Ledger Chief Technology Officer (CTO) Charles Guillemet recently warned cryptocurrency users about a new wave of major zero-click vulnerabilities. Guilmette called on cryptocurrency users to protect their assets by not leaving valuable information on their mobile phones.
State hackers go on rampage
Leisure CTO noticed Nation-states are purchasing zero-click vulnerabilities to monitor high-value targets and criminal organizations. They aim to steal high-value secrets such as cryptocurrency wallets.
A state-sponsored hacker group is reportedly using commercial spyware to compromise Signal, WhatsApp, and Telegram.
Once the spyware is installed, the attacker is given full access to the phone, including the crypto wallet app. So far, the targets have primarily been diplomats and officials from the United States, Europe and the Middle East.
However, these tools are becoming more widespread among buyers, and the method is becoming commercialized.
These zero-click vulnerabilities are purchased by nation states to spy on high-value targets and by criminal organizations to steal high-value secrets such as cryptocurrency wallets. Do not leave valuables on your mobile phone. https://t.co/nGQqykwIy3
— Charles Guilmet (@P3b7_) November 25, 2025
Most people store their cryptocurrencies in mobile wallets or browser extension wallets that sync with their phones. They use their phone to store the seed phrase in iCloud/Google backups and private keys.
So if a nation-state or a well-funded criminal group can silently take over a mobile phone with a zero-click exploit, they can see the seed phrase and private key the moment an individual opens their wallet app.
When this happens, they can deplete all wallets in seconds and the individual won’t notice until it’s gone.
of Leisure CTOTherefore, we are telling the cryptocurrency community that their mobile phones are now one of the most dangerous places to store large amounts of cryptocurrencies.
Security tips for cryptocurrency users
One reliable antidote to large holdings is to use cold wallets and hardware wallet storage without the use of an internet-connected phone or computer.
Just a few weeks ago Binance CEO Richard Teng appealed to users: of replacement to prioritize security updates. Teng advised Binance users to use authenticator apps, passkeys, security keys, and multi-validator verification to protect their accounts.
According to the Binance team, the authenticator app adds a second layer of login security with a time-based one-time password that changes every 30 seconds.
Across the Shiba Inu (SHIB) network, prominent community member Mazrael has shared an important security update. Mazrael Warning to SHIB community Bad actors are stepping up their efforts to drain the wallets of unsuspecting victims.
Mazrael also called on the Shiba Inu community to fight for what has been delivered, including ShibDAO and ShibIO. He explained that unscrupulous people are trying to sell fakes to take advantage of the Shiba Inu’s popularity.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
