Glossary

Supply-Chain Attack

1 min read

A supply-chain attack in the Bitcoin ecosystem occurs when cybercriminals compromise hardware wallets or other critical tools in order to distribute malicious code. Instead of targeting bitcoin holders directly, attackers infiltrate upstream components so that infected wallets, firmware, or updates appear legitimate while secretly exposing users’ private keys or funds.

These attacks are particularly dangerous in bitcoin because users often rely on external providers for wallets, hardware devices, libraries, and node software. A compromised update or tampered device can impact thousands of users at once.

Preventing supply-chain attacks requires purchasing hardware wallets directly from reputable manufacturers, using open-source or audited tools, and updating from trusted channels. Bitcoin users can further protect themselves by avoiding unofficial downloads and maintaining strict key-management practices to mitigate risks from compromised upstream providers.

Related Terms
Fake Wallets
Fake Bitcoin wallets mimic real apps to steal seed phrases and user funds. Learn how these scams work, how to spot a fake wallet, and how to protect your Bitcoin from fraud.
Learn more.
SIM Swap
A SIM swap lets attackers hijack your phone number to access bitcoin accounts and bypass SMS 2FA. Learn how SIM swaps work and how to protect your bitcoin from phone-based identity theft.
Learn more.
Malware
Malware targeting bitcoin steals private keys, alters transactions, and compromises wallet security.
Learn more.
Explore More Terms