Blockstream has issued an urgent warning to users of its Jade hardware wallet about a sophisticated phishing campaign that began targeting customers in August 2025. The scam involves fraudulent emails that impersonate Blockstream's security team, falsely claiming to offer critical firmware updates for the Jade wallet.
The company emphasized that genuine firmware updates are never distributed via email and are only available through official channels: Blockstream's website (blockstream.com) or their GitHub repository. "We do not send firmware files via email. If you received such an email, do not click any links. Only download Jade updates from blockstream.com or our GitHub," stated Blockstream's official communication.
This incident highlights the persistent vulnerability of cryptocurrency holders to social engineering attacks, with phishing scams becoming increasingly sophisticated. According to security firm Scam Sniffer, phishing scams drained $12 million from investors in August 2025 alone, affecting over 15,000 victims—a 67% increase from July. Hacken estimated total crypto scams and hacks reached $3.1 billion in just the first half of 2025, already surpassing the full-year total of $1.8 billion reported by CertiK for 2024.
The Jade wallet, launched in 2021 and priced around $65, competes with Ledger and Trezor as an entry-level cold storage solution. Blockstream confirmed that no customer data has been compromised and no Jade devices have been affected by this specific campaign. The company continues to monitor the situation and advises users to verify URLs, bookmark official websites, and avoid email-based links for updates.
BTC
HYPE