “minimal chance of retrieving” them from the perpetrators.
SlowMist’s chief information security officer, known on X as 23pds, stated in a Google-translated post that this incident serves as a critical warning against risking one’s entire fortune on a wallet that’s slightly cheaper. He stressed that such decisions don’t save money but instead amount to “throwing your life away.”
23pds added that preventing these kinds of scams can be more challenging since third parties handle the shipping of the devices, and those involved in packaging or delivering them are often unaware they are participating in a scammer’s scheme.
Scammers Can Also Pre-Install Malware on Devices
Meanwhile, on May 19, authorities accused a Chinese printer manufacturer of embedding crypto-stealing malware within its official driver software, which led to the theft of over $953,000 worth of Bitcoin.
On April 1, cybersecurity company Kaspersky reported that it had uncovered thousands of fake Android smartphones sold online, preloaded with malware intended to steal cryptocurrency and other confidential information.
