Blockstream has issued a new warning to Jade hardware wallet users, notifying them about a new phishing scam that sends fake emails with claims of a firmware update. According to the company, it never shares firmware through email, confirming that no user data was compromised.
Blockstream posted the alert to its followers and the general public on X, urging users to watch out for fake messages. The company said official firmware updates are only on its GitHub page and website.
Blockstream denies sending update emails to users
Hackers have been sending fake emails to users of Blockstream’s Jade hardware wallet, pretending to be the company. The scammers also announced a new firmware update that even cited version numbers with download links. Blockstream said it looked into the issue and issued warnings to its users. According to the company, its technology is still safe, and the attacks did not compromise any Jade devices.
Blockstream also told users to download its updates only through Blockchain’s official website or GitHub repository because it never sends them out through email. The platform also advised users on how to protect themselves from similar scams in the future. They said phishing attacks only work because exploiting human behavior is easier than infiltrating devices.
The platform asked users to ignore suspicious messages, even if they look professional, and verify the source through trusted channels. If anyone clicks on a link without being 100% sure, just because it looks real, the attacker succeeds, even if the hardware is foolproof. Blockchain announced the launch of Jade in 2021 for around $65 as an entry-level hardware wallet.
According to reports, the device was more affordable than most advanced cold storage devices and could compete with products such as Ledger and Trezor. Due to this, attackers knew the easiest way to bypass the device’s protection was by going after the owners themselves.
Scams and hacks made away with more than $3.1 billion in the first half of 2025, according to security company Hacken, and that figure exceeds the total amount lost in 2024. Big hacks, in which Orbit Bridge lost $305 million to hackers in April or where Kraken was hit for $110 million in June, show that the attacks also target established companies and platforms. As recently reported by Cryptopolitan, August crypto hacks and exploits increased, but the report did not disclose the total scale of losses.
