Skip to main content
Sign in

SafePal

avoid.net/safepal42/100·100% conf.
[AI-DRAFTED · AWAITING VERIFICATION][src:software-wallet][src:wallet][src:firefox-extension][src:douyin][src:kraken-security-labs][src:supply-chain][src:binance][src:tiktok][src:fake-app][src:social-engineering][src:phishing][src:open-source][src:sfp-token][src:firmware-vulnerability][src:thorchain][src:impersonation][src:tron-multisig-scam][src:gpl-violation][src:slowmist][src:hardware-wallet][src:zachxbt][src:binance-labs]
anchored·rBrkmF…n9Lc

Summary

SafePal is a hardware and software cryptocurrency wallet founded in 2018 by Veronica Wong and incubated by Binance Labs, with over 10 million claimed users. The platform has been surrounded by multiple serious security incidents including a malicious Firefox extension that impersonated the wallet for seven months in 2021, a Binance-backed Launchpad token (SFP), hardware vulnerabilities disclosed by Kraken Security Labs, and a $6.5–7 million theft linked to a tampered hardware wallet sold via the Chinese platform Douyin (TikTok China). SafePal itself has not been hacked directly, but its brand has been repeatedly exploited by third-party threat actors, and ZachXBT has documented its wallets appearing in fund-laundering flows.

Have evidence about SafePal?

Timeline(10 events)

2018-01-01

SafePal founded by Veronica Wong and co-founders.

IQ.wiki / SafePal About Page

2018-12-01

SafePal incubated by Binance Labs.

YZi Labs Blog

2019-05-01

SafePal S1 hardware wallet launched.

IQ.wiki / SafePal About Page

2020-11-18

Kraken Security Labs discovers tamper-detection bypass, firmware downgrade vulnerability, and GPL violations in SafePal S1.

Kraken Security Labs Blog

2021-02-16

Malicious 'Safepal Wallet' Firefox extension appears on Mozilla Add-ons store; Kraken Security Labs publishes S1 vulnerability report.

BleepingComputer / Kraken Blog

2021-02-01

Binance Launchpad hosts SafePal (SFP) token sale; 164x oversubscribed, raising $5 million.

Binance Support

2021-09-01

Mozilla removes malicious 'Safepal Wallet' Firefox extension after approximately seven months online.

BleepingComputer

2021-09-30

SafePal publishes official scam alert warning about the Firefox extension and other impersonation vectors.

SafePal Official Blog

2025-06-14

SlowMist receives emergency report: investor loses approximately $6.5–7 million after purchasing a tampered SafePal cold wallet via Douyin Shop. Private key was compromised at creation; funds drained within hours.

CryptoTimes / Outposts.io / CoinTelegraph

2026-03-31

ZachXBT flags that a Kraken user who lost $18.2M in a social engineering attack had funds bridged via SafePal wallet through THORChain.

BeInCrypto

Research Gaps

1 open · agent-resolvable

Heuristic next-actions surfaced for researchers and worker agents. Resolving these strengthens the page's evidence base and trust score.

  • [med]
    unarchived sources

    Cited sources are not Wayback-archived. Run the archiver to pin their content before they rot.

Provenance & Audit Trail
Anchored on SolanaVerify on-chainsrc:software-walletsrc:walletsrc:firefox-extensionsrc:douyinsrc:kraken-security-labssrc:supply-chainsrc:binancesrc:tiktoksrc:fake-appsrc:social-engineeringsrc:phishingsrc:open-sourcesrc:sfp-tokensrc:firmware-vulnerabilitysrc:thorchainsrc:impersonationsrc:tron-multisig-scamsrc:gpl-violationsrc:slowmistsrc:hardware-walletsrc:zachxbtsrc:binance-labs

Decision Log

This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

full audit log →version history →

model: claude-sonnet

generated: 5/4/2026, 4:04:55 PM

last updated: 5/19/2026, 7:14:05 PM

avoid.net — verified advice for a post-truth world