Crypto Investor Loses $6.9 Million To Sketchy Cold Wallet

A crypto user has reportedly lost nearly $7 million in crypto after buying a discounted cold wallet through the Chinese version of TikTok, Douyin, which turned out to be compromised. 

Blockchain security firm SlowMist said in a X post on Saturday that the “private key was compromised at creation” and the user’s funds were “drained within hours” from the compromised cold wallet. 

Nabbing a bargain cold wallet might seem like a good way to save money, but SlowMist said cold wallets advertised as “factory sealed” or “discounted” have often been tampered with, and the reduced price is a way to lure in victims.

Douyin has an e-commerce feature, the Douyin Shop, which allows third-party sellers to offer various products. 

Crypto “washed away” in only a few hours 

An X user under the handle Hella, a former team member working under Jihan Wu, the co-founder of Bitcoin mining equipment manufacturer Bitmain, said the victim was a close friend who rang late at night in a phone call that “gave me chills.” 

Hella said the wallet was “a carefully designed hot trap,” and the stolen crypto was “washed away through Huiwang within a few hours,” according to a Google translation of the Saturday post to X.  

Huiwang, also known as the Huione Group, is a Cambodian conglomerate that operates a network of illicit businesses, which includes payment service platform Huione Pay PLC, the crypto exchange Huione Crypto and darknet marketplace Haowang Guarantee.

“When buying a cold wallet, you must choose a reliable channel. Most of the ones on the internet are fake,” Hella said. 

Stolen funds can’t be recovered 

SlowMist managed to track the stolen funds down, but Hella said there was “little hope of recovering” them from the thieves. 

SlowMist’s chief information security officer, under the X handle 23pds, said in a post translated by Google this case is an important reminder not to “gamble your entire fortune on a wallet that’s a few hundred bucks cheaper,” because ultimately, it’s not “saving money, it’s throwing your life away.”

23pds added that these types of scams can be more difficult to prevent because the devices are shipped by third parties, and the people shipping or packing the devices are often not aware that it’s part of a scammer’s plot.

Related: $2B lost to crypto hacks in Q1 2025, $1.63B from access control flaws

Scammers can pre-load devices with malware too 

Meanwhile, on May 19, a Chinese printer manufacturer was accused of distributing crypto-stealing malware alongside its official drivers, which resulted in over $953,000 in Bitcoin (BTC) being stolen.

Cybersecurity firm Kaspersky also said on April 1 that it uncovered thousands of counterfeit Android smartphones sold online with preinstalled malware designed to steal crypto and other sensitive data. 

Magazine: Coinbase hack shows the law probably won’t protect you: Here’s why